diff --git a/bin/environment-generator.py b/bin/environment-generator.py index a9fa784..2baf518 100644 --- a/bin/environment-generator.py +++ b/bin/environment-generator.py @@ -87,7 +87,7 @@ def _generate_environment(input_env, parent_env=None): param_names = [] sample_values = env.get('sample_values', {}) static_names = env.get('static', []) - for template_file, template_data in env['files'].items(): + for template_file, template_data in env.get('files', {}).items(): with open(template_file) as f: f_data = yaml.safe_load(f) f_params = f_data['parameters'] diff --git a/bin/install_openstackbmc.sh b/bin/install_openstackbmc.sh index 4d69a73..a1f10c1 100644 --- a/bin/install_openstackbmc.sh +++ b/bin/install_openstackbmc.sh @@ -5,7 +5,7 @@ set -x # install python2-crypto from EPEL # python-[nova|neutron]client are in a similar situation. They were renamed # in RDO to python2-* -required_packages="python-pip os-net-config git jq python2-os-client-config" +required_packages="python-pip os-net-config git jq python2-os-client-config python2-openstackclient" function have_packages() { for i in $required_packages; do @@ -59,12 +59,9 @@ print(yaml.safe_dump(clouds, default_flow_style=False))' > ~/.config/openstack/c rm -f /tmp/bmc-cloud-data export OS_CLOUD=host_cloud -# At some point neutronclient started returning a python list repr from this -# command instead of just the value. This sed will strip off the bits we -# don't care about without messing up the output from older clients. -private_subnet=$(neutron net-show -f value -c subnets $private_net | sed "s/\[u'\(.*\)'\]/\1/") -default_gw=$(neutron subnet-show $private_subnet -f value -c gateway_ip) -prefix_len=$(neutron subnet-show -f value -c cidr $private_subnet | awk -F / '{print $2}') +private_subnet=$(openstack network show -f value -c subnets $private_net) +default_gw=$(openstack subnet show -f value -c gateway_ip $private_subnet) +prefix_len=$(openstack subnet show -f value -c cidr $private_subnet | awk -F / '{print $2}') cache_status= if [ "$bmc_use_cache" != "False" ]; then cache_status="--cache-status" @@ -103,14 +100,9 @@ EOF for i in $(seq 1 $bm_node_count) do bm_port="$bm_prefix_$(($i-1))" - bm_instance=$(neutron port-show $bm_port -c device_id -f value) + bm_instance=$(openstack port show -c device_id -f value $bm_port) bmc_port="$bmc_prefix_$(($i-1))" - bmc_ip=$(neutron port-show $bmc_port -c fixed_ips -f value | jq -r .ip_address) - # Newer neutronclient requires explicit json output and a slightly - # different jq query - if [ -z "$bmc_ip" ]; then - bmc_ip=$(neutron port-show $bmc_port -c fixed_ips -f json | jq -r .fixed_ips[0].ip_address) - fi + bmc_ip=$(openstack port show -c fixed_ips -f value $bmc_port | awk -F \' '{print $2}') unit="openstack-bmc-$bm_port.service" cat </usr/lib/systemd/system/$unit @@ -144,6 +136,21 @@ do unit="openstack-bmc-$bm_port.service" systemctl enable $unit systemctl start $unit - systemctl status $unit done +sleep 5 + +for i in $(seq 1 $bm_node_count) +do + bm_port="$bm_prefix_$(($i-1))" + unit="openstack-bmc-$bm_port.service" + if ! systemctl status $unit + then + $signal_command --data-binary '{"status": "FAILURE"}' + echo "********** $unit failed to start **********" + exit 1 + fi +done + +$signal_command --data-binary '{"status": "SUCCESS"}' + diff --git a/bin/test-job b/bin/test-job index 840d6ae..aef6216 100755 --- a/bin/test-job +++ b/bin/test-job @@ -49,9 +49,9 @@ then fi echo 'resource_registry:' >> env.yaml echo ' OS::OVB::UndercloudFloating: templates/undercloud-floating.yaml' >> env.yaml -echo ' OS::OVB::BaremetalPorts: templates/baremetal-ports-default-port-security.yaml' >> env.yaml -echo ' OS::OVB::BMCPort: templates/bmc-port-port-security.yaml' >> env.yaml -echo ' OS::OVB::UndercloudPorts: templates/undercloud-ports-port-security.yaml' >> env.yaml +echo ' OS::OVB::BaremetalPorts: templates/baremetal-ports-default.yaml' >> env.yaml +echo ' OS::OVB::BMCPort: templates/bmc-port.yaml' >> env.yaml +echo ' OS::OVB::UndercloudPorts: templates/undercloud-ports.yaml' >> env.yaml echo ' OS::OVB::PrivateNetwork: templates/private-net-create.yaml' >> env.yaml cp -r $BIN_DIR ./bin diff --git a/bin/test-job-v2 b/bin/test-job-v2 index e7fa6e3..0e6d3c9 100755 --- a/bin/test-job-v2 +++ b/bin/test-job-v2 @@ -52,7 +52,7 @@ fi cp -r $BIN_DIR ./bin cp -r $BIN_DIR/../openstack_virtual_baremetal . STACK_NAME=$MY_ID -$BIN_DIR/deploy.py --quintupleo --id $MY_ID --name $STACK_NAME --poll -e env.yaml -e environments/create-private-network.yaml -e environments/all-networks-port-security.yaml +$BIN_DIR/deploy.py --quintupleo --id $MY_ID --name $STACK_NAME --poll -e env.yaml -e environments/create-private-network.yaml -e environments/all-networks.yaml UNDERCLOUD_IP=$(heat output-show $STACK_NAME undercloud_host_floating_ip | sed -e 's/"//g') bin/build-nodes-json --env env-$MY_ID.yaml --driver ipmi SSH_OPTS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=Verbose -o PasswordAuthentication=no -o ConnectionAttempts=32 " diff --git a/bond-network-templates/DEPRECATED b/bond-network-templates/DEPRECATED deleted file mode 100644 index f10f688..0000000 --- a/bond-network-templates/DEPRECATED +++ /dev/null @@ -1,3 +0,0 @@ -WARNING: This directory is deprecated and may be removed in the future. -A duplicate copy of these network templates can be found in the -overcloud-templates directory in a sub-directory with the same name as this one. diff --git a/bond-network-templates/README b/bond-network-templates/README deleted file mode 100644 index 189bfb5..0000000 --- a/bond-network-templates/README +++ /dev/null @@ -1,23 +0,0 @@ -Generated Network Isolation Templates -------------------------------------- -These templates were generated by the UI tool at -https://github.com/cybertron/tripleo-scripts#net-iso-genpy - -ui-settings.pickle is specific to the tool. TripleO will not use it when -doing deployments with these templates, but it is needed to be able to -load the templates into the UI again. Note that the UI only reads this file, -so any changes made by hand to the templates will not be reflected in the UI. - -The network-isolation.yaml file needs to reference the port files shipped with -tripleo-heat-templates, so by default the tool generates the paths assuming -network-isolation.yaml will be copied into the environments/ directory of -tripleo-heat-templates. - -If the standard tripleo-heat-templates are in use, then the -network-isolation-absolute.yaml file can be used instead. It has hard-coded -references to the port files in /usr/share/openstack-tripleo-heat-templates. - -If the generated network isolation templates are at ~/generated-templates, an -example deployment command would look like: - -openstack overcloud deploy --templates -e ~/generated-templates/network-isolation-absolute.yaml -e ~/generated-templates/network-environment.yaml diff --git a/bond-network-templates/network-environment.yaml b/bond-network-templates/network-environment.yaml deleted file mode 100644 index 3d81639..0000000 --- a/bond-network-templates/network-environment.yaml +++ /dev/null @@ -1,26 +0,0 @@ - -resource_registry: - OS::TripleO::BlockStorage::Net::SoftwareConfig: nic-configs/cinder-storage.yaml - OS::TripleO::Compute::Net::SoftwareConfig: nic-configs/compute.yaml - OS::TripleO::Controller::Net::SoftwareConfig: nic-configs/controller.yaml - OS::TripleO::ObjectStorage::Net::SoftwareConfig: nic-configs/swift-storage.yaml - OS::TripleO::CephStorage::Net::SoftwareConfig: nic-configs/ceph-storage.yaml - -parameter_defaults: - ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 - ExternalNetCidr: 10.0.0.0/24 - ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] - ExternalInterfaceDefaultRoute: 10.0.0.1 - NeutronExternalNetworkBridge: "''" - InternalApiNetCidr: 172.17.0.0/24 - InternalApiAllocationPools: [{"start": "172.17.0.10", "end": "172.17.0.250"}] - StorageNetCidr: 172.18.0.0/24 - StorageAllocationPools: [{"start": "172.18.0.10", "end": "172.18.0.250"}] - StorageMgmtNetCidr: 172.19.0.0/24 - StorageMgmtAllocationPools: [{"start": "172.19.0.10", "end": "172.19.0.250"}] - TenantNetCidr: 172.16.0.0/24 - TenantAllocationPools: [{"start": "172.16.0.10", "end": "172.16.0.250"}] - DnsServers: ["8.8.8.8", "8.8.4.4"] - BondInterfaceOvsOptions: bond_mode=balance-slb diff --git a/bond-network-templates/network-isolation-absolute.yaml b/bond-network-templates/network-isolation-absolute.yaml deleted file mode 100644 index 7fede9d..0000000 --- a/bond-network-templates/network-isolation-absolute.yaml +++ /dev/null @@ -1,28 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/vip.yaml - # External - OS::TripleO::Network::External: /usr/share/openstack-tripleo-heat-templates/network/external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml - OS::TripleO::Controller::Ports::ExternalPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml - # InternalApi - OS::TripleO::Network::InternalApi: /usr/share/openstack-tripleo-heat-templates/network/internal_api.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - OS::TripleO::Controller::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - OS::TripleO::Compute::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - # Storage - OS::TripleO::Network::Storage: /usr/share/openstack-tripleo-heat-templates/network/storage.yaml - OS::TripleO::Network::Ports::StorageVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::Controller::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::Compute::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::CephStorage::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: /usr/share/openstack-tripleo-heat-templates/network/storage_mgmt.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - # Tenant - OS::TripleO::Network::Tenant: /usr/share/openstack-tripleo-heat-templates/network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml diff --git a/bond-network-templates/network-isolation.yaml b/bond-network-templates/network-isolation.yaml deleted file mode 100644 index 2c18f2f..0000000 --- a/bond-network-templates/network-isolation.yaml +++ /dev/null @@ -1,28 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml - # External - OS::TripleO::Network::External: ../network/external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml - OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml - # InternalApi - OS::TripleO::Network::InternalApi: ../network/internal_api.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml - OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml - OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml - # Storage - OS::TripleO::Network::Storage: ../network/storage.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml - OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml - OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml - OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - # Tenant - OS::TripleO::Network::Tenant: ../network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: ../network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml diff --git a/bond-network-templates/nic-configs/ceph-storage.yaml b/bond-network-templates/nic-configs/ceph-storage.yaml deleted file mode 100644 index 5500ebc..0000000 --- a/bond-network-templates/nic-configs/ceph-storage.yaml +++ /dev/null @@ -1,119 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic6 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/nic-configs/cinder-storage.yaml b/bond-network-templates/nic-configs/cinder-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/bond-network-templates/nic-configs/cinder-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/nic-configs/compute.yaml b/bond-network-templates/nic-configs/compute.yaml deleted file mode 100644 index 3edec60..0000000 --- a/bond-network-templates/nic-configs/compute.yaml +++ /dev/null @@ -1,130 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic7 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/nic-configs/controller.yaml b/bond-network-templates/nic-configs/controller.yaml deleted file mode 100644 index b817058..0000000 --- a/bond-network-templates/nic-configs/controller.yaml +++ /dev/null @@ -1,156 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: ovs_bridge - name: br-ex - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ExternalInterfaceDefaultRoute} - members: - - type: ovs_bond - name: bond1 - ovs_options: {get_param: BondInterfaceOvsOptions} - members: - - type: interface - name: nic2 - mtu: 1350 - primary: true - - type: interface - name: nic3 - mtu: 1350 - primary: false - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic6 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic7 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/nic-configs/swift-storage.yaml b/bond-network-templates/nic-configs/swift-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/bond-network-templates/nic-configs/swift-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/ui-settings.pickle b/bond-network-templates/ui-settings.pickle deleted file mode 100644 index 74ec540..0000000 --- a/bond-network-templates/ui-settings.pickle +++ /dev/null @@ -1,699 +0,0 @@ -(dp0 -S'global_data' -p1 -(dp2 -S'control' -p3 -(dp4 -S'route' -p5 -V192.0.2.1 -p6 -sS'mask' -p7 -I24 -sS'ec2' -p8 -V192.0.2.1 -p9 -ssS'major' -p10 -I1 -sS'management' -p11 -(dp12 -S'start' -p13 -V172.20.0.10 -p14 -sS'cidr' -p15 -V172.20.0.0/24 -p16 -sS'vlan' -p17 -I6 -sS'end' -p18 -V172.20.0.250 -p19 -ssS'dns2' -p20 -V8.8.4.4 -p21 -sS'dns1' -p22 -V8.8.8.8 -p23 -sS'storage' -p24 -(dp25 -g13 -V172.18.0.10 -p26 -sg15 -V172.18.0.0/24 -p27 -sg17 -I3 -sg18 -V172.18.0.250 -p28 -ssS'auto_routes' -p29 -I01 -sS'bond_options' -p30 -Vbond_mode=balance-slb -p31 -sS'version' -p32 -I1 -sS'external' -p33 -(dp34 -S'bridge' -p35 -V'' -p36 -sg18 -V10.0.0.50 -p37 -sg17 -I1 -sg13 -V10.0.0.10 -p38 -sg15 -V10.0.0.0/24 -p39 -sS'gateway' -p40 -V10.0.0.1 -p41 -ssS'internal_api' -p42 -(dp43 -g13 -V172.17.0.10 -p44 -sg15 -V172.17.0.0/24 -p45 -sg17 -I2 -sg18 -V172.17.0.250 -p46 -ssS'ipv6' -p47 -I00 -sS'storage_mgmt' -p48 -(dp49 -g13 -V172.19.0.10 -p50 -sg15 -V172.19.0.0/24 -p51 -sg17 -I4 -sg18 -V172.19.0.250 -p52 -ssS'minor' -p53 -I2 -sS'tenant' -p54 -(dp55 -g13 -V172.16.0.10 -p56 -sg15 -V172.16.0.0/24 -p57 -sg17 -I5 -sg18 -V172.16.0.250 -p58 -sssS'data' -p59 -(dp60 -S'cinder-storage.yaml' -p61 -(lp62 -sS'ceph-storage.yaml' -p63 -(lp64 -(dp65 -Vaddresses -p66 -(lp67 -sVnetwork -p68 -VControlPlane -p69 -sVprimary -p70 -I01 -sVmtu -p71 -I1350 -sS'members' -p72 -(lp73 -sVroutes -p74 -(lp75 -sVuse_dhcp -p76 -I00 -sVtype -p77 -Vinterface -p78 -sVname -p79 -Vnic1 -p80 -sa(dp81 -Vaddresses -p82 -(lp83 -sVnetwork -p84 -VStorage -p85 -sVprimary -p86 -I01 -sVmtu -p87 -I1350 -sg72 -(lp88 -sVroutes -p89 -(lp90 -sVuse_dhcp -p91 -I00 -sVtype -p92 -Vinterface -p93 -sVname -p94 -Vnic5 -p95 -sa(dp96 -Vaddresses -p97 -(lp98 -sVnetwork -p99 -VStorageMgmt -p100 -sVprimary -p101 -I01 -sVmtu -p102 -I1350 -sg72 -(lp103 -sVroutes -p104 -(lp105 -sVuse_dhcp -p106 -I00 -sVtype -p107 -Vinterface -p108 -sVname -p109 -Vnic6 -p110 -sasS'controller.yaml' -p111 -(lp112 -(dp113 -Vaddresses -p114 -(lp115 -sVnetwork -p116 -VControlPlane -p117 -sVprimary -p118 -I01 -sVmtu -p119 -I1350 -sg72 -(lp120 -sVroutes -p121 -(lp122 -sVuse_dhcp -p123 -I00 -sVtype -p124 -Vinterface -p125 -sVname -p126 -Vnic1 -p127 -sa(dp128 -Vdns_servers -p129 -V{get_param: DnsServers} -p130 -sVaddresses -p131 -(lp132 -sVnetwork -p133 -VExternal -p134 -sVmtu -p135 -I-1 -sg72 -(lp136 -(dp137 -Vnetwork -p138 -VNone -p139 -sVbond_type -p140 -Vovs -p141 -sVovs_options -p142 -V{get_param: BondInterfaceOvsOptions} -p143 -sVmtu -p144 -I-1 -sg72 -(lp145 -(dp146 -Vaddresses -p147 -(lp148 -sVnetwork -p149 -VNone -p150 -sVprimary -p151 -I01 -sVmtu -p152 -I1350 -sVroutes -p153 -(lp154 -sVuse_dhcp -p155 -I00 -sVtype -p156 -Vinterface -p157 -sVname -p158 -Vnic2 -p159 -sa(dp160 -Vaddresses -p161 -(lp162 -sVnetwork -p163 -VNone -p164 -sVprimary -p165 -I00 -sVmtu -p166 -I1350 -sVroutes -p167 -(lp168 -sVuse_dhcp -p169 -I00 -sVtype -p170 -Vinterface -p171 -sVname -p172 -Vnic3 -p173 -sasVroutes -p174 -(lp175 -sVtype -p176 -Vovs_bond -p177 -sVname -p178 -Vbond1 -p179 -sasVroutes -p180 -(lp181 -sVuse_dhcp -p182 -I00 -sVtype -p183 -Vovs_bridge -p184 -sVname -p185 -Vbr-ex -p186 -sa(dp187 -Vaddresses -p188 -(lp189 -sVnetwork -p190 -VInternalApi -p191 -sVprimary -p192 -I01 -sVmtu -p193 -I1350 -sg72 -(lp194 -sVroutes -p195 -(lp196 -sVuse_dhcp -p197 -I00 -sVtype -p198 -Vinterface -p199 -sVname -p200 -Vnic4 -p201 -sa(dp202 -Vaddresses -p203 -(lp204 -sVnetwork -p205 -VStorage -p206 -sVprimary -p207 -I01 -sVmtu -p208 -I1350 -sg72 -(lp209 -sVroutes -p210 -(lp211 -sVuse_dhcp -p212 -I00 -sVtype -p213 -Vinterface -p214 -sVname -p215 -Vnic5 -p216 -sa(dp217 -Vaddresses -p218 -(lp219 -sVnetwork -p220 -VStorageMgmt -p221 -sVprimary -p222 -I01 -sVmtu -p223 -I1350 -sg72 -(lp224 -sVroutes -p225 -(lp226 -sVuse_dhcp -p227 -I00 -sVtype -p228 -Vinterface -p229 -sVname -p230 -Vnic6 -p231 -sa(dp232 -Vdns_servers -p233 -V{get_param: DnsServers} -p234 -sVaddresses -p235 -(lp236 -sVnetwork -p237 -VTenant -p238 -sVmtu -p239 -I-1 -sg72 -(lp240 -(dp241 -Vaddresses -p242 -(lp243 -sVnetwork -p244 -VNone -p245 -sVprimary -p246 -I01 -sVmtu -p247 -I1350 -sg72 -(lp248 -sVroutes -p249 -(lp250 -sVuse_dhcp -p251 -I00 -sVtype -p252 -Vinterface -p253 -sVname -p254 -Vnic7 -p255 -sasVroutes -p256 -(lp257 -sVuse_dhcp -p258 -I00 -sVtype -p259 -Vovs_bridge -p260 -sVname -p261 -Vbr-tenant -p262 -sasS'swift-storage.yaml' -p263 -(lp264 -sS'compute.yaml' -p265 -(lp266 -(dp267 -Vaddresses -p268 -(lp269 -sVnetwork -p270 -VControlPlane -p271 -sVprimary -p272 -I01 -sVmtu -p273 -I1350 -sg72 -(lp274 -sVroutes -p275 -(lp276 -sVuse_dhcp -p277 -I00 -sVtype -p278 -Vinterface -p279 -sVname -p280 -Vnic1 -p281 -sa(dp282 -Vaddresses -p283 -(lp284 -sVnetwork -p285 -VInternalApi -p286 -sVprimary -p287 -I01 -sVmtu -p288 -I1350 -sg72 -(lp289 -sVroutes -p290 -(lp291 -sVuse_dhcp -p292 -I00 -sVtype -p293 -Vinterface -p294 -sVname -p295 -Vnic4 -p296 -sa(dp297 -Vaddresses -p298 -(lp299 -sVnetwork -p300 -VStorage -p301 -sVprimary -p302 -I01 -sVmtu -p303 -I1350 -sg72 -(lp304 -sVroutes -p305 -(lp306 -sVuse_dhcp -p307 -I00 -sVtype -p308 -Vinterface -p309 -sVname -p310 -Vnic5 -p311 -sa(dp312 -Vdns_servers -p313 -V{get_param: DnsServers} -p314 -sVaddresses -p315 -(lp316 -sVnetwork -p317 -VTenant -p318 -sVmtu -p319 -I-1 -sg72 -(lp320 -(dp321 -Vaddresses -p322 -(lp323 -sVnetwork -p324 -VNone -p325 -sVprimary -p326 -I01 -sVmtu -p327 -I1350 -sg72 -(lp328 -sVroutes -p329 -(lp330 -sVuse_dhcp -p331 -I00 -sVtype -p332 -Vinterface -p333 -sVname -p334 -Vnic7 -p335 -sasVroutes -p336 -(lp337 -sVuse_dhcp -p338 -I00 -sVtype -p339 -Vovs_bridge -p340 -sVname -p341 -Vbr-tenant -p342 -sass. \ No newline at end of file diff --git a/doc/source/conf.py b/doc/source/conf.py index 3d1a592..46676d6 100644 --- a/doc/source/conf.py +++ b/doc/source/conf.py @@ -28,6 +28,7 @@ sys.path.insert(0, os.path.abspath('../../openstack_virtual_baremetal')) extensions = [ 'sphinx.ext.autodoc', 'sphinx.ext.intersphinx', + 'sphinx.ext.autosectionlabel', ] @@ -95,6 +96,7 @@ pygments_style = 'sphinx' # -- Options for HTML output --------------------------------------------------- +html_theme = 'sphinx_rtd_theme' html_static_path = [] # html_style = 'custom.css' templates_path = [] diff --git a/doc/source/deploy/baremetal.rst b/doc/source/deploy/baremetal.rst index b680fd8..7c8f0f5 100644 --- a/doc/source/deploy/baremetal.rst +++ b/doc/source/deploy/baremetal.rst @@ -37,7 +37,7 @@ method, which creates most of the resources needed automatically. :: neutron net-create provision - neutron subnet-create --name provision --no-gateway --disable-dhcp provision 192.0.2.0/24 + neutron subnet-create --name provision --no-gateway --disable-dhcp provision 192.168.24.0/24 #. Create "public" network. @@ -94,8 +94,7 @@ method, which creates most of the resources needed automatically. neutron port-list neutron floatingip-associate [floatingip uuid] [undercloud instance port id] -#. (Optional) If not using the Noop firewall driver, turn off port-security on - the undercloud provisioning port:: +#. Turn off port-security on the undercloud provisioning port:: neutron port-update [UUID of undercloud port on the provision network] --no-security-groups --port-security-enabled=False diff --git a/doc/source/deploy/environment-index.rst b/doc/source/deploy/environment-index.rst index 7fc4701..99c8c0f 100644 --- a/doc/source/deploy/environment-index.rst +++ b/doc/source/deploy/environment-index.rst @@ -1,30 +1,6 @@ Sample Environment Index ======================== -Deploy with All Networks Enabled --------------------------------- - -**File:** environments/all-networks-port-security.yaml - -**Description:** Deploy an OVB stack that adds interfaces for all the standard TripleO -network isolation networks. This version uses the port-security -Neutron extension to allow OVB to be run on clouds with security -groups enabled. - - -Deploy with All Networks Enabled and Two Public Interfaces ----------------------------------------------------------- - -**File:** environments/all-networks-public-bond-port-security.yaml - -**Description:** Deploy an OVB stack that adds interfaces for all the standard TripleO -network isolation networks. This version will deploy duplicate -public network interfaces on the baremetal instances so that the -public network can be configured as a bond. It will also use the -port-security Neutron extension to allow OVB to be run on clouds with -security groups enabled. - - Deploy with All Networks Enabled and Two Public Interfaces ---------------------------------------------------------- @@ -118,13 +94,14 @@ Create a Private Network existing one. -Deploy a Basic OVB Environment Using Neutron port-security ----------------------------------------------------------- +Public Network External Router +------------------------------ -**File:** environments/port-security.yaml +**File:** environments/public-router.yaml -**Description:** Deploy an OVB stack that uses the Neutron port-security extension to -allow OVB functionality in clouds with security groups enabled. +**Description:** Deploy a router that connects the public and external networks. This +allows the public network to be used as a gateway instead of routing all +traffic through the undercloud. Disable the Undercloud in a QuintupleO Stack @@ -136,6 +113,38 @@ Disable the Undercloud in a QuintupleO Stack instance. +Configuration for Routed Networks +--------------------------------- + +**File:** environments/routed-networks-configuration.yaml + +**Description:** Contains the available parameters that need to be configured when using +a routed networks environment. Requires the routed-networks.yaml +environment. + + +Base Role Configuration for Routed Networks +------------------------------------------- + +**File:** environments/routed-networks-role.yaml + +**Description:** A base role environment that contains the necessary parameters for +deploying with routed networks. + + +Enable Routed Networks +---------------------- + +**File:** environments/routed-networks.yaml + +**Description:** Enable use of routed networks, where there may be multiple separate +networks connected with a router and DHCP relay. Do not pass any other +network configuration environments after this one or they may override +the changes made by this environment. When this environment is in use, +the routed-networks-configuration environment should usually be +included as well. + + Assign the Undercloud an Existing Floating IP --------------------------------------------- diff --git a/doc/source/deploy/quintupleo.rst b/doc/source/deploy/quintupleo.rst index 695c78a..6994fe0 100644 --- a/doc/source/deploy/quintupleo.rst +++ b/doc/source/deploy/quintupleo.rst @@ -19,7 +19,7 @@ however. with some older clouds. See below for details on customizing an OVB deployment for your particular situation:: - bin/deploy.py --quintupleo -e env.yaml -e environments/all-networks-port-security.yaml -e environments/create-private-network.yaml + bin/deploy.py --quintupleo -e env.yaml -e environments/all-networks.yaml -e environments/create-private-network.yaml .. note:: There is a quintupleo-specific option ``--id`` in deploy.py. It appends the value passed in to the name of all resources @@ -97,10 +97,10 @@ There are also a number of advanced options that can be enabled for a QuintupleO deployment. For each such option there is a sample environment to be passed to the deploy command. -For example, to deploy using the Neutron port-security extension to allow -DHCP and PXE booting, the following command could be used:: +For example, to deploy all networks needed for TripleO network isolation, the +following command could be used:: - bin/deploy.py --quintupleo -e env.yaml -e environments/port-security.yaml + bin/deploy.py --quintupleo -e env.yaml -e environments/all-networks.yaml .. important:: When deploying with multiple environment files, ``env.yaml`` *must* be explicitly passed to the deploy command. @@ -110,7 +110,7 @@ DHCP and PXE booting, the following command could be used:: Some options may have additional configuration parameters. These parameters will be listed in the environment file. -A full list of the option environments available can be found at +A full list of the environments available can be found at :doc:`environment-index`. Network Isolation @@ -144,15 +144,163 @@ Three primary networking layouts are included: OVB environment. The ``bond-*`` overcloud templates must be used with this type of environment. -Each of the networking layouts has two variations: with and without the use of -Neutron's port-security extension. The reason for this is that older releases -of OpenStack did not support port-security, so those templates cannot be used. -However, use of the port-security extension allows OVB to work on a much larger -number of clouds because it does not require insecure Neutron settings. +QuintupleO and routed networks +------------------------------ -While the port-security extension existed as far back as the Liberty release, -it has only been successfully tested with OVB on Newton and above. +TripleO supports deploying OpenStack with nodes on multiple network segments +which is connected via L3 routing. OVB can set up a full development +environment with routers and DHCP-relay service. This environment is targeted +for TripleO development, however it should be useful for non-TripleO users of +OVB as well. -The port-security environments can be recognized by the presence of -`port-security` somewhere in the filename. Network environments without that -substring are the standard ones that require the noop Neutron firewall driver. +#. When deploying QuintupleO with routed networks environment files to enable + routed networks must be included, as well as one or more role environment + files. See :ref:`Enable Routed Networks`, + :ref:`Configuration for Routed Networks`, and + :ref:`Base Role Configuration for Routed Networks` in the + :doc:`environment-index` for details. + +#. Copy the example env file and edit it to reflect the host environment:: + + cp environments/base.yaml env.yaml + vi env.yaml + +#. Copy the ``routed-networks-configuration.yaml`` sample environment file and + edit it to reflect the host environment:: + + cp environments/routed-networks-configuration.yaml env-routed-networks.yaml + vi env-routed-networks.yaml + +#. For each desired role, copy the ``routed-networks-role.yaml`` sample + environment file and edit it to reflect the host environment:: + + cp environments/routed-networks-role.yaml env-leaf1.yaml + vi env-leaf1.yaml + +#. Deploy the QuintupleO routed networks environment by running the deploy.py + command. For example:: + + ./bin/deploy.py --env env.yaml \ + --quintupleo \ + --env environments/all-networks.yaml \ + --env environments/routed-networks.yaml \ + --env env-routed-networks.yaml \ + --role env-leaf1.yaml + +#. When generating the ``nodes.json`` file for TripleO undercloud node import, + the environment ``env-routed.yaml`` should be specified. Also, to include + physical network attributes of the node ports in ``nodes.json`` specify the + ``--physical_network`` option when running ``build-nodes-json``. For + example:: + + bin/build-nodes-json --physical_network + + The following is an example node definition produced when using the + ``--physical_network`` options. Notice that ports are defined with both + ``address`` and ``physical_network`` attributes. + + :: + + { + "pm_password": "password", + "name": "baremetal-leaf1-0", + "memory": 8192, + "pm_addr": "10.0.1.13", + "ports": [ + { + "physical_network": "provision2", + "address": "fa:16:3e:2f:a1:cf" + } + ], + "capabilities": "boot_option:local,profile:leaf1", + "pm_type": "pxe_ipmitool", + "disk": 80, + "arch": "x86_64", + "cpu": 4, + "pm_user": "admin" + } + + .. NOTE:: Due to technical debet (backward compatibility) the TripleO + Undercloud uses ``ctlplane`` as the physical network name for the + subnet that is local to the Undercloud itself. Either override + the name of the provision network in the ovb environment by + setting: ``provision_net: ctlplane`` in the + ``parameters_defaults`` section or edit the generated nodes.json + file, replacing: + ``"physical_network": ""`` with + ``"physical_network": "ctlplane"``. + +#. For convenience router addresses are made available via the + ``network_environment_data`` key in the stack output of the quintupleo heat + stack. To retrieve this data run the ``openstack stack show`` command. For + example:: + + $ openstack stack show quintupleo -c outputs -f yaml + + outputs: + - description: floating ip of the undercloud instance + output_key: undercloud_host_floating_ip + output_value: 38.145.35.98 + - description: Network environment data, router addresses etc. + output_key: network_environment_data + output_value: + internal2_router: 172.17.1.204 + internal_router_address: 172.17.0.201 + provision2_router: 192.168.25.254 + provision3_router: 192.168.26.254 + provision_router: 192.168.24.254 + storage2_router_address: 172.18.1.254 + storage_mgmt2_router_address: 172.19.1.254 + storage_mgmt_router_address: 172.19.0.254 + storage_router_address: 172.18.0.254 + tenant2_router_address: 172.16.1.254 + tenant_router_address: 172.16.0.254 + - description: ip of the undercloud instance on the private network + output_key: undercloud_host_private_ip + output_value: 10.0.1.14 + +#. Below is an example TripleO Undercloud configuration (``undercloud.conf``) + with routed networks support enabled and the three provisioning networks + defined. + + :: + + [DEFAULT] + enable_routed_networks = true + enable_ui = false + overcloud_domain_name = localdomain + scheduler_max_attempts = 2 + undercloud_ntp_servers = pool.ntp.org + undercloud_hostname = undercloud.rdocloud + local_interface = eth1 + local_mtu = 1450 + local_ip = 192.168.24.1/24 + undercloud_public_host = 192.168.24.2 + undercloud_admin_host = 192.168.24.3 + undercloud_nameservers = 8.8.8.8,8.8.4.4 + local_subnet = provision + subnets = provision,provision2,provision3 + + [provision] + cidr = 192.168.24.0/24 + dhcp_start = 192.168.24.10 + dhcp_end = 192.168.24.30 + gateway = 192.168.24.254 + inspection_iprange = 192.168.24.100,192.168.24.120 + masquerade = true + + [provision2] + cidr = 192.168.25.0/24 + dhcp_start = 192.168.25.10 + dhcp_end = 192.168.25.30 + gateway = 192.168.25.254 + inspection_iprange = 192.168.25.100,192.168.25.120 + masquerade = true + + [provision3] + cidr = 192.168.26.0/24 + dhcp_start = 192.168.26.10 + dhcp_end = 192.168.26.30 + gateway = 192.168.26.254 + inspection_iprange = 192.168.26.100,192.168.26.120 + masquerade = true diff --git a/doc/source/host-cloud/configuration.rst b/doc/source/host-cloud/configuration.rst index 4d461cb..d51c763 100644 --- a/doc/source/host-cloud/configuration.rst +++ b/doc/source/host-cloud/configuration.rst @@ -7,19 +7,8 @@ all of it will provide the optimal experience. The changes described in this document apply to compute nodes in the host cloud. -#. Neutron must be configured to use the NoopFirewallDriver. Edit - ``/etc/neutron/plugins/ml2/ml2_conf.ini`` and set the option - ``firewall_driver`` in the ``[securitygroup]`` section as follows:: - - firewall_driver = neutron.agent.firewall.NoopFirewallDriver - -#. In Liberty and later versions, arp spoofing must be disabled. Edit - ``/etc/neutron/plugins/ml2/ml2_conf.ini`` and set the option - ``prevent_arp_spoofing`` in the ``[agent]`` section as follows:: - - prevent_arp_spoofing = False - -#. The Nova option ``force_config_drive`` must _not_ be set. +#. The Nova option ``force_config_drive`` must _not_ be set. If you have to + change this option, restart ``nova-compute`` to apply it. #. Ideally, jumbo frames should be enabled on the host cloud. This avoids MTU problems when deploying to instances over tunneled @@ -33,6 +22,3 @@ host cloud. such a change on the host cloud), it will likely be necessary to configure a smaller MTU on the deployed virtual instances. Details on doing so can be found on the :doc:`../usage/usage` page. - -#. Restart ``nova-compute`` and ``neutron-openvswitch-agent`` to apply the - changes above. diff --git a/doc/source/host-cloud/setup.rst b/doc/source/host-cloud/setup.rst index 4a6fad7..df4a009 100644 --- a/doc/source/host-cloud/setup.rst +++ b/doc/source/host-cloud/setup.rst @@ -6,9 +6,6 @@ Instructions for setting up the host cloud[1]. 1: The host cloud is any OpenStack cloud providing the necessary functionality to run OVB. The host cloud must be running on real baremetal. -.. warning:: This process requires patches and configuration settings that - may not be appropriate for production clouds. - .. toctree:: patches diff --git a/doc/source/troubleshooting.rst b/doc/source/troubleshooting.rst index d110789..0b45bc4 100644 --- a/doc/source/troubleshooting.rst +++ b/doc/source/troubleshooting.rst @@ -49,10 +49,8 @@ VM, but responses never get to the baremetal instances. **Cause**: Neutron port security blocking DHCP from the undercloud. -**Solution**: Neutron either needs to be configured to use the Noop firewall -driver, or the port-security extension must be used to disable -port-security on the appropriate ports. As of this writing that -requires use of the port-security branch of OVB. +**Solution**: Ensure that the Neutron port-security extension is present in +the host cloud. It is required for OVB to function properly. The BMC does not respond to IPMI requests ----------------------------------------- @@ -62,11 +60,10 @@ on arbitrary addresses. The BMC deployment may have failed for some reason. **Solution**: Neutron must be configured to allow the BMC to listen on -arbitrary addresses. This requires use of the Noop firewall driver -or port-security extension as in the previous solution. If this -is already configured correctly, then the BMC may have failed to -deploy properly. This can usually be determined by looking at the -nova console-log of the BMC instance. A correctly working BMC will +arbitrary addresses. This requires the port-security extension as in the +previous solution. If this is already configured correctly, then the BMC may +have failed to deploy properly. This can usually be determined by looking at +the nova console-log of the BMC instance. A correctly working BMC will display 'Managing instance [uuid]' for each baremetal node in the environment. If those messages are not found, then the BMC has failed to start properly. The relevant error messages should be diff --git a/doc/source/usage/usage.rst b/doc/source/usage/usage.rst index eee475a..4ff5788 100644 --- a/doc/source/usage/usage.rst +++ b/doc/source/usage/usage.rst @@ -43,15 +43,12 @@ After an OVB environment has been deployed, there are a few things to know. this is a brief explanation of each: - **network-templates:** IPv4 multi-nic. Usable with the network layout - deployed by the ``all-networks.yaml`` and - ``all-networks-port-security.yaml`` environments. + deployed by the ``all-networks.yaml`` environment. - **ipv6-network-templates:** IPv6 multi-nic. Usable with the network layout - deployed by the ``all-networks.yaml`` and - ``all-networks-port-security.yaml`` environments. + deployed by the ``all-networks.yaml`` environment. - **bond-network-templates:** IPv4 multi-nic, with duplicate `public` interfaces for testing bonded nics. Usable with the network layout - deployed by the ``all-networks-public-bond.yaml`` and - ``all-networks-public-bond-port-security.yaml`` environments. + deployed by the ``all-networks-public-bond.yaml`` environment. The undercloud's ``public`` interface should be configured with the address of the default route from the templates in use. Firewall rules for diff --git a/environments/all-networks-port-security.yaml b/environments/all-networks-port-security.yaml deleted file mode 100644 index babf777..0000000 --- a/environments/all-networks-port-security.