From 3233c1cbb3331beb0075ef0f342160cbbde55b0a Mon Sep 17 00:00:00 2001 From: Steve Baker Date: Thu, 24 Mar 2016 14:01:42 +1300 Subject: [PATCH] Types to create all networks for network-isolation The created public_net isn't used for anything at the moment so I've assumed that it maps to the overcloud external network. --- templates/baremetal-networks-all.yaml | 111 ++++++++++++++++++++++ templates/baremetal-ports-all.yaml | 114 +++++++++++++++++++++++ templates/baremetal-ports-default.yaml | 5 + templates/env.yaml.example | 6 ++ templates/quintupleo.yaml | 21 ++++- templates/virtual-baremetal-servers.yaml | 4 + templates/virtual-baremetal.yaml | 1 + 7 files changed, 257 insertions(+), 5 deletions(-) create mode 100644 templates/baremetal-networks-all.yaml create mode 100644 templates/baremetal-ports-all.yaml diff --git a/templates/baremetal-networks-all.yaml b/templates/baremetal-networks-all.yaml new file mode 100644 index 0000000..f7bb0c5 --- /dev/null +++ b/templates/baremetal-networks-all.yaml @@ -0,0 +1,111 @@ +heat_template_version: 2014-10-16 + +# Template which creates all networks required for full network isloation. + +parameters: + + overcloud_internal_net: + type: string + description: Name of internal API network + default: overcloud_internal_net + + overcloud_internal_net_cidr: + type: string + description: CIDR for internal API network subnet + default: 172.17.0.0/24 + + overcloud_storage_net: + type: string + description: Name of storage network + default: overcloud_storage_net + + overcloud_storage_net_cidr: + type: string + description: CIDR for storage network subnet + default: 172.18.0.0/24 + + overcloud_storage_mgmt_net: + type: string + description: Name of storage management network + default: overcloud_storage_mgmt_net + + overcloud_storage_mgmt_net_cidr: + type: string + description: CIDR for storage management network subnet + default: 172.19.0.0/24 + + overcloud_tenant_net: + type: string + description: Name of tenant network + default: overcloud_tenant_net + + overcloud_tenant_net_cidr: + type: string + description: CIDR for tenant network subnet + default: 172.16.0.0/24 + +resources: + + internal_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_internal_net} + + internal_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: internal_network} + name: {get_param: overcloud_internal_net} + cidr: {get_param: overcloud_internal_net_cidr} + gateway_ip: null + enable_dhcp: false + + storage_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_net} + + storage_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_network} + name: {get_param: overcloud_storage_net} + cidr: {get_param: overcloud_storage_net_cidr} + gateway_ip: null + enable_dhcp: false + + storage_mgmt_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_mgmt_net} + + storage_mgmt_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_mgmt_network} + name: {get_param: overcloud_storage_mgmt_net} + cidr: {get_param: overcloud_storage_mgmt_net_cidr} + gateway_ip: null + enable_dhcp: false + + tenant_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_tenant_net} + + tenant_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: tenant_network} + name: {get_param: overcloud_tenant_net} + cidr: {get_param: overcloud_tenant_net_cidr} + gateway_ip: null + enable_dhcp: false + +outputs: + networks: + value: + internal_net: {get_resource: internal_network} + storage_net: {get_resource: storage_network} + storage_mgmt_net: {get_resource: storage_mgmt_network} + tenant_net: {get_resource: tenant_network} diff --git a/templates/baremetal-ports-all.yaml b/templates/baremetal-ports-all.yaml new file mode 100644 index 0000000..9cb9ea1 --- /dev/null +++ b/templates/baremetal-ports-all.yaml @@ -0,0 +1,114 @@ +heat_template_version: 2014-10-16 + +parameters: + + baremetal_prefix: + type: string + + provision_net: + type: string + + public_net: + type: string + description: Name of external network + default: public + + suffix: + type: string + + overcloud_internal_net: + type: string + description: Name of internal API network + default: overcloud_internal_net + + overcloud_storage_net: + type: string + description: Name of storage network + default: overcloud_storage_net + + overcloud_storage_mgmt_net: + type: string + description: Name of storage management network + default: overcloud_storage_mgmt_net + + overcloud_tenant_net: + type: string + description: Name of tenant network + default: overcloud_tenant_net + +resources: + + provision_port: + type: OS::Neutron::Port + properties: + name: + list_join: + - '' + - - {get_param: baremetal_prefix} + - {get_param: suffix} + network: {get_param: provision_net} + + internal_port: + type: OS::Neutron::Port + properties: + name: + list_join: + - '' + - - internal_ + - {get_param: baremetal_prefix} + - {get_param: suffix} + network: {get_param: overcloud_internal_net} + + storage_port: + type: OS::Neutron::Port + properties: + name: + list_join: + - '' + - - storage_ + - {get_param: baremetal_prefix} + - {get_param: suffix} + network: {get_param: overcloud_storage_net} + + storage_mgmt_port: + type: OS::Neutron::Port + properties: + name: + list_join: + - '' + - - storage_mgmt_ + - {get_param: baremetal_prefix} + - {get_param: suffix} + network: {get_param: overcloud_storage_mgmt_net} + + tenant_port: + type: OS::Neutron::Port + properties: + name: + list_join: + - '' + - - tenant_ + - {get_param: baremetal_prefix} + - {get_param: suffix} + network: {get_param: overcloud_tenant_net} + + public_port: + type: OS::Neutron::Port + properties: + name: + list_join: + - '' + - - public_ + - {get_param: baremetal_prefix} + - {get_param: suffix} + network: {get_param: public_net} + +outputs: + ports: + value: + - {port: {get_resource: provision_port}} + - {port: {get_resource: public_port}} + - {port: {get_resource: internal_port}} + - {port: {get_resource: storage_port}} + - {port: {get_resource: storage_mgmt_port}} + - {port: {get_resource: tenant_port}} diff --git a/templates/baremetal-ports-default.yaml b/templates/baremetal-ports-default.yaml index 2e9b399..fd6ee0f 100644 --- a/templates/baremetal-ports-default.yaml +++ b/templates/baremetal-ports-default.yaml @@ -8,6 +8,11 @@ parameters: provision_net: type: string + public_net: + type: string + description: Name of external network + default: public + suffix: type: string diff --git a/templates/env.yaml.example b/templates/env.yaml.example index e099320..1679031 100644 --- a/templates/env.yaml.example +++ b/templates/env.yaml.example @@ -34,3 +34,9 @@ parameters: ## Uncomment the following to create a private network # OS::OVB::PrivateNetwork: templates/private-net-create.yaml + +## Uncomment to create all networks required for network-isolation. +## parameter_defaults should be used to override default parameter values +## in baremetal-networks-all.yaml +# OS::OVB::BaremetalNetworks: templates/baremetal-networks-all.yaml +# OS::OVB::BaremetalPorts: templates/baremetal-ports-all.yaml diff --git a/templates/quintupleo.yaml b/templates/quintupleo.yaml index eb6a80c..31248a9 100644 --- a/templates/quintupleo.yaml +++ b/templates/quintupleo.yaml @@ -45,10 +45,21 @@ parameters: type: string default: provision + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.0.2.0/24 + public_net: type: string + description: Name of the overcloud external network default: public + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + bmc_prefix: type: string default: bmc @@ -104,7 +115,7 @@ resources: properties: network: {get_resource: provision_network} name: provision-subnet - cidr: 192.0.2.0/24 + cidr: {get_param: provision_net_cidr} gateway_ip: null enable_dhcp: false @@ -117,8 +128,8 @@ resources: type: OS::Neutron::Subnet properties: network: {get_resource: public_network} - name: public-subnet - cidr: 10.0.0.0/24 + name: {get_param: public_net} + cidr: {get_param: public_net_cidr} gateway_ip: null enable_dhcp: false @@ -151,7 +162,7 @@ resources: undercloud_server: type: OS::Nova::Server - depends_on: provision_subnet + depends_on: [provision_subnet, public_subnet] properties: flavor: {get_param: undercloud_flavor} image: {get_param: undercloud_image} @@ -182,7 +193,7 @@ resources: baremetal_env: type: OS::OVB::BaremetalEnvironment - depends_on: provision_subnet + depends_on: [provision_subnet, public_subnet] properties: baremetal_flavor: {get_param: baremetal_flavor} baremetal_image: {get_param: baremetal_image} diff --git a/templates/virtual-baremetal-servers.yaml b/templates/virtual-baremetal-servers.yaml index e3348c2..8dea67f 100644 --- a/templates/virtual-baremetal-servers.yaml +++ b/templates/virtual-baremetal-servers.yaml @@ -17,6 +17,9 @@ parameters: provision_net: type: string + public_net: + type: string + suffix: type: string @@ -28,6 +31,7 @@ resources: suffix: {get_param: suffix} baremetal_prefix: {get_param: baremetal_prefix} provision_net: {get_param: provision_net} + public_net: {get_param: public_net} baremetal_server: type: OS::Nova::Server diff --git a/templates/virtual-baremetal.yaml b/templates/virtual-baremetal.yaml index 0cebf63..cf01c72 100644 --- a/templates/virtual-baremetal.yaml +++ b/templates/virtual-baremetal.yaml @@ -152,5 +152,6 @@ resources: baremetal_image: {get_param: baremetal_image} key_name: {get_param: key_name} provision_net: {get_param: provision_net} + public_net: {get_param: public_net} suffix: _%index% baremetal_prefix: {get_param: baremetal_prefix}