Separate the external network into external and public
Previously, the external network carried both public API traffic and neutron external network traffic. In some cases is it useful to separate these networks. The public network now carries the public API traffic, leaving the external network to carry neutron external network traffic alone. For backwards compatibility, the public network defaults to the external network.
This commit is contained in:
parent
e5cec6aed3
commit
1d9e8fc976
@ -3,4 +3,4 @@
|
||||
hosts: docker
|
||||
roles:
|
||||
- role: docker
|
||||
docker_daemon_mtu: "{{ external_net_name | net_mtu | default }}"
|
||||
docker_daemon_mtu: "{{ public_net_name | net_mtu | default }}"
|
||||
|
@ -15,6 +15,7 @@ controller_default_network_interfaces: >
|
||||
oob_wl_net_name,
|
||||
provision_wl_net_name,
|
||||
internal_net_name,
|
||||
public_net_name,
|
||||
external_net_name,
|
||||
storage_net_name,
|
||||
storage_mgmt_net_name] | unique | list }}
|
||||
|
@ -13,7 +13,7 @@ monitoring_bootstrap_user: "{{ controller_bootstrap_user }}"
|
||||
monitoring_default_network_interfaces: >
|
||||
{{ [provision_oc_net_name,
|
||||
internal_net_name,
|
||||
external_net_name] | unique | list }}
|
||||
public_net_name] | unique | list }}
|
||||
|
||||
# List of extra networks to which monitoring nodes are attached.
|
||||
monitoring_extra_network_interfaces: []
|
||||
|
@ -25,6 +25,9 @@ internal_net_name: 'internal_net'
|
||||
# to provide external network access via Neutron.
|
||||
external_net_name: 'external_net'
|
||||
|
||||
# Name of the network used to expose the public OpenStack API endpoints.
|
||||
public_net_name: "{{ external_net_name }}"
|
||||
|
||||
# Name of the network used to carry storage data traffic.
|
||||
storage_net_name: 'storage_net'
|
||||
|
||||
|
@ -33,23 +33,23 @@
|
||||
set_fact:
|
||||
kolla_internal_vip_address: "{{ internal_net_name | net_vip_address }}"
|
||||
kolla_internal_fqdn: "{{ internal_net_name | net_fqdn or internal_net_name | net_vip_address }}"
|
||||
kolla_external_vip_address: "{{ external_net_name | net_vip_address }}"
|
||||
kolla_external_fqdn: "{{ external_net_name | net_fqdn or external_net_name | net_vip_address }}"
|
||||
kolla_external_vip_address: "{{ public_net_name | net_vip_address }}"
|
||||
kolla_external_fqdn: "{{ public_net_name | net_fqdn or public_net_name | net_vip_address }}"
|
||||
when: "{{ kolla_enable_haproxy | bool }}"
|
||||
|
||||
- name: Set facts containing the VIP addresses and FQDNs
|
||||
set_fact:
|
||||
kolla_internal_vip_address: "{{ internal_net_name | net_ip(controller_host) }}"
|
||||
kolla_internal_fqdn: "{{ internal_net_name | net_ip(controller_host) }}"
|
||||
kolla_external_vip_address: "{{ external_net_name | net_ip(controller_host) }}"
|
||||
kolla_external_fqdn: "{{ external_net_name | net_ip(controller_host) }}"
|
||||
kolla_external_vip_address: "{{ public_net_name | net_ip(controller_host) }}"
|
||||
kolla_external_fqdn: "{{ public_net_name | net_ip(controller_host) }}"
|
||||
when:
|
||||
- "{{ not kolla_enable_haproxy | bool }}"
|
||||
|
||||
- name: Set facts containing the controller network interfaces
|
||||
set_fact:
|
||||
kolla_network_interface: "{{ internal_net_name | net_interface(controller_host) | replace('-', '_') }}"
|
||||
kolla_external_vip_interface: "{{ external_net_name | net_interface(controller_host) | replace('-', '_') }}"
|
||||
kolla_external_vip_interface: "{{ public_net_name | net_interface(controller_host) | replace('-', '_') }}"
|
||||
kolla_api_interface: "{{ internal_net_name | net_interface(controller_host) | replace('-', '_') }}"
|
||||