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# ******************************************************************* -# This file was created automatically by the sample environment -# generator. Developers should use `tox -e genconfig` to update it. -# Users are recommended to make changes to a copy of the file instead -# of the original, if any customizations are needed. -# ******************************************************************* -# title: Deploy with All Networks Enabled -# description: | -# Deploy an OVB stack that adds interfaces for all the standard TripleO -# network isolation networks. This version uses the port-security -# Neutron extension to allow OVB to be run on clouds with security -# groups enabled. -parameter_defaults: - # Name of internal API network - # Type: string - overcloud_internal_net: overcloud_internal - - # CIDR for internal API network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_internal_net_cidr: 172.17.0.0/24 - - # Name of storage management network - # Type: string - overcloud_storage_mgmt_net: overcloud_storage_mgmt - - # CIDR for storage management network subnet. This is typically irrelevant - # and does not need to be changed. - # Type: string - overcloud_storage_mgmt_net_cidr: 172.19.0.0/24 - - # Name of storage network - # Type: string - overcloud_storage_net: overcloud_storage - - # CIDR for storage network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_storage_net_cidr: 172.18.0.0/24 - - # Name of tenant network - # Type: string - overcloud_tenant_net: overcloud_tenant - - # CIDR for tenant network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_tenant_net_cidr: 172.16.0.0/24 - -resource_registry: - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-all-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml diff --git a/environments/all-networks-port-security.yaml b/environments/all-networks-port-security.yaml new file mode 120000 index 0000000..55e2faf --- /dev/null +++ b/environments/all-networks-port-security.yaml @@ -0,0 +1 @@ +all-networks.yaml \ No newline at end of file diff --git a/environments/all-networks-public-bond-port-security.yaml b/environments/all-networks-public-bond-port-security.yaml deleted file mode 100644 index 1118b4b..0000000 --- a/environments/all-networks-public-bond-port-security.yaml +++ /dev/null @@ -1,56 +0,0 @@ -# ******************************************************************* -# This file was created automatically by the sample environment -# generator. Developers should use `tox -e genconfig` to update it. -# Users are recommended to make changes to a copy of the file instead -# of the original, if any customizations are needed. -# ******************************************************************* -# title: Deploy with All Networks Enabled and Two Public Interfaces -# description: | -# Deploy an OVB stack that adds interfaces for all the standard TripleO -# network isolation networks. This version will deploy duplicate -# public network interfaces on the baremetal instances so that the -# public network can be configured as a bond. It will also use the -# port-security Neutron extension to allow OVB to be run on clouds with -# security groups enabled. -parameter_defaults: - # Name of internal API network - # Type: string - overcloud_internal_net: overcloud_internal - - # CIDR for internal API network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_internal_net_cidr: 172.17.0.0/24 - - # Name of storage management network - # Type: string - overcloud_storage_mgmt_net: overcloud_storage_mgmt - - # CIDR for storage management network subnet. This is typically irrelevant - # and does not need to be changed. - # Type: string - overcloud_storage_mgmt_net_cidr: 172.19.0.0/24 - - # Name of storage network - # Type: string - overcloud_storage_net: overcloud_storage - - # CIDR for storage network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_storage_net_cidr: 172.18.0.0/24 - - # Name of tenant network - # Type: string - overcloud_tenant_net: overcloud_tenant - - # CIDR for tenant network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_tenant_net_cidr: 172.16.0.0/24 - -resource_registry: - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-public-bond-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml diff --git a/environments/all-networks-public-bond-port-security.yaml b/environments/all-networks-public-bond-port-security.yaml new file mode 120000 index 0000000..3a632ae --- /dev/null +++ b/environments/all-networks-public-bond-port-security.yaml @@ -0,0 +1 @@ +all-networks-public-bond.yaml \ No newline at end of file diff --git a/environments/base-extra-node.yaml b/environments/base-extra-node.yaml index d71b91d..928584e 100644 --- a/environments/base-extra-node.yaml +++ b/environments/base-extra-node.yaml @@ -33,4 +33,4 @@ parameter_defaults: role: extra resource_registry: - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-extra-node-port-security.yaml + OS::OVB::BaremetalPorts: ../templates/baremetal-ports-extra-node.yaml diff --git a/environments/port-security.yaml b/environments/public-router.yaml similarity index 50% rename from environments/port-security.yaml rename to environments/public-router.yaml index 5b019d6..1879222 100644 --- a/environments/port-security.yaml +++ b/environments/public-router.yaml @@ -4,11 +4,10 @@ # Users are recommended to make changes to a copy of the file instead # of the original, if any customizations are needed. # ******************************************************************* -# title: Deploy a Basic OVB Environment Using Neutron port-security +# title: Public Network External Router # description: | -# Deploy an OVB stack that uses the Neutron port-security extension to -# allow OVB functionality in clouds with security groups enabled. +# Deploy a router that connects the public and external networks. This +# allows the public network to be used as a gateway instead of routing all +# traffic through the undercloud. resource_registry: - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-default-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-public-router.yaml diff --git a/environments/routed-networks-configuration.yaml b/environments/routed-networks-configuration.yaml new file mode 100644 index 0000000..2171885 --- /dev/null +++ b/environments/routed-networks-configuration.yaml @@ -0,0 +1,21 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Configuration for Routed Networks +# description: | +# Contains the available parameters that need to be configured when using +# a routed networks environment. Requires the routed-networks.yaml +# environment. +parameter_defaults: + # The Nova flavor to use for the dhcrelay instance + # Type: string + dhcp_relay_flavor: m1.small + + # The base image for the dhcrelay instance. A CentOS 7 image is currently + # the only one supported. + # Type: string + dhcp_relay_image: CentOS-7-x86_64-GenericCloud + diff --git a/environments/routed-networks-role.yaml b/environments/routed-networks-role.yaml new file mode 100644 index 0000000..91c12bc --- /dev/null +++ b/environments/routed-networks-role.yaml @@ -0,0 +1,48 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Base Role Configuration for Routed Networks +# description: | +# A base role environment that contains the necessary parameters for +# deploying with routed networks. +parameter_defaults: + # Recommended to be at least 1 vcpu, 4 GB RAM, 50 GB disk + # Type: string + baremetal_flavor: baremetal + + # Nova keypair to inject into the undercloud and bmc + # Type: string + key_name: default + + # Number of baremetal nodes to deploy + # Type: number + node_count: 2 + + # Name of internal API network + # Type: string + overcloud_internal_net: overcloud_internal2 + + # Name of storage management network + # Type: string + overcloud_storage_mgmt_net: overcloud_storage_mgmt2 + + # Name of storage network + # Type: string + overcloud_storage_net: overcloud_storage2 + + # Name of tenant network + # Type: string + overcloud_tenant_net: overcloud_tenant2 + + # Name of a network that will be used for provisioning traffic + # Type: string + provision_net: provision2 + + # The default role for nodes in this environment. This parameter is + # ignored by Heat, but used by build-nodes-json. + # Type: string + role: leaf1 + diff --git a/environments/routed-networks.yaml b/environments/routed-networks.yaml new file mode 100644 index 0000000..b88c42e --- /dev/null +++ b/environments/routed-networks.yaml @@ -0,0 +1,18 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Enable Routed Networks +# description: | +# Enable use of routed networks, where there may be multiple separate +# networks connected with a router and DHCP relay. Do not pass any other +# network configuration environments after this one or they may override +# the changes made by this environment. When this environment is in use, +# the routed-networks-configuration environment should usually be +# included as well. +resource_registry: + OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-routed.yaml + OS::OVB::DHCPRelay: ../templates/dhcp-relay.yaml + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-routed.yaml diff --git a/ipv6-network-templates/DEPRECATED b/ipv6-network-templates/DEPRECATED deleted file mode 100644 index f10f688..0000000 --- a/ipv6-network-templates/DEPRECATED +++ /dev/null @@ -1,3 +0,0 @@ -WARNING: This directory is deprecated and may be removed in the future. -A duplicate copy of these network templates can be found in the -overcloud-templates directory in a sub-directory with the same name as this one. diff --git a/ipv6-network-templates/README b/ipv6-network-templates/README deleted file mode 100644 index 189bfb5..0000000 --- a/ipv6-network-templates/README +++ /dev/null @@ -1,23 +0,0 @@ -Generated Network Isolation Templates -------------------------------------- -These templates were generated by the UI tool at -https://github.com/cybertron/tripleo-scripts#net-iso-genpy - -ui-settings.pickle is specific to the tool. TripleO will not use it when -doing deployments with these templates, but it is needed to be able to -load the templates into the UI again. Note that the UI only reads this file, -so any changes made by hand to the templates will not be reflected in the UI. - -The network-isolation.yaml file needs to reference the port files shipped with -tripleo-heat-templates, so by default the tool generates the paths assuming -network-isolation.yaml will be copied into the environments/ directory of -tripleo-heat-templates. - -If the standard tripleo-heat-templates are in use, then the -network-isolation-absolute.yaml file can be used instead. It has hard-coded -references to the port files in /usr/share/openstack-tripleo-heat-templates. - -If the generated network isolation templates are at ~/generated-templates, an -example deployment command would look like: - -openstack overcloud deploy --templates -e ~/generated-templates/network-isolation-absolute.yaml -e ~/generated-templates/network-environment.yaml diff --git a/ipv6-network-templates/network-environment.yaml b/ipv6-network-templates/network-environment.yaml deleted file mode 100644 index 824081a..0000000 --- a/ipv6-network-templates/network-environment.yaml +++ /dev/null @@ -1,25 +0,0 @@ - -resource_registry: - OS::TripleO::BlockStorage::Net::SoftwareConfig: nic-configs/cinder-storage.yaml - OS::TripleO::Compute::Net::SoftwareConfig: nic-configs/compute.yaml - OS::TripleO::Controller::Net::SoftwareConfig: nic-configs/controller.yaml - OS::TripleO::ObjectStorage::Net::SoftwareConfig: nic-configs/swift-storage.yaml - OS::TripleO::CephStorage::Net::SoftwareConfig: nic-configs/ceph-storage.yaml - -parameter_defaults: - ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 - ExternalNetCidr: 2001:db8:fd00:1000::/64 - ExternalAllocationPools: [{"start": "2001:db8:fd00:1000::10", "end": "2001:db8:fd00:1000:ffff:ffff:ffff:fffe"}] - ExternalInterfaceDefaultRoute: 2001:db8:fd00:1000::1 - NeutronExternalNetworkBridge: "''" - InternalApiNetCidr: fd00:fd00:fd00:2000::/64 - InternalApiAllocationPools: [{"start": "fd00:fd00:fd00:2000::10", "end": "fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe"}] - StorageNetCidr: fd00:fd00:fd00:3000::/64 - StorageAllocationPools: [{"start": "fd00:fd00:fd00:3000::10", "end": "fd00:fd00:fd00:3000:ffff:ffff:ffff:fffe"}] - StorageMgmtNetCidr: fd00:fd00:fd00:4000::/64 - StorageMgmtAllocationPools: [{"start": "fd00:fd00:fd00:4000::10", "end": "fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe"}] - TenantNetCidr: 172.16.0.0/24 - TenantAllocationPools: [{"start": "172.16.0.10", "end": "172.16.0.250"}] - DnsServers: ["8.8.8.8", "8.8.4.4"] diff --git a/ipv6-network-templates/network-isolation-absolute.yaml b/ipv6-network-templates/network-isolation-absolute.yaml deleted file mode 100644 index e5c8ccf..0000000 --- a/ipv6-network-templates/network-isolation-absolute.yaml +++ /dev/null @@ -1,35 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/vip_v6.yaml - # External - OS::TripleO::Network::External: /usr/share/openstack-tripleo-heat-templates/network/external_v6.yaml - OS::TripleO::Network::Ports::ExternalVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external_v6.yaml - OS::TripleO::Controller::Ports::ExternalPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external_v6.yaml - # InternalApi - OS::TripleO::Network::InternalApi: /usr/share/openstack-tripleo-heat-templates/network/internal_api_v6.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api_v6.yaml - OS::TripleO::Controller::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api_v6.yaml - OS::TripleO::Compute::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api_v6.yaml - # Storage - OS::TripleO::Network::Storage: /usr/share/openstack-tripleo-heat-templates/network/storage_v6.yaml - OS::TripleO::Network::Ports::StorageVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_v6.yaml - OS::TripleO::Controller::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_v6.yaml - OS::TripleO::Compute::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_v6.yaml - OS::TripleO::CephStorage::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_v6.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: /usr/share/openstack-tripleo-heat-templates/network/storage_mgmt_v6.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt_v6.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt_v6.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt_v6.yaml - # Tenant - OS::TripleO::Network::Tenant: /usr/share/openstack-tripleo-heat-templates/network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml -parameter_defaults: - CephIPv6: True - CorosyncIPv6: True - MongoDbIPv6: True - NovaIPv6: True - RabbitIPv6: True - MemcachedIPv6: True diff --git a/ipv6-network-templates/network-isolation.yaml b/ipv6-network-templates/network-isolation.yaml deleted file mode 100644 index 08c7685..0000000 --- a/ipv6-network-templates/network-isolation.yaml +++ /dev/null @@ -1,35 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml - # External - OS::TripleO::Network::External: ../network/external_v6.yaml - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml - OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_v6.yaml - # InternalApi - OS::TripleO::Network::InternalApi: ../network/internal_api_v6.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - # Storage - OS::TripleO::Network::Storage: ../network/storage_v6.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml - OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt_v6.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - # Tenant - OS::TripleO::Network::Tenant: ../network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: ../network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml -parameter_defaults: - CephIPv6: True - CorosyncIPv6: True - MongoDbIPv6: True - NovaIPv6: True - RabbitIPv6: True - MemcachedIPv6: True diff --git a/ipv6-network-templates/nic-configs/ceph-storage.yaml b/ipv6-network-templates/nic-configs/ceph-storage.yaml deleted file mode 100644 index 593533b..0000000 --- a/ipv6-network-templates/nic-configs/ceph-storage.yaml +++ /dev/null @@ -1,120 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - default: true - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ControlPlaneDefaultRoute} - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/nic-configs/cinder-storage.yaml b/ipv6-network-templates/nic-configs/cinder-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/ipv6-network-templates/nic-configs/cinder-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/nic-configs/compute.yaml b/ipv6-network-templates/nic-configs/compute.yaml deleted file mode 100644 index ebe9f69..0000000 --- a/ipv6-network-templates/nic-configs/compute.yaml +++ /dev/null @@ -1,131 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - default: true - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ControlPlaneDefaultRoute} - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: interface - name: nic3 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic6 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/nic-configs/controller.yaml b/ipv6-network-templates/nic-configs/controller.yaml deleted file mode 100644 index 500fbbd..0000000 --- a/ipv6-network-templates/nic-configs/controller.yaml +++ /dev/null @@ -1,152 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - default: true - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ControlPlaneDefaultRoute} - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: ovs_bridge - name: br-ex - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - default: true - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ExternalInterfaceDefaultRoute} - members: - - type: interface - name: nic2 - mtu: 1350 - primary: true - - type: interface - name: nic3 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic6 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/nic-configs/swift-storage.yaml b/ipv6-network-templates/nic-configs/swift-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/ipv6-network-templates/nic-configs/swift-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/ui-settings.pickle b/ipv6-network-templates/ui-settings.pickle deleted file mode 100644 index bc3ac5a..0000000 --- a/ipv6-network-templates/ui-settings.pickle +++ /dev/null @@ -1,729 +0,0 @@ -(dp0 -S'global_data' -p1 -(dp2 -S'control' -p3 -(dp4 -S'route' -p5 -V192.0.2.1 -p6 -sS'mask' -p7 -I24 -sS'ec2' -p8 -V192.0.2.1 -p9 -ssS'major' -p10 -I1 -sS'management' -p11 -(dp12 -S'start' -p13 -V172.20.0.10 -p14 -sS'cidr' -p15 -V172.20.0.0/24 -p16 -sS'vlan' -p17 -I6 -sS'end' -p18 -V172.20.0.250 -p19 -ssS'dns2' -p20 -V8.8.4.4 -p21 -sS'dns1' -p22 -V8.8.8.8 -p23 -sS'storage' -p24 -(dp25 -g13 -Vfd00:fd00:fd00:3000::10 -p26 -sg15 -Vfd00:fd00:fd00:3000::/64 -p27 -sg17 -I3 -sg18 -Vfd00:fd00:fd00:3000:ffff:ffff:ffff:fffe -p28 -ssS'auto_routes' -p29 -I00 -sS'bond_options' -p30 -V -p31 -sS'external' -p32 -(dp33 -S'bridge' -p34 -V'' -p35 -sg18 -V2001:db8:fd00:1000:ffff:ffff:ffff:fffe -p36 -sg17 -I1 -sg13 -V2001:db8:fd00:1000::10 -p37 -sg15 -V2001:db8:fd00:1000::/64 -p38 -sS'gateway' -p39 -V2001:db8:fd00:1000::1 -p40 -ssS'internal_api' -p41 -(dp42 -g13 -Vfd00:fd00:fd00:2000::10 -p43 -sg15 -Vfd00:fd00:fd00:2000::/64 -p44 -sg17 -I2 -sg18 -Vfd00:fd00:fd00:2000:ffff:ffff:ffff:fffe -p45 -ssS'ipv6' -p46 -I01 -sS'storage_mgmt' -p47 -(dp48 -g13 -Vfd00:fd00:fd00:4000::10 -p49 -sg15 -Vfd00:fd00:fd00:4000::/64 -p50 -sg17 -I4 -sg18 -Vfd00:fd00:fd00:4000:ffff:ffff:ffff:fffe -p51 -ssS'minor' -p52 -I2 -sS'tenant' -p53 -(dp54 -g13 -V172.16.0.10 -p55 -sg15 -V172.16.0.0/24 -p56 -sg17 -I5 -sg18 -V172.16.0.250 -p57 -sssS'data' -p58 -(dp59 -S'cinder-storage.yaml' -p60 -(lp61 -sS'ceph-storage.yaml' -p62 -(lp63 -(dp64 -Vaddresses -p65 -(lp66 -sVnetwork -p67 -VControlPlane -p68 -sVprimary -p69 -I01 -sVmtu -p70 -I1350 -sS'members' -p71 -(lp72 -(dp73 -Vip_netmask -p74 -V0.0.0.0/0 -p75 -sVname -p76 -VRoute -p77 -sVdefault -p78 -I01 -sVnext_hop -p79 -V{get_param: ControlPlaneDefaultRoute} -p80 -sg71 -(lp81 -sVtype -p82 -Vroute -p83 -sasVroutes -p84 -(lp85 -sVuse_dhcp -p86 -I00 -sVtype -p87 -Vinterface -p88 -sVname -p89 -Vnic1 -p90 -sa(dp91 -Vaddresses -p92 -(lp93 -sVnetwork -p94 -VStorage -p95 -sVprimary -p96 -I01 -sVmtu -p97 -I1350 -sg71 -(lp98 -sVroutes -p99 -(lp100 -sVuse_dhcp -p101 -I00 -sVtype -p102 -Vinterface -p103 -sVname -p104 -Vnic4 -p105 -sa(dp106 -Vaddresses -p107 -(lp108 -sVnetwork -p109 -VStorageMgmt -p110 -sVprimary -p111 -I01 -sVmtu -p112 -I1350 -sg71 -(lp113 -sVroutes -p114 -(lp115 -sVuse_dhcp -p116 -I00 -sVtype -p117 -Vinterface -p118 -sVname -p119 -Vnic5 -p120 -sasS'controller.yaml' -p121 -(lp122 -(dp123 -Vaddresses -p124 -(lp125 -sVnetwork -p126 -VControlPlane -p127 -sVprimary -p128 -I01 -sVmtu -p129 -I1350 -sg71 -(lp130 -(dp131 -Vip_netmask -p132 -V0.0.0.0/0 -p133 -sVname -p134 -VRoute -p135 -sVdefault -p136 -I01 -sVnext_hop -p137 -V{get_param: ControlPlaneDefaultRoute} -p138 -sg71 -(lp139 -sVtype -p140 -Vroute -p141 -sasVroutes -p142 -(lp143 -sVuse_dhcp -p144 -I00 -sVtype -p145 -Vinterface -p146 -sVname -p147 -Vnic1 -p148 -sa(dp149 -Vdns_servers -p150 -V{get_param: DnsServers} -p151 -sVaddresses -p152 -(lp153 -sVnetwork -p154 -VExternal -p155 -sVmtu -p156 -I-1 -sg71 -(lp157 -(dp158 -Vaddresses -p159 -(lp160 -sVnetwork -p161 -VNone -p162 -sVprimary -p163 -I01 -sVmtu -p164 -I1350 -sg71 -(lp165 -sVroutes -p166 -(lp167 -sVuse_dhcp -p168 -I00 -sVtype -p169 -Vinterface -p170 -sVname -p171 -Vnic2 -p172 -sa(dp173 -Vip_netmask -p174 -V0.0.0.0/0 -p175 -sVname -p176 -VRoute -p177 -sVdefault -p178 -I01 -sVnext_hop -p179 -V{get_param: ExternalInterfaceDefaultRoute} -p180 -sg71 -(lp181 -sVtype -p182 -Vroute -p183 -sasVroutes -p184 -(lp185 -sVuse_dhcp -p186 -I00 -sVtype -p187 -Vovs_bridge -p188 -sVname -p189 -Vbr-ex -p190 -sa(dp191 -Vaddresses -p192 -(lp193 -sVnetwork -p194 -VInternalApi -p195 -sVprimary -p196 -I01 -sVmtu -p197 -I1350 -sg71 -(lp198 -sVroutes -p199 -(lp200 -sVuse_dhcp -p201 -I00 -sVtype -p202 -Vinterface -p203 -sVname -p204 -Vnic3 -p205 -sa(dp206 -Vaddresses -p207 -(lp208 -sVnetwork -p209 -VStorage -p210 -sVprimary -p211 -I01 -sVmtu -p212 -I1350 -sg71 -(lp213 -sVroutes -p214 -(lp215 -sVuse_dhcp -p216 -I00 -sVtype -p217 -Vinterface -p218 -sVname -p219 -Vnic4 -p220 -sa(dp221 -Vaddresses -p222 -(lp223 -sVnetwork -p224 -VStorageMgmt -p225 -sVprimary -p226 -I01 -sVmtu -p227 -I1350 -sg71 -(lp228 -sVroutes -p229 -(lp230 -sVuse_dhcp -p231 -I00 -sVtype -p232 -Vinterface -p233 -sVname -p234 -Vnic5 -p235 -sa(dp236 -Vdns_servers -p237 -V{get_param: DnsServers} -p238 -sVaddresses -p239 -(lp240 -sVnetwork -p241 -VTenant -p242 -sVmtu -p243 -I-1 -sg71 -(lp244 -(dp245 -Vaddresses -p246 -(lp247 -sVnetwork -p248 -VNone -p249 -sVprimary -p250 -I01 -sVmtu -p251 -I1350 -sg71 -(lp252 -sVroutes -p253 -(lp254 -sVuse_dhcp -p255 -I00 -sVtype -p256 -Vinterface -p257 -sVname -p258 -Vnic6 -p259 -sasVroutes -p260 -(lp261 -sVuse_dhcp -p262 -I00 -sVtype -p263 -Vovs_bridge -p264 -sVname -p265 -Vbr-tenant -p266 -sasS'swift-storage.yaml' -p267 -(lp268 -sS'compute.yaml' -p269 -(lp270 -(dp271 -Vaddresses -p272 -(lp273 -sVnetwork -p274 -VControlPlane -p275 -sVprimary -p276 -I01 -sVmtu -p277 -I1350 -sg71 -(lp278 -(dp279 -Vip_netmask -p280 -V0.0.0.0/0 -p281 -sVname -p282 -VRoute -p283 -sVdefault -p284 -I01 -sVnext_hop -p285 -V{get_param: ControlPlaneDefaultRoute} -p286 -sg71 -(lp287 -sVtype -p288 -Vroute -p289 -sasVroutes -p290 -(lp291 -sVuse_dhcp -p292 -I00 -sVtype -p293 -Vinterface -p294 -sVname -p295 -Vnic1 -p296 -sa(dp297 -Vaddresses -p298 -(lp299 -sVnetwork -p300 -VInternalApi -p301 -sVprimary -p302 -I01 -sVmtu -p303 -I1350 -sg71 -(lp304 -sVroutes -p305 -(lp306 -sVuse_dhcp -p307 -I00 -sVtype -p308 -Vinterface -p309 -sVname -p310 -Vnic3 -p311 -sa(dp312 -Vaddresses -p313 -(lp314 -sVnetwork -p315 -VStorage -p316 -sVprimary -p317 -I01 -sVmtu -p318 -I1350 -sg71 -(lp319 -sVroutes -p320 -(lp321 -sVuse_dhcp -p322 -I00 -sVtype -p323 -Vinterface -p324 -sVname -p325 -Vnic4 -p326 -sa(dp327 -Vdns_servers -p328 -V{get_param: DnsServers} -p329 -sVaddresses -p330 -(lp331 -sVnetwork -p332 -VTenant -p333 -sVmtu -p334 -I-1 -sg71 -(lp335 -(dp336 -Vaddresses -p337 -(lp338 -sVnetwork -p339 -VNone -p340 -sVprimary -p341 -I01 -sVmtu -p342 -I1350 -sg71 -(lp343 -sVroutes -p344 -(lp345 -sVuse_dhcp -p346 -I00 -sVtype -p347 -Vinterface -p348 -sVname -p349 -Vnic6 -p350 -sasVroutes -p351 -(lp352 -sVuse_dhcp -p353 -I00 -sVtype -p354 -Vovs_bridge -p355 -sVname -p356 -Vbr-tenant -p357 -sass. \ No newline at end of file diff --git a/network-templates/DEPRECATED b/network-templates/DEPRECATED deleted file mode 100644 index f10f688..0000000 --- a/network-templates/DEPRECATED +++ /dev/null @@ -1,3 +0,0 @@ -WARNING: This directory is deprecated and may be removed in the future. -A duplicate copy of these network templates can be found in the -overcloud-templates directory in a sub-directory with the same name as this one. diff --git a/network-templates/README b/network-templates/README deleted file mode 100644 index 189bfb5..0000000 --- a/network-templates/README +++ /dev/null @@ -1,23 +0,0 @@ -Generated Network Isolation Templates -------------------------------------- -These templates were generated by the UI tool at -https://github.com/cybertron/tripleo-scripts#net-iso-genpy - -ui-settings.pickle is specific to the tool. TripleO will not use it when -doing deployments with these templates, but it is needed to be able to -load the templates into the UI again. Note that the UI only reads this file, -so any changes made by hand to the templates will not be reflected in the UI. - -The network-isolation.yaml file needs to reference the port files shipped with -tripleo-heat-templates, so by default the tool generates the paths assuming -network-isolation.yaml will be copied into the environments/ directory of -tripleo-heat-templates. - -If the standard tripleo-heat-templates are in use, then the -network-isolation-absolute.yaml file can be used instead. It has hard-coded -references to the port files in /usr/share/openstack-tripleo-heat-templates. - -If the generated network isolation templates are at ~/generated-templates, an -example deployment command would look like: - -openstack overcloud deploy --templates -e ~/generated-templates/network-isolation-absolute.yaml -e ~/generated-templates/network-environment.yaml diff --git a/network-templates/network-environment.yaml b/network-templates/network-environment.yaml deleted file mode 100644 index 05b0d1f..0000000 --- a/network-templates/network-environment.yaml +++ /dev/null @@ -1,25 +0,0 @@ - -resource_registry: - OS::TripleO::BlockStorage::Net::SoftwareConfig: nic-configs/cinder-storage.yaml - OS::TripleO::Compute::Net::SoftwareConfig: nic-configs/compute.yaml - OS::TripleO::Controller::Net::SoftwareConfig: nic-configs/controller.yaml - OS::TripleO::ObjectStorage::Net::SoftwareConfig: nic-configs/swift-storage.yaml - OS::TripleO::CephStorage::Net::SoftwareConfig: nic-configs/ceph-storage.yaml - -parameter_defaults: - ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 - ExternalNetCidr: 10.0.0.0/24 - ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] - ExternalInterfaceDefaultRoute: 10.0.0.1 - NeutronExternalNetworkBridge: "''" - InternalApiNetCidr: 172.17.0.0/24 - InternalApiAllocationPools: [{"start": "172.17.0.10", "end": "172.17.0.250"}] - StorageNetCidr: 172.18.0.0/24 - StorageAllocationPools: [{"start": "172.18.0.10", "end": "172.18.0.250"}] - StorageMgmtNetCidr: 172.19.0.0/24 - StorageMgmtAllocationPools: [{"start": "172.19.0.10", "end": "172.19.0.250"}] - TenantNetCidr: 172.16.0.0/24 - TenantAllocationPools: [{"start": "172.16.0.10", "end": "172.16.0.250"}] - DnsServers: ["8.8.8.8", "8.8.4.4"] diff --git a/network-templates/network-isolation-absolute.yaml b/network-templates/network-isolation-absolute.yaml deleted file mode 100644 index 7fede9d..0000000 --- a/network-templates/network-isolation-absolute.yaml +++ /dev/null @@ -1,28 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/vip.yaml - # External - OS::TripleO::Network::External: /usr/share/openstack-tripleo-heat-templates/network/external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml - OS::TripleO::Controller::Ports::ExternalPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml - # InternalApi - OS::TripleO::Network::InternalApi: /usr/share/openstack-tripleo-heat-templates/network/internal_api.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - OS::TripleO::Controller::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - OS::TripleO::Compute::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - # Storage - OS::TripleO::Network::Storage: /usr/share/openstack-tripleo-heat-templates/network/storage.yaml - OS::TripleO::Network::Ports::StorageVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::Controller::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::Compute::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::CephStorage::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: /usr/share/openstack-tripleo-heat-templates/network/storage_mgmt.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - # Tenant - OS::TripleO::Network::Tenant: /usr/share/openstack-tripleo-heat-templates/network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml diff --git a/network-templates/network-isolation.yaml b/network-templates/network-isolation.yaml deleted file mode 100644 index 2c18f2f..0000000 --- a/network-templates/network-isolation.yaml +++ /dev/null @@ -1,28 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml - # External - OS::TripleO::Network::External: ../network/external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml - OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml - # InternalApi - OS::TripleO::Network::InternalApi: ../network/internal_api.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml - OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml - OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml - # Storage - OS::TripleO::Network::Storage: ../network/storage.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml - OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml - OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml - OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - # Tenant - OS::TripleO::Network::Tenant: ../network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: ../network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml diff --git a/network-templates/nic-configs/ceph-storage.yaml b/network-templates/nic-configs/ceph-storage.yaml deleted file mode 100644 index a71f40a..0000000 --- a/network-templates/nic-configs/ceph-storage.yaml +++ /dev/null @@ -1,119 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/nic-configs/cinder-storage.yaml b/network-templates/nic-configs/cinder-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/network-templates/nic-configs/cinder-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/nic-configs/compute.yaml b/network-templates/nic-configs/compute.yaml deleted file mode 100644 index fa2d33f..0000000 --- a/network-templates/nic-configs/compute.yaml +++ /dev/null @@ -1,130 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - - type: interface - name: nic3 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic6 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/nic-configs/controller.yaml b/network-templates/nic-configs/controller.yaml deleted file mode 100644 index d56270d..0000000 --- a/network-templates/nic-configs/controller.yaml +++ /dev/null @@ -1,148 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: ovs_bridge - name: br-ex - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ExternalInterfaceDefaultRoute} - members: - - type: interface - name: nic2 - mtu: 1350 - primary: true - - type: interface - name: nic3 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic6 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/nic-configs/swift-storage.yaml b/network-templates/nic-configs/swift-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/network-templates/nic-configs/swift-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/ui-settings.pickle b/network-templates/ui-settings.pickle deleted file mode 100644 index 0b71d5c..0000000 --- a/network-templates/ui-settings.pickle +++ /dev/null @@ -1,641 +0,0 @@ -(dp0 -S'global_data' -p1 -(dp2 -S'control' -p3 -(dp4 -S'route' -p5 -V192.0.2.1 -p6 -sS'mask' -p7 -I24 -sS'ec2' -p8 -V192.0.2.1 -p9 -ssS'major' -p10 -I1 -sS'management' -p11 -(dp12 -S'start' -p13 -V172.20.0.10 -p14 -sS'cidr' -p15 -V172.20.0.0/24 -p16 -sS'vlan' -p17 -I6 -sS'end' -p18 -V172.20.0.250 -p19 -ssS'dns2' -p20 -V8.8.4.4 -p21 -sS'dns1' -p22 -V8.8.8.8 -p23 -sS'storage' -p24 -(dp25 -g13 -V172.18.0.10 -p26 -sg15 -V172.18.0.0/24 -p27 -sg17 -I3 -sg18 -V172.18.0.250 -p28 -ssS'auto_routes' -p29 -I01 -sS'bond_options' -p30 -V -p31 -sS'external' -p32 -(dp33 -S'bridge' -p34 -V'' -p35 -sg18 -V10.0.0.50 -p36 -sg17 -I1 -sg13 -V10.0.0.10 -p37 -sg15 -V10.0.0.0/24 -p38 -sS'gateway' -p39 -V10.0.0.1 -p40 -ssS'internal_api' -p41 -(dp42 -g13 -V172.17.0.10 -p43 -sg15 -V172.17.0.0/24 -p44 -sg17 -I2 -sg18 -V172.17.0.250 -p45 -ssS'ipv6' -p46 -I00 -sS'storage_mgmt' -p47 -(dp48 -g13 -V172.19.0.10 -p49 -sg15 -V172.19.0.0/24 -p50 -sg17 -I4 -sg18 -V172.19.0.250 -p51 -ssS'minor' -p52 -I2 -sS'tenant' -p53 -(dp54 -g13 -V172.16.0.10 -p55 -sg15 -V172.16.0.0/24 -p56 -sg17 -I5 -sg18 -V172.16.0.250 -p57 -sssS'data' -p58 -(dp59 -S'cinder-storage.yaml' -p60 -(lp61 -sS'ceph-storage.yaml' -p62 -(lp63 -(dp64 -Vaddresses -p65 -(lp66 -sVnetwork -p67 -VControlPlane -p68 -sVprimary -p69 -I01 -sVmtu -p70 -I1350 -sS'members' -p71 -(lp72 -sVroutes -p73 -(lp74 -sVuse_dhcp -p75 -I00 -sVtype -p76 -Vinterface -p77 -sVname -p78 -Vnic1 -p79 -sa(dp80 -Vaddresses -p81 -(lp82 -sVnetwork -p83 -VStorage -p84 -sVprimary -p85 -I01 -sVmtu -p86 -I1350 -sg71 -(lp87 -sVroutes -p88 -(lp89 -sVuse_dhcp -p90 -I00 -sVtype -p91 -Vinterface -p92 -sVname -p93 -Vnic4 -p94 -sa(dp95 -Vaddresses -p96 -(lp97 -sVnetwork -p98 -VStorageMgmt -p99 -sVprimary -p100 -I01 -sVmtu -p101 -I1350 -sg71 -(lp102 -sVroutes -p103 -(lp104 -sVuse_dhcp -p105 -I00 -sVtype -p106 -Vinterface -p107 -sVname -p108 -Vnic5 -p109 -sasS'controller.yaml' -p110 -(lp111 -(dp112 -Vaddresses -p113 -(lp114 -sVnetwork -p115 -VControlPlane -p116 -sVprimary -p117 -I01 -sVmtu -p118 -I1350 -sg71 -(lp119 -sVroutes -p120 -(lp121 -sVuse_dhcp -p122 -I00 -sVtype -p123 -Vinterface -p124 -sVname -p125 -Vnic1 -p126 -sa(dp127 -Vdns_servers -p128 -V{get_param: DnsServers} -p129 -sVaddresses -p130 -(lp131 -sVnetwork -p132 -VExternal -p133 -sVmtu -p134 -I-1 -sg71 -(lp135 -(dp136 -Vaddresses -p137 -(lp138 -sVnetwork -p139 -VNone -p140 -sVprimary -p141 -I01 -sVmtu -p142 -I1350 -sg71 -(lp143 -sVroutes -p144 -(lp145 -sVuse_dhcp -p146 -I00 -sVtype -p147 -Vinterface -p148 -sVname -p149 -Vnic2 -p150 -sasVroutes -p151 -(lp152 -sVuse_dhcp -p153 -I00 -sVtype -p154 -Vovs_bridge -p155 -sVname -p156 -Vbr-ex -p157 -sa(dp158 -Vaddresses -p159 -(lp160 -sVnetwork -p161 -VInternalApi -p162 -sVprimary -p163 -I01 -sVmtu -p164 -I1350 -sg71 -(lp165 -sVroutes -p166 -(lp167 -sVuse_dhcp -p168 -I00 -sVtype -p169 -Vinterface -p170 -sVname -p171 -Vnic3 -p172 -sa(dp173 -Vaddresses -p174 -(lp175 -sVnetwork -p176 -VStorage -p177 -sVprimary -p178 -I01 -sVmtu -p179 -I1350 -sg71 -(lp180 -sVroutes -p181 -(lp182 -sVuse_dhcp -p183 -I00 -sVtype -p184 -Vinterface -p185 -sVname -p186 -Vnic4 -p187 -sa(dp188 -Vaddresses -p189 -(lp190 -sVnetwork -p191 -VStorageMgmt -p192 -sVprimary -p193 -I01 -sVmtu -p194 -I1350 -sg71 -(lp195 -sVroutes -p196 -(lp197 -sVuse_dhcp -p198 -I00 -sVtype -p199 -Vinterface -p200 -sVname -p201 -Vnic5 -p202 -sa(dp203 -Vdns_servers -p204 -V{get_param: DnsServers} -p205 -sVaddresses -p206 -(lp207 -sVnetwork -p208 -VTenant -p209 -sVmtu -p210 -I-1 -sg71 -(lp211 -(dp212 -Vaddresses -p213 -(lp214 -sVnetwork -p215 -VNone -p216 -sVprimary -p217 -I01 -sVmtu -p218 -I1350 -sg71 -(lp219 -sVroutes -p220 -(lp221 -sVuse_dhcp -p222 -I00 -sVtype -p223 -Vinterface -p224 -sVname -p225 -Vnic6 -p226 -sasVroutes -p227 -(lp228 -sVuse_dhcp -p229 -I00 -sVtype -p230 -Vovs_bridge -p231 -sVname -p232 -Vbr-tenant -p233 -sasS'swift-storage.yaml' -p234 -(lp235 -sS'compute.yaml' -p236 -(lp237 -(dp238 -Vaddresses -p239 -(lp240 -sVnetwork -p241 -VControlPlane -p242 -sVprimary -p243 -I01 -sVmtu -p244 -I1350 -sg71 -(lp245 -sVroutes -p246 -(lp247 -sVuse_dhcp -p248 -I00 -sVtype -p249 -Vinterface -p250 -sVname -p251 -Vnic1 -p252 -sa(dp253 -Vaddresses -p254 -(lp255 -sVnetwork -p256 -VInternalApi -p257 -sVprimary -p258 -I01 -sVmtu -p259 -I1350 -sg71 -(lp260 -sVroutes -p261 -(lp262 -sVuse_dhcp -p263 -I00 -sVtype -p264 -Vinterface -p265 -sVname -p266 -Vnic3 -p267 -sa(dp268 -Vaddresses -p269 -(lp270 -sVnetwork -p271 -VStorage -p272 -sVprimary -p273 -I01 -sVmtu -p274 -I1350 -sg71 -(lp275 -sVroutes -p276 -(lp277 -sVuse_dhcp -p278 -I00 -sVtype -p279 -Vinterface -p280 -sVname -p281 -Vnic4 -p282 -sa(dp283 -Vdns_servers -p284 -V{get_param: DnsServers} -p285 -sVaddresses -p286 -(lp287 -sVnetwork -p288 -VTenant -p289 -sVmtu -p290 -I-1 -sg71 -(lp291 -(dp292 -Vaddresses -p293 -(lp294 -sVnetwork -p295 -VNone -p296 -sVprimary -p297 -I01 -sVmtu -p298 -I1350 -sg71 -(lp299 -sVroutes -p300 -(lp301 -sVuse_dhcp -p302 -I00 -sVtype -p303 -Vinterface -p304 -sVname -p305 -Vnic6 -p306 -sasVroutes -p307 -(lp308 -sVuse_dhcp -p309 -I00 -sVtype -p310 -Vovs_bridge -p311 -sVname -p312 -Vbr-tenant -p313 -sass. \ No newline at end of file diff --git a/openstack_virtual_baremetal/build_nodes_json.py b/openstack_virtual_baremetal/build_nodes_json.py index 4a23458..223798b 100755 --- a/openstack_virtual_baremetal/build_nodes_json.py +++ b/openstack_virtual_baremetal/build_nodes_json.py @@ -45,7 +45,7 @@ def _parse_args(): parser.add_argument('--provision_net', dest='provision_net', default='provision', - help='Provisioning network name') + help='DEPRECATED: This parameter is ignored.') parser.add_argument('--nodes_json', dest='nodes_json', default='nodes.json', @@ -71,31 +71,22 @@ def _parse_args(): return args -def _get_from_env(env, name): - try: - return env['parameters'][name] - except KeyError: - return env['parameter_defaults'][name] - - def _get_names(args): if args.env is None: bmc_base = args.bmc_prefix baremetal_base = args.baremetal_prefix - provision_net = args.provision_net # FIXME: This is not necessarily true. undercloud_name = 'undercloud' else: with open(args.env) as f: e = yaml.safe_load(f) - bmc_base = _get_from_env(e, 'bmc_prefix') - baremetal_base = _get_from_env(e, 'baremetal_prefix') - provision_net = _get_from_env(e, 'provision_net') + bmc_base = e['parameter_defaults']['bmc_prefix'] + baremetal_base = e['parameter_defaults']['baremetal_prefix'] role = e.get('parameter_defaults', {}).get('role') if role and baremetal_base.endswith('-' + role): baremetal_base = baremetal_base[:-len(role) - 1] undercloud_name = e.get('parameter_defaults', {}).get('undercloud_name') # noqa: E501 - return bmc_base, baremetal_base, provision_net, undercloud_name + return bmc_base, baremetal_base, undercloud_name def _get_clients(): @@ -116,10 +107,17 @@ def _get_ports(neutron, bmc_base, baremetal_base): raise RuntimeError('Found different numbers of baremetal and ' 'bmc ports. bmc: %s baremetal: %s' % (bmc_ports, bm_ports)) - return bmc_ports, bm_ports + provision_net_map = {} + for port in bm_ports: + provision_net_map.update({ + port.get('id'): + neutron.list_subnets( + id=port['fixed_ips'][0]['subnet_id'])['subnets'][0].get( + 'name')}) + return bmc_ports, bm_ports, provision_net_map -def _build_nodes(nova, glance, bmc_ports, bm_ports, provision_net, +def _build_nodes(nova, glance, bmc_ports, bm_ports, provision_net_map, baremetal_base, undercloud_name, driver, physical_network): node_template = { 'pm_type': driver, @@ -136,9 +134,6 @@ def _build_nodes(nova, glance, bmc_ports, bm_ports, provision_net, } if physical_network: node_template.pop('mac') - node_template.update( - {'ports': [{'address': '', 'physical_network': provision_net}]}) - nodes = [] bmc_bm_pairs = [] cache = {} @@ -151,9 +146,11 @@ def _build_nodes(nova, glance, bmc_ports, bm_ports, provision_net, node = dict(node_template) node['pm_addr'] = bmc_port['fixed_ips'][0]['ip_address'] bmc_bm_pairs.append((node['pm_addr'], baremetal.name)) + provision_net = provision_net_map.get(baremetal_port['id']) mac = baremetal.addresses[provision_net][0]['OS-EXT-IPS-MAC:mac_addr'] if physical_network: - node['ports'][0]['address'] = mac + node.update({'ports': [{'address': mac, + 'physical_network': provision_net}]}) else: node['mac'] = [mac] if not cache.get(baremetal.flavor['id']): @@ -282,14 +279,15 @@ def _write_pairs(bmc_bm_pairs): def main(): args = _parse_args() - bmc_base, baremetal_base, provision_net, undercloud_name = _get_names(args) + bmc_base, baremetal_base, undercloud_name = _get_names(args) nova, neutron, glance = _get_clients() - bmc_ports, bm_ports = _get_ports(neutron, bmc_base, baremetal_base) + bmc_ports, bm_ports, provision_net_map = _get_ports(neutron, bmc_base, + baremetal_base) (nodes, bmc_bm_pairs, extra_nodes, network_details) = _build_nodes(nova, glance, bmc_ports, bm_ports, - provision_net, baremetal_base, + provision_net_map, baremetal_base, undercloud_name, args.driver, args.physical_network) _write_nodes(nodes, extra_nodes, network_details, args) diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index 295390f..ea8912d 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -101,27 +101,18 @@ def _process_args(args): def _add_identifier(env_data, name, identifier, default=None): - # We require both sections for id environments - if not env_data.get('parameters'): - env_data['parameters'] = {} - if not env_data.get('parameter_defaults'): - env_data['parameter_defaults'] = {} - parameter = False - try: - original = env_data['parameters'][name] - parameter = True - except KeyError: - original = env_data['parameter_defaults'].get(name) - if original is None: - original = default - if original is None: + """Append identifier to the end of parameter name in env_data + + Look for ``name`` in the ``parameter_defaults`` key of ``env_data`` and + append '-``identifier``' to it. + """ + value = env_data['parameter_defaults'].get(name) + if value is None: + value = default + if value is None: raise RuntimeError('No base value found when adding id') - value = '%s-%s' % (original, identifier) - # If it was passed in as a parameter we need to set it in the parameters - # section or it will be overridden by the original value. We can't always - # do that though because some parameters are not exposed at the top-level. - if parameter: - env_data['parameters'][name] = value + if identifier: + value = '%s-%s' % (value, identifier) env_data['parameter_defaults'][name] = value @@ -142,6 +133,8 @@ def _build_env_data(env_paths): def _generate_id_env(args): env_data = _build_env_data(args.env) _add_identifier(env_data, 'provision_net', args.id, default='provision') + _add_identifier(env_data, 'provision_net2', args.id, default='provision2') + _add_identifier(env_data, 'provision_net3', args.id, default='provision3') _add_identifier(env_data, 'public_net', args.id, default='public') _add_identifier(env_data, 'baremetal_prefix', @@ -163,6 +156,16 @@ def _generate_id_env(args): default='storage_mgmt') _add_identifier(env_data, 'overcloud_tenant_net', args.id, default='tenant') + # TODO(bnemec): Network names should be parameterized so we don't have to + # hardcode them into deploy.py like this. + _add_identifier(env_data, 'overcloud_internal_net2', args.id, + default='overcloud_internal2') + _add_identifier(env_data, 'overcloud_storage_net2', args.id, + default='overcloud_storage2') + _add_identifier(env_data, 'overcloud_storage_mgmt_net2', args.id, + default='overcloud_storage_mgmt2') + _add_identifier(env_data, 'overcloud_tenant_net2', args.id, + default='overcloud_tenant2') # We don't modify any resource_registry entries, and because we may be # writing the new env file to a different path it can break relative paths # in the resource_registry. @@ -182,14 +185,19 @@ def _validate_env(args, env_paths): if not args.id: env_data = _build_env_data(env_paths) role = env_data.get('parameter_defaults', {}).get('role') - try: - prefix = env_data['parameters']['baremetal_prefix'] - except KeyError: - prefix = env_data['parameter_defaults']['baremetal_prefix'] + prefix = env_data['parameter_defaults']['baremetal_prefix'] if role and prefix.endswith('-' + role): raise RuntimeError('baremetal_prefix ends with role name. This ' 'will break build-nodes-json. Please choose ' 'a different baremetal_prefix or role name.') + for path in env_paths: + if 'port-security.yaml' in path: + print('WARNING: port-security environment file detected. ' + 'port-security is now the default. The existing ' + 'port-security environment files are deprecated and may be ' + 'removed in the future. Please use the environment files ' + 'without "port-security" in their filename instead.' + ) def _get_heat_client(): @@ -284,17 +292,24 @@ def _process_role(role_file, base_envs, stack_name, args): 'overcloud_storage_net', 'overcloud_tenant_net', ] # Parameters that are inherited but can be overridden by the role - allowed_parameter_keys = ['baremetal_image', 'bmc_flavor', 'key_name'] - allowed_registry_keys = ['OS::OVB::BaremetalPorts', 'OS::OVB::BMCPort'] + allowed_parameter_keys = ['baremetal_image', 'bmc_flavor', 'key_name', + 'provision_net', 'overcloud_internal_net', + 'overcloud_storage_net', + 'overcloud_storage_mgmt_net', + 'overcloud_tenant_net', + ] + allowed_registry_keys = ['OS::OVB::BaremetalPorts', 'OS::OVB::BMCPort', + 'OS::OVB::UndercloudNetworks', + ] + # NOTE(bnemec): Not sure what purpose this serves. Can probably be removed. role_env = role_data # resource_registry is intentionally omitted as it should not be inherited - for section in ['parameters', 'parameter_defaults']: - role_env.setdefault(section, {}).update({ - k: v for k, v in base_data.get(section, {}).items() - if k in inherited_keys and - (k not in role_env.get(section, {}) or - k not in allowed_parameter_keys) - }) + role_env.setdefault('parameter_defaults', {}).update({ + k: v for k, v in base_data.get('parameter_defaults', {}).items() + if k in inherited_keys and + (k not in role_env.get('parameter_defaults', {}) or + k not in allowed_parameter_keys) + }) # Most of the resource_registry should not be included in role envs. # Only allow specific entries that may be needed. role_env.setdefault('resource_registry', {}) @@ -307,22 +322,44 @@ def _process_role(role_file, base_envs, stack_name, args): if k not in role_reg and k in base_reg: role_reg[k] = base_reg[k] # We need to start with the unmodified prefix - try: - base_prefix = orig_data['parameters']['baremetal_prefix'] - except KeyError: - base_prefix = orig_data['parameter_defaults']['baremetal_prefix'] + base_prefix = orig_data['parameter_defaults']['baremetal_prefix'] # But we do need to add the id if one is in use if args.id: base_prefix += '-%s' % args.id - try: - bmc_prefix = base_data['parameters']['bmc_prefix'] - except KeyError: - bmc_prefix = base_data['parameter_defaults']['bmc_prefix'] + bmc_prefix = base_data['parameter_defaults']['bmc_prefix'] role = role_data['parameter_defaults']['role'] if '_' in role: raise RuntimeError('_ character not allowed in role name "%s".' % role) - role_env['parameters']['baremetal_prefix'] = '%s-%s' % (base_prefix, role) - role_env['parameters']['bmc_prefix'] = '%s-%s' % (bmc_prefix, role) + role_env['parameter_defaults']['baremetal_prefix'] = ('%s-%s' % + (base_prefix, role)) + role_env['parameter_defaults']['bmc_prefix'] = '%s-%s' % (bmc_prefix, role) + # At this time roles are only attached to a single set of networks, so + # we use just the primary network parameters. + + def maybe_add_id(role_env, name, args): + """Add id only if one is not already present + + When we inherit network names, they will already have the id present. + However, if the user overrides the network name (for example, when + using multiple routed networks) then it should not have the id. + We can detect which is the case by looking at whether the name already + ends with -id. + """ + if (args.id and + not role_env['parameter_defaults'].get(name, '') + .endswith('-' + args.id)): + _add_identifier(role_env, name, args.id) + + maybe_add_id(role_env, 'provision_net', args) + maybe_add_id(role_env, 'overcloud_internal_net', args) + maybe_add_id(role_env, 'overcloud_storage_net', args) + maybe_add_id(role_env, 'overcloud_storage_mgmt_net', args) + maybe_add_id(role_env, 'overcloud_tenant_net', args) + role_env['parameter_defaults']['networks'] = { + 'private': role_env['parameter_defaults']['private_net'], + 'provision': role_env['parameter_defaults']['provision_net'], + 'public': role_env['parameter_defaults']['public_net'], + } role_file = 'env-%s-%s.yaml' % (stack_name, role) _write_role_file(role_env, role_file) return role_file, role diff --git a/openstack_virtual_baremetal/openstackbmc.py b/openstack_virtual_baremetal/openstackbmc.py index 1cbe0e8..c8881d7 100755 --- a/openstack_virtual_baremetal/openstackbmc.py +++ b/openstack_virtual_baremetal/openstackbmc.py @@ -28,63 +28,19 @@ import os import sys import time -import novaclient as nc -from novaclient import client as novaclient from novaclient import exceptions -try: - import os_client_config -except ImportError: - os_client_config = None +import os_client_config import pyghmi.ipmi.bmc as bmc -NO_OCC_DEPRECATION = ('WARNING: Creating novaclient without os-client-config ' - 'is deprecated. Please install os-client-config on the ' - 'BMC image.') - - class OpenStackBmc(bmc.Bmc): - def __init__(self, authdata, port, address, instance, user, password, - tenant, auth_url, project, user_domain, project_domain, - cache_status, os_cloud): + def __init__(self, authdata, port, address, instance, cache_status, + os_cloud): super(OpenStackBmc, self).__init__(authdata, port=port, address=address) - if os_client_config: - if user: - # NOTE(bnemec): This is deprecated. clouds.yaml is a much - # more robust way to specify auth details. - kwargs = dict(os_username=user, - os_password=password, - os_project_name=tenant, - os_auth_url=auth_url, - os_user_domain=user_domain, - os_project_domain=project_domain) - self.novaclient = os_client_config.make_client('compute', - **kwargs) - else: - self.novaclient = os_client_config.make_client('compute', - cloud=os_cloud) - else: - # NOTE(bnemec): This path was deprecated 2017-7-17 - self.log(NO_OCC_DEPRECATION) - if '/v3' not in auth_url: - # novaclient 7+ is backwards-incompatible :-( - if int(nc.__version__[0]) <= 6: - self.novaclient = novaclient.Client(2, user, password, - tenant, auth_url) - else: - self.novaclient = novaclient.Client(2, user, password, - auth_url=auth_url, - project_name=tenant) - else: - self.novaclient = novaclient.Client( - 2, user, password, - auth_url=auth_url, - project_name=project, - user_domain_name=user_domain, - project_domain_name=project_domain - ) + self.novaclient = os_client_config.make_client('compute', + cloud=os_cloud) self.instance = None self.cache_status = cache_status self.cached_status = None @@ -234,55 +190,6 @@ def main(): required=True, help='The uuid or name of the OpenStack instance ' 'to manage') - parser.add_argument('--os-user', - dest='user', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The user for connecting to OpenStack') - parser.add_argument('--os-password', - dest='password', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The password for connecting to OpenStack') - parser.add_argument('--os-tenant', - dest='tenant', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The tenant for connecting to OpenStack') - parser.add_argument('--os-auth-url', - dest='auth_url', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The OpenStack Keystone auth url') - parser.add_argument('--os-project', - dest='project', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The project for connecting to OpenStack') - parser.add_argument('--os-user-domain', - dest='user_domain', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The user domain for connecting to OpenStack') - parser.add_argument('--os-project-domain', - dest='project_domain', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The project domain for connecting to OpenStack') parser.add_argument('--cache-status', dest='cache_status', default=False, @@ -293,7 +200,6 @@ def main(): 'it may become out of sync.') parser.add_argument('--os-cloud', dest='os_cloud', - required=False, default=os.environ.get('OS_CLOUD'), help='Use the specified cloud from clouds.yaml. ' 'Defaults to the OS_CLOUD environment variable.') @@ -306,13 +212,6 @@ def main(): mybmc = OpenStackBmc({'admin': 'password'}, port=args.port, address=addr_format % args.address, instance=args.instance, - user=args.user, - password=args.password, - tenant=args.tenant, - auth_url=args.auth_url, - project=args.project, - user_domain=args.user_domain, - project_domain=args.project_domain, cache_status=args.cache_status, os_cloud=args.os_cloud) mybmc.listen() diff --git a/openstack_virtual_baremetal/tests/test_build_nodes_json.py b/openstack_virtual_baremetal/tests/test_build_nodes_json.py index a2d1efe..7bf636a 100644 --- a/openstack_virtual_baremetal/tests/test_build_nodes_json.py +++ b/openstack_virtual_baremetal/tests/test_build_nodes_json.py @@ -70,13 +70,11 @@ class TestBuildNodesJson(testtools.TestCase): args.env = None args.bmc_prefix = 'bmc-foo' args.baremetal_prefix = 'baremetal-foo' - args.provision_net = 'provision-foo' args.add_undercloud = False - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertEqual('undercloud', undercloud_name) def test_get_names_no_env_w_undercloud(self): @@ -84,37 +82,13 @@ class TestBuildNodesJson(testtools.TestCase): args.env = None args.bmc_prefix = 'bmc-foo' args.baremetal_prefix = 'baremetal-foo' - args.provision_net = 'provision-foo' args.add_undercloud = True - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertEqual('undercloud', undercloud_name) - @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', - create=True) - @mock.patch('yaml.safe_load') - def test_get_names_old_env(self, mock_load, mock_open): - args = mock.Mock() - args.env = 'foo.yaml' - args.add_undercloud = False - mock_env = { - 'parameters': { - 'bmc_prefix': 'bmc-foo', - 'baremetal_prefix': 'baremetal-foo', - 'provision_net': 'provision-foo' - }, - } - mock_load.return_value = mock_env - bmc_base, baremetal_base, provision_net, undercloud_name = ( - build_nodes_json._get_names(args)) - self.assertEqual('bmc-foo', bmc_base) - self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) - self.assertIsNone(undercloud_name) - @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', create=True) @mock.patch('yaml.safe_load') @@ -126,15 +100,13 @@ class TestBuildNodesJson(testtools.TestCase): 'parameter_defaults': { 'bmc_prefix': 'bmc-foo', 'baremetal_prefix': 'baremetal-foo', - 'provision_net': 'provision-foo' }, } mock_load.return_value = mock_env - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertIsNone(undercloud_name) @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', @@ -148,16 +120,14 @@ class TestBuildNodesJson(testtools.TestCase): 'parameter_defaults': { 'bmc_prefix': 'bmc', 'baremetal_prefix': 'baremetal', - 'provision_net': 'provision', 'role': 'foo', }, } mock_load.return_value = mock_env - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc', bmc_base) self.assertEqual('baremetal', baremetal_base) - self.assertEqual('provision', provision_net) self.assertIsNone(undercloud_name) @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', @@ -171,16 +141,14 @@ class TestBuildNodesJson(testtools.TestCase): 'parameter_defaults': { 'bmc_prefix': 'bmc-foo', 'baremetal_prefix': 'baremetal-foo-bar', - 'provision_net': 'provision-foo', 'role': 'bar', }, } mock_load.return_value = mock_env - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertIsNone(undercloud_name) @mock.patch('os_client_config.make_client') @@ -203,21 +171,42 @@ class TestBuildNodesJson(testtools.TestCase): def test_get_ports(self): neutron = mock.Mock() + fake_fixed_ips = [{'subnet_id': 'provision_id'}] fake_ports = { 'ports': [ - {'name': 'random'}, - {'name': 'bmc_1'}, - {'name': 'bmc_0'}, - {'name': 'baremetal_1'}, - {'name': 'baremetal_0'}, + {'name': 'random', + 'id': 'random_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'bmc_1', + 'id': 'bmc_1_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'bmc_0', + 'id': 'bmc_0_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'baremetal_1', + 'id': 'baremetal_1_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'baremetal_0', + 'id': 'baremetal_0_id', + 'fixed_ips': fake_fixed_ips}, + ] + } + fake_subnets = { + 'subnets': [ + {'name': 'provision', + 'id': 'provision_id'} ] } neutron.list_ports.return_value = fake_ports - bmc_ports, bm_ports = build_nodes_json._get_ports(neutron, 'bmc', - 'baremetal') - self.assertEqual([{'name': 'bmc_0'}, {'name': 'bmc_1'}], bmc_ports) - self.assertEqual([{'name': 'baremetal_0'}, {'name': 'baremetal_1'}], + neutron.list_subnets.return_value = fake_subnets + bmc_ports, bm_ports, provision_net_map = build_nodes_json._get_ports( + neutron, 'bmc', 'baremetal') + self.assertEqual([fake_ports['ports'][2], fake_ports['ports'][1]], + bmc_ports) + self.assertEqual([fake_ports['ports'][4], fake_ports['ports'][3]], bm_ports) + self.assertEqual({'baremetal_0_id': 'provision', + 'baremetal_1_id': 'provision'}, provision_net_map) def test_get_ports_mismatch(self): neutron = mock.Mock() @@ -228,20 +217,38 @@ class TestBuildNodesJson(testtools.TestCase): def test_get_ports_multiple(self): neutron = mock.Mock() + fake_fixed_ips = [{'subnet_id': 'provision_id'}] fake_ports = { 'ports': [ - {'name': 'random'}, - {'name': 'bmc-foo_0'}, - {'name': 'bmc-bar_0'}, - {'name': 'baremetal-foo_0'}, - {'name': 'baremetal-bar_0'}, + {'name': 'random', + 'id': 'random_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'bmc-foo_0', + 'id': 'bmc_foo_0_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'bmc-bar_0', + 'id': 'bmc_bar_0_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'baremetal-foo_0', + 'id': 'baremetal_foo_0_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'baremetal-bar_0', + 'id': 'baremetal_bar_0_id', + 'fixed_ips': fake_fixed_ips}, + ] + } + fake_subnets = { + 'subnets': [ + {'name': 'provision', + 'id': 'provision_id'} ] } neutron.list_ports.return_value = fake_ports - bmc_ports, bm_ports = build_nodes_json._get_ports(neutron, 'bmc-foo', - 'baremetal-foo') - self.assertEqual([{'name': 'bmc-foo_0'}], bmc_ports) - self.assertEqual([{'name': 'baremetal-foo_0'}], bm_ports) + neutron.list_subnets.return_value = fake_subnets + bmc_ports, bm_ports, provision_net_map = build_nodes_json._get_ports( + neutron, 'bmc-foo', 'baremetal-foo') + self.assertEqual([fake_ports['ports'][1]], bmc_ports) + self.assertEqual([fake_ports['ports'][3]], bm_ports) def _fake_port(self, device_id, ip, mac): return {'device_id': device_id, @@ -275,7 +282,11 @@ class TestBuildNodesJson(testtools.TestCase): bmc_ports = [{'fixed_ips': [{'ip_address': '1.1.1.1'}]}, {'fixed_ips': [{'ip_address': '1.1.1.2'}]} ] - bm_ports = [{'device_id': '1'}, {'device_id': '2'}] + bm_ports = [{'device_id': '1', 'id': 'port_id_server1'}, + {'device_id': '2', 'id': 'port_id_server2'}] + provision_net_map = {'port_id_server1': 'provision', + 'port_id_server2': 'provision', + 'port_id_server3': 'provision', } physical_network = False nova = mock.Mock() servers = [mock.Mock(), mock.Mock(), mock.Mock()] @@ -304,8 +315,8 @@ class TestBuildNodesJson(testtools.TestCase): bmc_bm_pairs, extra_nodes, network_details) = build_nodes_json._build_nodes( - nova, glance, bmc_ports, bm_ports, 'provision', 'bm', 'undercloud', - 'pxe_ipmitool', physical_network) + nova, glance, bmc_ports, bm_ports, provision_net_map, 'bm', + 'undercloud', 'pxe_ipmitool', physical_network) expected_nodes = copy.deepcopy(TEST_NODES) expected_nodes[1]['disk'] = 100 self.assertEqual(expected_nodes, nodes) @@ -323,7 +334,11 @@ class TestBuildNodesJson(testtools.TestCase): bmc_ports = [{'fixed_ips': [{'ip_address': '1.1.1.1'}]}, {'fixed_ips': [{'ip_address': '1.1.1.2'}]} ] - bm_ports = [{'device_id': '1'}, {'device_id': '2'}] + bm_ports = [{'device_id': '1', 'id': 'port_id_server1'}, + {'device_id': '2', 'id': 'port_id_server2'}] + provision_net_map = {'port_id_server1': 'provision', + 'port_id_server2': 'provision', + 'port_id_server3': 'provision', } physical_network = False nova = mock.Mock() servers = [mock.Mock(), mock.Mock(), mock.Mock()] @@ -352,8 +367,8 @@ class TestBuildNodesJson(testtools.TestCase): bmc_bm_pairs, extra_nodes, network_details) = build_nodes_json._build_nodes( - nova, glance, bmc_ports, bm_ports, 'provision', 'bm', 'undercloud', - 'ipmi', physical_network) + nova, glance, bmc_ports, bm_ports, provision_net_map, 'bm', + 'undercloud', 'ipmi', physical_network) expected_nodes = copy.deepcopy(TEST_NODES) expected_nodes[1]['disk'] = 100 for node in expected_nodes: @@ -372,7 +387,11 @@ class TestBuildNodesJson(testtools.TestCase): bmc_ports = [{'fixed_ips': [{'ip_address': '1.1.1.1'}]}, {'fixed_ips': [{'ip_address': '1.1.1.2'}]} ] - bm_ports = [{'device_id': '1'}, {'device_id': '2'}] + bm_ports = [{'device_id': '1', 'id': 'port_id_server1'}, + {'device_id': '2', 'id': 'port_id_server2'}] + provision_net_map = {'port_id_server1': 'provision', + 'port_id_server2': 'provision', + 'port_id_server3': 'provision', } physical_network = False nova = mock.Mock() servers = [mock.Mock(), mock.Mock(), mock.Mock()] @@ -388,8 +407,8 @@ class TestBuildNodesJson(testtools.TestCase): glance.images.get.return_value = mock_image_get nodes, bmc_bm_pairs, extra_nodes, _ = build_nodes_json._build_nodes( - nova, glance, bmc_ports, bm_ports, 'provision', 'bm-foo', None, - 'pxe_ipmitool', physical_network) + nova, glance, bmc_ports, bm_ports, provision_net_map, 'bm-foo', + None, 'pxe_ipmitool', physical_network) expected_nodes = copy.deepcopy(TEST_NODES) expected_nodes[0]['name'] = 'bm-foo-control-0' expected_nodes[0]['capabilities'] = ('boot_option:local,' @@ -495,9 +514,9 @@ class TestBuildNodesJson(testtools.TestCase): mock_parse_args.return_value = args bmc_base = mock.Mock() baremetal_base = mock.Mock() - provision_net = mock.Mock() + provision_net_map = mock.Mock() undercloud_name = 'undercloud' - mock_get_names.return_value = (bmc_base, baremetal_base, provision_net, + mock_get_names.return_value = (bmc_base, baremetal_base, undercloud_name) nova = mock.Mock() neutron = mock.Mock() @@ -505,7 +524,7 @@ class TestBuildNodesJson(testtools.TestCase): mock_get_clients.return_value = (nova, neutron, glance) bmc_ports = mock.Mock() bm_ports = mock.Mock() - mock_get_ports.return_value = (bmc_ports, bm_ports) + mock_get_ports.return_value = (bmc_ports, bm_ports, provision_net_map) nodes = mock.Mock() pairs = mock.Mock() extra_nodes = mock.Mock() @@ -521,7 +540,7 @@ class TestBuildNodesJson(testtools.TestCase): mock_get_ports.assert_called_once_with(neutron, bmc_base, baremetal_base) mock_build_nodes.assert_called_once_with(nova, glance, bmc_ports, - bm_ports, provision_net, + bm_ports, provision_net_map, baremetal_base, undercloud_name, args.driver, diff --git a/openstack_virtual_baremetal/tests/test_deploy.py b/openstack_virtual_baremetal/tests/test_deploy.py index 07fb293..5695175 100755 --- a/openstack_virtual_baremetal/tests/test_deploy.py +++ b/openstack_virtual_baremetal/tests/test_deploy.py @@ -89,14 +89,13 @@ class TestProcessArgs(unittest.TestCase): self.assertRaises(ValueError, deploy._process_args, mock_args) -test_env = u"""parameters: +test_env = u"""parameter_defaults: provision_net: provision public_net: public baremetal_prefix: baremetal bmc_prefix: bmc """ -test_env_param_defaults = u""" -parameter_defaults: +test_env_extra = u""" overcloud_internal_net: internalapi role: '' """ @@ -115,21 +114,13 @@ test_env_output = { class TestIdEnv(unittest.TestCase): def test_add_identifier(self): - env_data = {'parameters': {'foo': 'bar'}} - deploy._add_identifier(env_data, 'foo', 'baz') - self.assertEqual('bar-baz', env_data['parameters']['foo']) - self.assertEqual('bar-baz', env_data['parameter_defaults']['foo']) - - def test_add_identifier_defaults(self): env_data = {'parameter_defaults': {'foo': 'bar'}} deploy._add_identifier(env_data, 'foo', 'baz') - self.assertNotIn('foo', env_data['parameters']) self.assertEqual('bar-baz', env_data['parameter_defaults']['foo']) def test_add_identifier_different_section(self): env_data = {'parameter_defaults': {'foo': 'bar'}} deploy._add_identifier(env_data, 'foo', 'baz') - self.assertNotIn('foo', env_data['parameters']) self.assertEqual('bar-baz', env_data['parameter_defaults']['foo']) @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') @@ -138,14 +129,11 @@ class TestIdEnv(unittest.TestCase): mock_args = mock.Mock() mock_args.id = 'foo' mock_args.env = ['foo.yaml'] - env = test_env + 'parameter_defaults:' - mock_bed.return_value = yaml.safe_load(env) + mock_bed.return_value = yaml.safe_load(test_env) path = deploy._generate_id_env(mock_args) self.assertEqual(['foo.yaml', 'env-foo.yaml'], path) dumped_dict = mock_safe_dump.call_args_list[0][0][0] for k, v in test_env_output.items(): - if k in mock_bed.return_value['parameters']: - self.assertEqual(v, dumped_dict['parameters'][k]) self.assertEqual(v, dumped_dict['parameter_defaults'][k]) @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') @@ -154,7 +142,7 @@ class TestIdEnv(unittest.TestCase): mock_args = mock.Mock() mock_args.id = 'foo' mock_args.env = ['foo.yaml'] - env = (test_env + test_env_param_defaults + + env = (test_env + test_env_extra + ' undercloud_name: test-undercloud\n') mock_bed.return_value = yaml.safe_load(env) env_output = dict(test_env_output) @@ -164,8 +152,6 @@ class TestIdEnv(unittest.TestCase): self.assertEqual(['foo.yaml', 'env-foo.yaml'], path) dumped_dict = mock_safe_dump.call_args_list[0][0][0] for k, v in env_output.items(): - if k in mock_bed.return_value['parameters']: - self.assertEqual(v, dumped_dict['parameters'][k]) self.assertEqual(v, dumped_dict['parameter_defaults'][k]) @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') @@ -174,7 +160,7 @@ class TestIdEnv(unittest.TestCase): mock_args = mock.Mock() mock_args.id = 'foo' mock_args.env = ['foo.yaml'] - env = (test_env + test_env_param_defaults) + env = (test_env + test_env_extra) mock_bed.return_value = yaml.safe_load(env) mock_bed.return_value['parameter_defaults']['role'] = 'compute' env_output = dict(test_env_output) @@ -184,8 +170,6 @@ class TestIdEnv(unittest.TestCase): self.assertEqual(['foo.yaml', 'env-foo.yaml'], path) dumped_dict = mock_safe_dump.call_args_list[0][0][0] for k, v in env_output.items(): - if k in mock_bed.return_value['parameters']: - self.assertEqual(v, dumped_dict['parameters'][k]) self.assertEqual(v, dumped_dict['parameter_defaults'][k]) @@ -195,25 +179,23 @@ role_base_data = { 'overcloud_storage_mgmt_net': 'storage_mgmt-foo', 'overcloud_internal_net': 'internal-foo', 'overcloud_storage_net': 'storage-foo', + 'overcloud_tenant_net': 'tenant-foo', + 'provision_net': 'provision-foo', + 'public_net': 'public-foo', + 'private_net': 'private', 'role': 'control', - 'overcloud_tenant_net': 'tenant-foo' - }, - 'parameters': { 'os_user': 'admin', 'key_name': 'default', 'undercloud_name': 'undercloud-foo', 'bmc_image': 'bmc-base', 'baremetal_flavor': 'baremetal', 'os_auth_url': 'http://1.1.1.1:5000/v2.0', - 'provision_net': 'provision-foo', 'os_password': 'password', 'os_tenant': 'admin', 'bmc_prefix': 'bmc-foo', - 'public_net': 'public-foo', 'undercloud_image': 'centos7-base', 'baremetal_image': 'ipxe-boot', 'external_net': 'external', - 'private_net': 'private', 'baremetal_prefix': 'baremetal-foo-control', 'undercloud_flavor': 'undercloud-16', 'node_count': 3, @@ -223,16 +205,15 @@ role_base_data = { 'OS::OVB::BaremetalNetworks': 'templates/baremetal-networks-all.yaml', 'OS::OVB::BaremetalPorts': 'templates/baremetal-ports-public-bond.yaml', - 'OS::OVB::BMCPort': 'templates/bmc-port-port-security.yaml' + 'OS::OVB::BMCPort': 'templates/bmc-port.yaml' } } role_specific_data = { 'parameter_defaults': { 'role': 'compute', - }, - 'parameters': { 'key_name': 'default', 'baremetal_flavor': 'baremetal', + 'baremetal_image': 'centos', 'bmc_image': 'bmc-base', 'bmc_prefix': 'bmc', 'node_count': 2, @@ -247,23 +228,21 @@ role_original_data = { 'parameter_defaults': { 'role': 'control', 'baremetal_prefix': 'baremetal', - }, - 'parameters': { + 'public_net': 'public', + 'private_net': 'private', + 'provision_net': 'provision', 'os_user': 'admin', 'key_name': 'default', 'undercloud_name': 'undercloud', 'baremetal_flavor': 'baremetal', 'os_auth_url': 'http://1.1.1.1:5000/v2.0', - 'provision_net': 'provision', 'bmc_image': 'bmc-base', 'os_tenant': 'admin', 'bmc_prefix': 'bmc', - 'public_net': 'public', 'undercloud_image': 'centos7-base', 'baremetal_image': 'ipxe-boot', 'external_net': 'external', 'os_password': 'password', - 'private_net': 'private', 'undercloud_flavor': 'undercloud-16', 'node_count': 3, 'bmc_flavor': 'bmc' @@ -272,7 +251,7 @@ role_original_data = { 'OS::OVB::BaremetalNetworks': 'templates/baremetal-networks-all.yaml', 'OS::OVB::BaremetalPorts': 'templates/baremetal-ports-public-bond.yaml', - 'OS::OVB::BMCPort': 'templates/bmc-port-port-security.yaml' + 'OS::OVB::BMCPort': 'templates/bmc-port.yaml' } } # end _process_role test data @@ -288,8 +267,8 @@ class TestDeploy(testtools.TestCase): template_files, template ) env_files = {'templates/resource_registry.yaml': {'bar': 'baz'}, - 'env.yaml': {'parameters': {}}} - env = {'parameters': {}} + 'env.yaml': {'parameter_defaults': {}}} + env = {'parameter_defaults': {}} mock_tu.process_multiple_environments_and_files.return_value = ( env_files, env ) @@ -393,13 +372,23 @@ class TestDeploy(testtools.TestCase): output = mock_write.call_args[0][0] # These values are computed in _process_role self.assertEqual('baremetal-foo-compute', - output['parameters']['baremetal_prefix']) + output['parameter_defaults']['baremetal_prefix']) self.assertEqual('bmc-foo-compute', - output['parameters']['bmc_prefix']) + output['parameter_defaults']['bmc_prefix']) # These should be inherited - self.assertEqual('ipxe-boot', output['parameters']['baremetal_image']) - self.assertEqual('tenant-foo', + self.assertEqual('tenant-' + args.id, output['parameter_defaults']['overcloud_tenant_net']) + self.assertEqual('internal-' + args.id, + output['parameter_defaults']['overcloud_internal_net'] + ) + self.assertEqual('storage-' + args.id, + output['parameter_defaults']['overcloud_storage_net']) + self.assertEqual('storage_mgmt-' + args.id, + output['parameter_defaults'][ + 'overcloud_storage_mgmt_net']) + # This parameter should be overrideable + self.assertEqual('centos', + output['parameter_defaults']['baremetal_image']) # This should not be present in a role env, even if set in the file self.assertNotIn('OS::OVB::BaremetalNetworks', output['resource_registry']) @@ -408,42 +397,9 @@ class TestDeploy(testtools.TestCase): 'templates/baremetal-ports-all.yaml', output['resource_registry']['OS::OVB::BaremetalPorts']) # This should be inherited from the base env - self.assertEqual('templates/bmc-port-port-security.yaml', + self.assertEqual('templates/bmc-port.yaml', output['resource_registry']['OS::OVB::BMCPort']) - @mock.patch('openstack_virtual_baremetal.deploy._write_role_file') - @mock.patch('openstack_virtual_baremetal.deploy._load_role_data') - def test_process_role_param_defaults(self, mock_load, mock_write): - def move_params_to_param_defaults(d): - data = copy.deepcopy(d) - for k, v in data['parameters'].items(): - data['parameter_defaults'][k] = v - data.pop('parameters', None) - return data - - pd_base_data = move_params_to_param_defaults(role_base_data) - pd_specific_data = move_params_to_param_defaults(role_specific_data) - pd_original_data = move_params_to_param_defaults(role_original_data) - pd_specific_data['parameter_defaults']['baremetal_image'] = 'centos' - mock_load.return_value = (pd_base_data, pd_specific_data, - pd_original_data) - args = mock.Mock() - args.id = 'foo' - role_file, role = deploy._process_role('foo-compute.yaml', 'foo.yaml', - 'foo', args) - mock_load.assert_called_once_with('foo.yaml', 'foo-compute.yaml', args) - self.assertEqual('env-foo-compute.yaml', role_file) - self.assertEqual('compute', role) - output = mock_write.call_args[0][0] - # These values are computed in _process_role - self.assertEqual('baremetal-foo-compute', - output['parameters']['baremetal_prefix']) - self.assertEqual('bmc-foo-compute', - output['parameters']['bmc_prefix']) - # This parameter should be inherited (as tested above) but overrideable - self.assertEqual('centos', - output['parameter_defaults']['baremetal_image']) - @mock.patch('openstack_virtual_baremetal.deploy._load_role_data') def test_process_role_invalid_name(self, mock_load): bad_role_specific_data = copy.deepcopy(role_specific_data) @@ -476,10 +432,10 @@ class TestDeploy(testtools.TestCase): deploy._deploy_roles('foo', args, 'foo.yaml') mock_process.assert_not_called() - def _test_validate_env_ends_with_profile(self, mock_id, mock_bed, - section='parameters'): + def _test_validate_env_ends_with_profile(self, mock_id, mock_bed): test_env = dict(role_original_data) - test_env[section]['baremetal_prefix'] = 'baremetal-control' + test_env['parameter_defaults']['baremetal_prefix'] = ( + 'baremetal-control') mock_bed.return_value = test_env args = mock.Mock() args.id = mock_id @@ -493,11 +449,6 @@ class TestDeploy(testtools.TestCase): def test_validate_env_fails(self, mock_bed): self._test_validate_env_ends_with_profile(None, mock_bed) - @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') - def test_validate_env_fails_param_defaults(self, mock_bed): - self._test_validate_env_ends_with_profile(None, mock_bed, - 'parameter_defaults') - @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') def test_validate_env_with_id(self, mock_bed): self._test_validate_env_ends_with_profile('foo', mock_bed) diff --git a/openstack_virtual_baremetal/tests/test_openstackbmc.py b/openstack_virtual_baremetal/tests/test_openstackbmc.py index 8ca3473..33d1420 100755 --- a/openstack_virtual_baremetal/tests/test_openstackbmc.py +++ b/openstack_virtual_baremetal/tests/test_openstackbmc.py @@ -23,105 +23,6 @@ import testtools from openstack_virtual_baremetal import openstackbmc -@mock.patch('openstack_virtual_baremetal.openstackbmc.OpenStackBmc.' - 'log') -@mock.patch('pyghmi.ipmi.bmc.Bmc.