kayobe/ansible/public-openrc.yml
Mark Goddard 1862e24bb5 Add variables for API VIP address and FQDN
Kayobe currently supports definition of various different networks -
public, internal, tunnel, etc. These typically map to a VLAN or flat
network, with an IP subnet. When a cloud exceeds the size of a single
VLAN/subnet, this approach no longer works.

One way to resolve this is to have multiple subnets that map to a single
logical network, and provide routing between them. This is a similar
concept to neutron's routed networks, but for the control plane.

An issue arising from this is that if different hosts can have different
network definitions for the internal and public networks, it is no
longer trivial to use a network attribute [1] to specify the VIP address
and FQDN. Furthermore, the play that generates Kolla Ansible's
globals.yml containing the VIP and FQDN variables runs as localhost,
which does not necessarily have the internal and public networks
defined.

To resolve this, we add global variables for the VIPs and FQDNs. The
default values are as before, except in the case where HAProxy is
disabled, which we no longer provide a useful default for. That
configuration is very rarely used in practice, and the need to reference
the IP address of a host in the network group makes it difficult to
define safely.

[1] https://docs.openstack.org/kayobe/latest/configuration/reference/network.html#global-network-configuration

Story: 2008180
Task: 40937

Change-Id: I2c428ffc2b285aee03d8f59ae7cd3fb7230ce4ae
2020-10-05 19:59:53 +00:00

17 lines
632 B
YAML

---
# Generate an environment file for interacting with the public OpenStack APIs
# as the admin user in the admin project.
- name: Ensure a public OpenStack API environment file exists
hosts: localhost
tags:
- public-openrc
vars:
public_api_proto: "{% if kolla_enable_tls_external | bool %}https{% else %}http{% endif %}"
public_api_host: "{{ kolla_external_fqdn }}"
public_api_keystone_port: 5000
roles:
- role: public-openrc
public_openrc_kolla_config_path: "{{ kolla_config_path }}"
public_openrc_auth_url: "{{ public_api_proto }}://{{ public_api_host }}:{{ public_api_keystone_port }}"