kolla_storage_interface: "{{ storage_net_name | net_interface(controller_host) | replace('-', '_') }}"
|
||||
kolla_cluster_interface: "{{ storage_mgmt_net_name | net_interface(controller_host) | replace('-', '_') }}"
|
||||
|
@ -5,10 +5,10 @@
|
||||
- name: Ensure a public OpenStack API environment file exists
|
||||
hosts: config-mgmt
|
||||
vars:
|
||||
external_api_proto: "{% if kolla_enable_tls_external | bool %}https{% else %}http{% endif %}"
|
||||
external_api_vip_address: "{{ external_net_name | net_vip_address }}"
|
||||
external_api_keystone_port: 5000
|
||||
public_api_proto: "{% if kolla_enable_tls_external | bool %}https{% else %}http{% endif %}"
|
||||
public_api_vip_address: "{{ public_net_name | net_vip_address }}"
|
||||
public_api_keystone_port: 5000
|
||||
roles:
|
||||
- role: public-openrc
|
||||
public_openrc_kolla_config_path: "{{ kolla_config_path }}"
|
||||
public_openrc_auth_url: "{{ external_api_proto }}://{{ external_api_vip_address }}:{{ external_api_keystone_port }}"
|
||||
public_openrc_auth_url: "{{ public_api_proto }}://{{ public_api_vip_address }}:{{ public_api_keystone_port }}"
|
||||
|
@ -44,6 +44,7 @@ provision_oc_net_name: aio
|
||||
oob_wl_net_name: aio
|
||||
provision_wl_net_name: aio
|
||||
internal_net_name: aio
|
||||
public_net_name: aio
|
||||
external_net_name: aio
|
||||
storage_net_name: aio
|
||||
storage_mgmt_net_name: aio
|
||||
|
@ -49,6 +49,8 @@ Workload provisioning network
|
||||
the bare metal compute hosts.
|
||||
Internal network
|
||||
The internal network hosts the internal and admin OpenStack API endpoints.
|
||||
Public network
|
||||
The public network hosts the public OpenStack API endpoints.
|
||||
External network
|
||||
The external network hosts the public OpenStack API endpoints and provides
|
||||
external network access for the hosts in the system.
|
||||
The external network provides external network access for the hosts in the
|
||||
system.
|
||||
|
@ -197,9 +197,10 @@ perform multiple roles, or even none at all. The available roles are:
|
||||
workload hosts.
|
||||
``internal_net_name``
|
||||
Name of the network used to expose the internal OpenStack API endpoints.
|
||||
``public_net_name``
|
||||
Name of the network used to expose the public OpenStack API endpoints.
|
||||
``external_net_name``
|
||||
Name of the network used to expose the external OpenStack API endpoints and
|
||||
to provide external network access via Neutron.
|
||||
Name of the network used to provide external network access via Neutron.
|
||||
``storage_net_name``
|
||||
Name of the network used to carry storage data traffic.
|
||||
``storage_mgmt_net_name``
|
||||
@ -262,6 +263,7 @@ We could describe such a network as follows:
|
||||
provision_oc_net_name: management
|
||||
provision_wl_net_name: cloud
|
||||
internal_net_name: cloud
|
||||
public_net_name: external
|
||||
external_net_name: external
|
||||
storage_net_name: cloud
|
||||
storage_mgmt_net_name: cloud
|
||||
|
@ -27,6 +27,9 @@
|
||||
# to provide external network access via Neutron.
|
||||
#external_net_name:
|
||||
|
||||
# Name of the network used to expose the public OpenStack API endpoints.
|
||||
#public_net_name:
|
||||
|
||||
# Name of the network used to carry storage data traffic.
|
||||
#storage_net_name:
|
||||
|
||||
|
@ -28,6 +28,7 @@ EOF
|
||||
provision_oc_net_name: 'the_net'
|
||||
provision_wl_net_name: 'the_net'
|
||||
internal_net_name: 'the_net'
|
||||
public_net_name: 'the_net'
|
||||
external_net_name: 'the_net'
|
||||
storage_net_name: 'the_net'
|
||||
storage_mgmt_net_name: 'the_net'
|
||||
|
Loading…
x
Reference in New Issue
Block a user