__init__') -@mock.patch('novaclient.client.Client') -@mock.patch('openstack_virtual_baremetal.openstackbmc.OpenStackBmc.' - '_find_instance') -class TestOpenStackBmcInitDeprecated(unittest.TestCase): - def _test_init(self, mock_find_instance, mock_nova, mock_bmc_init, - mock_log, old_nova=True): - mock_client = mock.Mock() - mock_server = mock.Mock() - mock_server.name = 'foo-instance' - mock_client.servers.get.return_value = mock_server - mock_nova.return_value = mock_client - mock_find_instance.return_value = 'abc-123' - bmc = openstackbmc.OpenStackBmc(authdata={'admin': 'password'}, - port=623, - address='::ffff:127.0.0.1', - instance='foo', - user='admin', - password='password', - tenant='admin', - auth_url='http://keystone:5000', - project='', - user_domain='', - project_domain='', - cache_status=False, - os_cloud=None - ) - if old_nova: - mock_nova.assert_called_once_with(2, 'admin', 'password', 'admin', - 'http://keystone:5000') - else: - mock_nova.assert_called_once_with(2, 'admin', 'password', - auth_url='http://keystone:5000', - project_name='admin') - mock_find_instance.assert_called_once_with('foo') - self.assertEqual('abc-123', bmc.instance) - mock_client.servers.get.assert_called_once_with('abc-123') - self.assertEqual([mock.call(openstackbmc.NO_OCC_DEPRECATION), - mock.call('Managing instance: %s UUID: %s' % - ('foo-instance', 'abc-123'))], - mock_log.mock_calls) - - @mock.patch('openstack_virtual_baremetal.openstackbmc.os_client_config', - None) - @mock.patch('openstack_virtual_baremetal.openstackbmc.nc.__version__', - ('6', '0', '0')) - def test_init_6(self, mock_find_instance, mock_nova, mock_bmc_init, - mock_log): - self._test_init(mock_find_instance, mock_nova, mock_bmc_init, mock_log) - - @mock.patch('openstack_virtual_baremetal.openstackbmc.os_client_config', - None) - @mock.patch('openstack_virtual_baremetal.openstackbmc.nc.__version__', - ('7', '0', '0')) - def test_init_7(self, mock_find_instance, mock_nova, mock_bmc_init, - mock_log): - self._test_init(mock_find_instance, mock_nova, mock_bmc_init, mock_log, - old_nova=False) - - @mock.patch('openstack_virtual_baremetal.openstackbmc.os_client_config', - None) - def test_init_v3(self, mock_find_instance, mock_nova, mock_bmc_init, - mock_log, old_nova=True): - mock_client = mock.Mock() - mock_server = mock.Mock() - mock_server.name = 'foo-instance' - mock_client.servers.get.return_value = mock_server - mock_nova.return_value = mock_client - mock_find_instance.return_value = 'abc-123' - bmc = openstackbmc.OpenStackBmc(authdata={'admin': 'password'}, - port=623, - address='::ffff:127.0.0.1', - instance='foo', - user='admin', - password='password', - tenant='', - auth_url='http://keystone:5000/v3', - project='admin', - user_domain='default', - project_domain='default', - cache_status=False, - os_cloud=None - ) - mock_nova.assert_called_once_with(2, 'admin', 'password', - auth_url='http://keystone:5000/v3', - project_name='admin', - user_domain_name='default', - project_domain_name='default') - mock_find_instance.assert_called_once_with('foo') - self.assertEqual('abc-123', bmc.instance) - mock_client.servers.get.assert_called_once_with('abc-123') - self.assertEqual([mock.call(openstackbmc.NO_OCC_DEPRECATION), - mock.call('Managing instance: %s UUID: %s' % - ('foo-instance', 'abc-123'))], - mock_log.mock_calls) - - @mock.patch('openstack_virtual_baremetal.openstackbmc.OpenStackBmc.' 'log') @mock.patch('pyghmi.ipmi.bmc.Bmc.__init__') @@ -129,43 +30,6 @@ class TestOpenStackBmcInitDeprecated(unittest.TestCase): '_find_instance') @mock.patch('os_client_config.make_client') class TestOpenStackBmcInit(testtools.TestCase): - def test_init_os_client_config(self, mock_make_client, mock_find_instance, - mock_bmc_init, mock_log): - mock_client = mock.Mock() - mock_server = mock.Mock() - mock_server.name = 'foo-instance' - mock_client.servers.get.return_value = mock_server - mock_make_client.return_value = mock_client - mock_find_instance.return_value = 'abc-123' - bmc = openstackbmc.OpenStackBmc(authdata={'admin': 'password'}, - port=623, - address='::ffff:127.0.0.1', - instance='foo', - user='admin', - password='password', - tenant='admin', - auth_url='http://keystone:5000', - project='', - user_domain='', - project_domain='', - cache_status=False, - os_cloud=None - ) - - mock_make_client.assert_called_once_with( - 'compute', - os_auth_url='http://keystone:5000', - os_password='password', - os_project_domain='', - os_project_name='admin', - os_user_domain='', - os_username='admin') - mock_find_instance.assert_called_once_with('foo') - self.assertEqual('abc-123', bmc.instance) - mock_client.servers.get.assert_called_once_with('abc-123') - mock_log.assert_called_once_with('Managing instance: %s UUID: %s' % - ('foo-instance', 'abc-123')) - def test_init_os_cloud(self, mock_make_client, mock_find_instance, mock_bmc_init, mock_log): mock_client = mock.Mock() @@ -178,13 +42,6 @@ class TestOpenStackBmcInit(testtools.TestCase): port=623, address='::ffff:127.0.0.1', instance='foo', - user='', - password='', - tenant='', - auth_url='', - project='', - user_domain='', - project_domain='', cache_status=False, os_cloud='bar' ) @@ -210,13 +67,6 @@ class TestOpenStackBmcInit(testtools.TestCase): port=623, address='::ffff:127.0.0.1', instance='foo', - user='', - password='', - tenant='', - auth_url='', - project='', - user_domain='', - project_domain='', cache_status=False, os_cloud='foo' ) @@ -246,15 +96,8 @@ class TestOpenStackBmc(unittest.TestCase): port=623, address='::ffff:127.0.0.1', instance='foo', - user='admin', - password='password', - tenant='admin', - auth_url='http://keystone:5000', - project='', - user_domain='', - project_domain='', cache_status=False, - os_cloud=None + os_cloud='bar' ) self.bmc.novaclient = self.mock_client self.bmc.instance = 'abc-123' @@ -462,13 +305,6 @@ class TestMain(unittest.TestCase): port=111, address='::ffff:1.2.3.4', instance='foobar', - user='', - password='', - tenant='', - auth_url='', - project='', - user_domain='', - project_domain='', cache_status=False, os_cloud='foo' ) @@ -479,21 +315,14 @@ class TestMain(unittest.TestCase): mock_instance = mock.Mock() mock_bmc.return_value = mock_instance mock_argv = ['openstackbmc', '--port', '111', - '--instance', 'foobar'] + '--instance', 'foobar', '--os-cloud', 'bar'] with mock.patch.object(sys, 'argv', mock_argv): openstackbmc.main() mock_bmc.assert_called_once_with({'admin': 'password'}, port=111, address='::', instance='foobar', - user='', - password='', - tenant='', - auth_url='', - project='', - user_domain='', - project_domain='', cache_status=False, - os_cloud=None + os_cloud='bar' ) mock_instance.listen.assert_called_once_with() diff --git a/overcloud-templates/bond-network-templates/network-environment.yaml b/overcloud-templates/bond-network-templates/network-environment.yaml index 3d81639..a4f4a1f 100644 --- a/overcloud-templates/bond-network-templates/network-environment.yaml +++ b/overcloud-templates/bond-network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 10.0.0.0/24 ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] ExternalInterfaceDefaultRoute: 10.0.0.1 diff --git a/overcloud-templates/bond-network-templates/ui-settings.pickle b/overcloud-templates/bond-network-templates/ui-settings.pickle index 74ec540..22bfce2 100644 --- a/overcloud-templates/bond-network-templates/ui-settings.pickle +++ b/overcloud-templates/bond-network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/overcloud-templates/ipv6-network-templates/network-environment.yaml b/overcloud-templates/ipv6-network-templates/network-environment.yaml index 824081a..d845650 100644 --- a/overcloud-templates/ipv6-network-templates/network-environment.yaml +++ b/overcloud-templates/ipv6-network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 2001:db8:fd00:1000::/64 ExternalAllocationPools: [{"start": "2001:db8:fd00:1000::10", "end": "2001:db8:fd00:1000:ffff:ffff:ffff:fffe"}] ExternalInterfaceDefaultRoute: 2001:db8:fd00:1000::1 diff --git a/overcloud-templates/ipv6-network-templates/ui-settings.pickle b/overcloud-templates/ipv6-network-templates/ui-settings.pickle index 556326c..ff60aee 100644 --- a/overcloud-templates/ipv6-network-templates/ui-settings.pickle +++ b/overcloud-templates/ipv6-network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/overcloud-templates/network-templates/network-environment.yaml b/overcloud-templates/network-templates/network-environment.yaml index 05b0d1f..466aa80 100644 --- a/overcloud-templates/network-templates/network-environment.yaml +++ b/overcloud-templates/network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 10.0.0.0/24 ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] ExternalInterfaceDefaultRoute: 10.0.0.1 diff --git a/overcloud-templates/network-templates/ui-settings.pickle b/overcloud-templates/network-templates/ui-settings.pickle index a70c44a..9ff60a0 100644 --- a/overcloud-templates/network-templates/ui-settings.pickle +++ b/overcloud-templates/network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/sample-env-generator/environments.yaml b/sample-env-generator/environments.yaml index b9cbb07..085263f 100644 --- a/sample-env-generator/environments.yaml +++ b/sample-env-generator/environments.yaml @@ -14,15 +14,17 @@ environments: - bmc_prefix - baremetal_prefix - node_count - - public_net - - public_net_shared - - provision_net - - provision_net_shared - undercloud_name - undercloud_image - undercloud_flavor - external_net - role + templates/undercloud-networks.yaml: + parameters: + - public_net + - public_net_shared + - provision_net + - provision_net_shared sample_values: baremetal_image: ipxe-boot - @@ -61,7 +63,7 @@ environments: baremetal_image: CentOS-7-x86_64-GenericCloud node_count: 1 resource_registry: - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-extra-node-port-security.yaml + OS::OVB::BaremetalPorts: ../templates/baremetal-ports-extra-node.yaml - name: all-networks title: Deploy with All Networks Enabled @@ -75,18 +77,6 @@ environments: OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml OS::OVB::BaremetalPorts: ../templates/baremetal-ports-all.yaml children: - - - name: all-networks-port-security - description: | - Deploy an OVB stack that adds interfaces for all the standard TripleO - network isolation networks. This version uses the port-security - Neutron extension to allow OVB to be run on clouds with security - groups enabled. - resource_registry: - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-all-port-security.yaml - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml - name: all-networks-public-bond title: Deploy with All Networks Enabled and Two Public Interfaces @@ -98,32 +88,6 @@ environments: resource_registry: OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml OS::OVB::BaremetalPorts: ../templates/baremetal-ports-public-bond.yaml - - - name: all-networks-public-bond-port-security - title: Deploy with All Networks Enabled and Two Public Interfaces - description: | - Deploy an OVB stack that adds interfaces for all the standard TripleO - network isolation networks. This version will deploy duplicate - public network interfaces on the baremetal instances so that the - public network can be configured as a bond. It will also use the - port-security Neutron extension to allow OVB to be run on clouds with - security groups enabled. - resource_registry: - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-public-bond-port-security.yaml - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml - - - name: port-security - title: Deploy a Basic OVB Environment Using Neutron port-security - description: | - Deploy an OVB stack that uses the Neutron port-security extension to - allow OVB functionality in clouds with security groups enabled. - files: {} - resource_registry: - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-default-port-security.yaml - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml - name: create-private-network title: Create a Private Network @@ -220,3 +184,68 @@ environments: - bmc_use_cache sample_values: bmc_use_cache: True + - + name: routed-networks-configuration + title: Configuration for Routed Networks + description: | + Contains the available parameters that need to be configured when using + a routed networks environment. Requires the routed-networks.yaml + environment. + files: + templates/dhcp-relay.yaml: + parameters: + - dhcp_relay_flavor + - dhcp_relay_image + - + name: routed-networks + title: Enable Routed Networks + description: | + Enable use of routed networks, where there may be multiple separate + networks connected with a router and DHCP relay. Do not pass any other + network configuration environments after this one or they may override + the changes made by this environment. When this environment is in use, + the routed-networks-configuration environment should usually be + included as well. + resource_registry: + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-routed.yaml + OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-routed.yaml + OS::OVB::DHCPRelay: ../templates/dhcp-relay.yaml + - + name: routed-networks-role + title: Base Role Configuration for Routed Networks + description: | + A base role environment that contains the necessary parameters for + deploying with routed networks. + files: + templates/quintupleo.yaml: + parameters: + - baremetal_flavor + - key_name + - node_count + - role + templates/undercloud-networks.yaml: + parameters: + - provision_net + templates/baremetal-networks-all.yaml: + parameters: + - overcloud_internal_net + - overcloud_storage_net + - overcloud_storage_mgmt_net + - overcloud_tenant_net + sample_values: + role: leaf1 + provision_net: provision2 + overcloud_internal_net: overcloud_internal2 + overcloud_storage_net: overcloud_storage2 + overcloud_storage_mgmt_net: overcloud_storage_mgmt2 + overcloud_tenant_net: overcloud_tenant2 + - + name: public-router + title: Public Network External Router + description: | + Deploy a router that connects the public and external networks. This + allows the public network to be used as a gateway instead of routing all + traffic through the undercloud. + resource_registry: + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-public-router.yaml + diff --git a/templates/baremetal-networks-all.yaml b/templates/baremetal-networks-all.yaml index 5faa88b..ad4fe17 100644 --- a/templates/baremetal-networks-all.yaml +++ b/templates/baremetal-networks-all.yaml @@ -117,3 +117,5 @@ outputs: storage_net: {get_resource: storage_network} storage_mgmt_net: {get_resource: storage_mgmt_network} tenant_net: {get_resource: tenant_network} + routers_addresses: + value: {} diff --git a/templates/baremetal-networks-none.yaml b/templates/baremetal-networks-none.yaml index bd488a2..f1033fe 100644 --- a/templates/baremetal-networks-none.yaml +++ b/templates/baremetal-networks-none.yaml @@ -3,3 +3,5 @@ heat_template_version: 2014-10-16 outputs: networks: value: {} + routers_addresses: + value: {} diff --git a/templates/baremetal-networks-routed.yaml b/templates/baremetal-networks-routed.yaml new file mode 100644 index 0000000..55242e3 --- /dev/null +++ b/templates/baremetal-networks-routed.yaml @@ -0,0 +1,408 @@ +heat_template_version: 2014-10-16 + +# Template which creates all networks required for full network isloation. + +parameters: + + overcloud_internal_net: + type: string + description: Name of internal API network + default: overcloud_internal + + overcloud_internal_net_cidr: + type: string + description: | + CIDR for internal API network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.17.0.0/24 + + overcloud_internal_net_router_address: + type: string + description: Router address for the overcloud_internal_net + default: 172.17.0.254 + + overcloud_internal_net2: + type: string + description: Name of internal API network + default: overcloud_internal2 + + overcloud_internal_net2_cidr: + type: string + description: | + CIDR for internal API network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.17.1.0/24 + + overcloud_internal_net2_router_address: + type: string + description: Router address for the overcloud_internal_net2 subnet + default: 172.17.1.254 + + overcloud_storage_net: + type: string + description: Name of storage network + default: overcloud_storage + + overcloud_storage_net_cidr: + type: string + description: | + CIDR for storage network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.18.0.0/24 + + overcloud_storage_net_router_address: + type: string + description: Router address for the overcloud_storage_net subnet + default: 172.18.0.254 + + overcloud_storage_net2: + type: string + description: Name of storage network + default: overcloud_storage2 + + overcloud_storage_net2_cidr: + type: string + description: | + CIDR for storage network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.18.1.0/24 + + overcloud_storage_net2_router_address: + type: string + description: Router address for the overcloud_storage_net2 subnet + default: 172.18.1.254 + + overcloud_storage_mgmt_net: + type: string + description: Name of storage management network + default: overcloud_storage_mgmt + + overcloud_storage_mgmt_net_cidr: + type: string + description: | + CIDR for storage management network subnet. This is typically irrelevant + and does not need to be changed. + default: 172.19.0.0/24 + + overcloud_storage_mgmt_net_router_address: + type: string + description: Router address for the overcloud_storage_mgmt_net subnet + default: 172.19.0.254 + + overcloud_storage_mgmt_net2: + type: string + description: Name of storage management network + default: overcloud_storage_mgmt2 + + overcloud_storage_mgmt_net2_cidr: + type: string + description: | + CIDR for storage management network subnet. This is typically irrelevant + and does not need to be changed. + default: 172.19.1.0/24 + + overcloud_storage_mgmt_net2_router_address: + type: string + description: Router address for the overcloud_storage_mgmt_net2 subnet + default: 172.19.1.254 + + overcloud_tenant_net: + type: string + description: Name of tenant network + default: overcloud_tenant + + overcloud_tenant_net_cidr: + type: string + description: | + CIDR for tenant network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.16.0.0/24 + + overcloud_tenant_net_router_address: + type: string + description: Router address for the overcloud_tenant_net subnet + default: 172.16.0.254 + + overcloud_tenant_net2: + type: string + description: Name of tenant network + default: overcloud_tenant2 + + overcloud_tenant_net2_cidr: + type: string + description: | + CIDR for tenant network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.16.1.0/24 + + overcloud_tenant_net2_router_address: + type: string + description: Router address for the overcloud_tenant_net2 subnet + default: 172.16.1.254 + +resources: + internal_router: + type: OS::Neutron::Router + properties: + name: internal-router + + internal_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_internal_net} + + internal_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: internal_network} + name: {get_param: overcloud_internal_net} + cidr: {get_param: overcloud_internal_net_cidr} + gateway_ip: null + enable_dhcp: false + + internal_subnet_port: + type: OS::Neutron::Port + properties: + network: {get_resource: internal_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_internal_net_router_address} + + internal_subnet_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: internal_router} + port: {get_resource: internal_subnet_port} + + internal_network2: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_internal_net2} + + internal_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: internal_network2} + name: {get_param: overcloud_internal_net2} + cidr: {get_param: overcloud_internal_net2_cidr} + gateway_ip: null + enable_dhcp: false + + internal_subnet2_port: + type: OS::Neutron::Port + properties: + network: {get_resource: internal_network2} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_internal_net2_router_address} + + internal_subnet2_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: internal_router} + port: {get_resource: internal_subnet2_port} + + storage_router: + type: OS::Neutron::Router + properties: + name: storage-router + + storage_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_net} + + storage_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_network} + name: {get_param: overcloud_storage_net} + cidr: {get_param: overcloud_storage_net_cidr} + gateway_ip: null + enable_dhcp: false + + storage_subnet_port: + type: OS::Neutron::Port + properties: + network: {get_resource: storage_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_storage_net_router_address} + + storage_subnet_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: storage_router} + port: {get_resource: storage_subnet_port} + + storage_network2: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_net2} + + storage_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_network2} + name: {get_param: overcloud_storage_net2} + cidr: {get_param: overcloud_storage_net2_cidr} + gateway_ip: null + enable_dhcp: false + + storage_subnet2_port: + type: OS::Neutron::Port + properties: + network: {get_resource: storage_network2} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_storage_net2_router_address} + + storage_subnet2_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: storage_router} + port: {get_resource: storage_subnet2_port} + + storage_mgmt_router: + type: OS::Neutron::Router + properties: + name: storage-mgmt-router + + storage_mgmt_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_mgmt_net} + + storage_mgmt_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_mgmt_network} + name: {get_param: overcloud_storage_mgmt_net} + cidr: {get_param: overcloud_storage_mgmt_net_cidr} + gateway_ip: null + enable_dhcp: false + + storage_mgmt_subnet_port: + type: OS::Neutron::Port + properties: + network: {get_resource: storage_mgmt_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_storage_mgmt_net_router_address} + + storage_mgmt_subnet_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: storage_mgmt_router} + port: {get_resource: storage_mgmt_subnet_port} + + storage_mgmt_network2: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_mgmt_net2} + + storage_mgmt_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_mgmt_network2} + name: {get_param: overcloud_storage_mgmt_net2} + cidr: {get_param: overcloud_storage_mgmt_net2_cidr} + gateway_ip: null + enable_dhcp: false + + storage_mgmt_subnet2_port: + type: OS::Neutron::Port + properties: + network: {get_resource: storage_mgmt_network2} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_storage_mgmt_net2_router_address} + + storage_mgmt_subnet2_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: storage_mgmt_router} + port: {get_resource: storage_mgmt_subnet2_port} + + tenant_router: + type: OS::Neutron::Router + properties: + name: tenant-router + + tenant_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_tenant_net} + + tenant_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: tenant_network} + name: {get_param: overcloud_tenant_net} + cidr: {get_param: overcloud_tenant_net_cidr} + gateway_ip: null + enable_dhcp: false + + tenant_subnet_port: + type: OS::Neutron::Port + properties: + network: {get_resource: tenant_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_tenant_net_router_address} + + tenant_subnet_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: tenant_router} + port: {get_resource: tenant_subnet_port} + + tenant_network2: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_tenant_net2} + + tenant_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: tenant_network2} + name: {get_param: overcloud_tenant_net2} + cidr: {get_param: overcloud_tenant_net2_cidr} + gateway_ip: null + enable_dhcp: false + + tenant_subnet2_port: + type: OS::Neutron::Port + properties: + network: {get_resource: tenant_network2} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_tenant_net2_router_address} + + tenant_subnet2_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: tenant_router} + port: {get_resource: tenant_subnet2_port} + +outputs: + networks: + value: + internal_net: {get_resource: internal_network} + internal_net2: {get_resource: internal_network2} + storage_net: {get_resource: storage_network} + storage_net2: {get_resource: storage_network2} + storage_mgmt_net: {get_resource: storage_mgmt_network} + storage_mgmt_net2: {get_resource: storage_mgmt_network2} + tenant_net: {get_resource: tenant_network} + tenant_net2: {get_resource: tenant_network2} + routers_addresses: + value: + internal_router_address: {get_attr: [internal_subnet_port, fixed_ips, 0, ip_address]} + internal2_router: {get_attr: [internal_subnet2_port, fixed_ips, 0, ip_address]} + storage_router_address: {get_attr: [storage_subnet_port, fixed_ips, 0, ip_address]} + storage2_router_address: {get_attr: [storage_subnet2_port, fixed_ips, 0, ip_address]} + storage_mgmt_router_address: {get_attr: [storage_mgmt_subnet_port, fixed_ips, 0, ip_address]} + storage_mgmt2_router_address: {get_attr: [storage_mgmt_subnet2_port, fixed_ips, 0, ip_address]} + tenant_router_address: {get_attr: [tenant_subnet_port, fixed_ips, 0, ip_address]} + tenant2_router_address: {get_attr: [tenant_subnet2_port, fixed_ips, 0, ip_address]} diff --git a/templates/baremetal-ports-all-port-security.yaml b/templates/baremetal-ports-all-port-security.yaml deleted file mode 100644 index 66c29d3..0000000 --- a/templates/baremetal-ports-all-port-security.yaml +++ /dev/null @@ -1,120 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - baremetal_prefix: - type: string - - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public - - suffix: - type: string - - overcloud_internal_net: - type: string - description: Name of internal API network - default: overcloud_internal - - overcloud_storage_net: - type: string - description: Name of storage network - default: overcloud_storage - - overcloud_storage_mgmt_net: - type: string - description: Name of storage management network - default: overcloud_storage_mgmt - - overcloud_tenant_net: - type: string - description: Name of tenant network - default: overcloud_tenant - -resources: - - provision_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: provision_net} - port_security_enabled: False - - internal_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - internal_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_internal_net} - port_security_enabled: False - - storage_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - storage_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_storage_net} - port_security_enabled: False - - storage_mgmt_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - storage_mgmt_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_storage_mgmt_net} - port_security_enabled: False - - tenant_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - tenant_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_tenant_net} - port_security_enabled: False - - public_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - public_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: public_net} - port_security_enabled: False - -outputs: - ports: - value: - - {port: {get_resource: provision_port}} - - {port: {get_resource: public_port}} - - {port: {get_resource: internal_port}} - - {port: {get_resource: storage_port}} - - {port: {get_resource: storage_mgmt_port}} - - {port: {get_resource: tenant_port}} diff --git a/templates/baremetal-ports-all.yaml b/templates/baremetal-ports-all.yaml index 7dff06c..3ea7cef 100644 --- a/templates/baremetal-ports-all.yaml +++ b/templates/baremetal-ports-all.yaml @@ -1,17 +1,12 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -46,7 +41,8 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} + port_security_enabled: False internal_port: type: OS::Neutron::Port @@ -58,6 +54,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_internal_net} + port_security_enabled: False storage_port: type: OS::Neutron::Port @@ -69,6 +66,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_storage_net} + port_security_enabled: False storage_mgmt_port: type: OS::Neutron::Port @@ -80,6 +78,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_storage_mgmt_net} + port_security_enabled: False tenant_port: type: OS::Neutron::Port @@ -91,6 +90,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_tenant_net} + port_security_enabled: False public_port: type: OS::Neutron::Port @@ -101,7 +101,8 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} + port_security_enabled: False outputs: ports: diff --git a/templates/baremetal-ports-default-port-security.yaml b/templates/baremetal-ports-default-port-security.yaml deleted file mode 100644 index 2b114c7..0000000 --- a/templates/baremetal-ports-default-port-security.yaml +++ /dev/null @@ -1,35 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - baremetal_prefix: - type: string - - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public - - suffix: - type: string - -resources: - - provision_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: provision_net} - port_security_enabled: False - -outputs: - ports: - value: - - {port: {get_resource: provision_port}} diff --git a/templates/baremetal-ports-default.yaml b/templates/baremetal-ports-default.yaml index fd6ee0f..c9d19a0 100644 --- a/templates/baremetal-ports-default.yaml +++ b/templates/baremetal-ports-default.yaml @@ -1,17 +1,12 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -26,7 +21,8 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} + port_security_enabled: False outputs: ports: diff --git a/templates/baremetal-ports-extra-node-port-security-all.yaml b/templates/baremetal-ports-extra-node-all.yaml similarity index 100% rename from templates/baremetal-ports-extra-node-port-security-all.yaml rename to templates/baremetal-ports-extra-node-all.yaml diff --git a/templates/baremetal-ports-extra-node-fip-port-security.yaml b/templates/baremetal-ports-extra-node-fip.yaml similarity index 89% rename from templates/baremetal-ports-extra-node-fip-port-security.yaml rename to templates/baremetal-ports-extra-node-fip.yaml index 0db18b9..41672f4 100644 --- a/templates/baremetal-ports-extra-node-fip-port-security.yaml +++ b/templates/baremetal-ports-extra-node-fip.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json private_net: type: string @@ -62,7 +57,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} port_security_enabled: False public_port: @@ -74,7 +69,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} port_security_enabled: False extra_node_fip: diff --git a/templates/baremetal-ports-extra-node-port-security.yaml b/templates/baremetal-ports-extra-node.yaml similarity index 87% rename from templates/baremetal-ports-extra-node-port-security.yaml rename to templates/baremetal-ports-extra-node.yaml index b91394d..151fdfc 100644 --- a/templates/baremetal-ports-extra-node-port-security.yaml +++ b/templates/baremetal-ports-extra-node.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json private_net: type: string @@ -59,7 +54,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} port_security_enabled: False public_port: @@ -71,7 +66,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} port_security_enabled: False outputs: diff --git a/templates/baremetal-ports-public-bond-port-security.yaml b/templates/baremetal-ports-public-bond-port-security.yaml deleted file mode 100644 index 5e2d4d7..0000000 --- a/templates/baremetal-ports-public-bond-port-security.yaml +++ /dev/null @@ -1,133 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - baremetal_prefix: - type: string - - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public - - suffix: - type: string - - overcloud_internal_net: - type: string - description: Name of internal API network - default: overcloud_internal - - overcloud_storage_net: - type: string - description: Name of storage network - default: overcloud_storage - - overcloud_storage_mgmt_net: - type: string - description: Name of storage management network - default: overcloud_storage_mgmt - - overcloud_tenant_net: - type: string - description: Name of tenant network - default: overcloud_tenant - -resources: - - provision_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: provision_net} - port_security_enabled: False - - internal_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - internal_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_internal_net} - port_security_enabled: False - - storage_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - storage_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_storage_net} - port_security_enabled: False - - storage_mgmt_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - storage_mgmt_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_storage_mgmt_net} - port_security_enabled: False - - tenant_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - tenant_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_tenant_net} - port_security_enabled: False - - public_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - public_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: public_net} - port_security_enabled: False - - public_bond_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - public_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: public_net} - port_security_enabled: False - -outputs: - ports: - value: - - {port: {get_resource: provision_port}} - - {port: {get_resource: public_port}} - - {port: {get_resource: public_bond_port}} - - {port: {get_resource: internal_port}} - - {port: {get_resource: storage_port}} - - {port: {get_resource: storage_mgmt_port}} - - {port: {get_resource: tenant_port}} diff --git a/templates/baremetal-ports-public-bond.yaml b/templates/baremetal-ports-public-bond.yaml index 496c63e..8e59a45 100644 --- a/templates/baremetal-ports-public-bond.yaml +++ b/templates/baremetal-ports-public-bond.yaml @@ -1,17 +1,12 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -46,7 +41,8 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} + port_security_enabled: False internal_port: type: OS::Neutron::Port @@ -58,6 +54,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_internal_net} + port_security_enabled: False storage_port: type: OS::Neutron::Port @@ -69,6 +66,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_storage_net} + port_security_enabled: False storage_mgmt_port: type: OS::Neutron::Port @@ -80,6 +78,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_storage_mgmt_net} + port_security_enabled: False tenant_port: type: OS::Neutron::Port @@ -91,6 +90,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_tenant_net} + port_security_enabled: False public_port: type: OS::Neutron::Port @@ -101,7 +101,8 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} + port_security_enabled: False public_bond_port: type: OS::Neutron::Port @@ -112,7 +113,8 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} + port_security_enabled: False outputs: ports: diff --git a/templates/bmc-port-port-security.yaml b/templates/bmc-port-port-security.yaml deleted file mode 100644 index dc9361e..0000000 --- a/templates/bmc-port-port-security.yaml +++ /dev/null @@ -1,29 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - bmc_prefix: - type: string - - private_net: - type: string - -resources: - - private_bmc_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '_' - - - 'utility' - - {get_param: bmc_prefix} - network: {get_param: private_net} - port_security_enabled: False - -outputs: - port: - value: - - {port: {get_resource: private_bmc_port}} - ip_address: - value: {get_attr: [private_bmc_port, fixed_ips, 0, ip_address]} diff --git a/templates/bmc-port.yaml b/templates/bmc-port.yaml index 402ea94..dc9361e 100644 --- a/templates/bmc-port.yaml +++ b/templates/bmc-port.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: @@ -19,6 +19,7 @@ resources: - - 'utility' - {get_param: bmc_prefix} network: {get_param: private_net} + port_security_enabled: False outputs: port: diff --git a/templates/dhcp-relay.yaml b/templates/dhcp-relay.yaml new file mode 100644 index 0000000..f4e5acc --- /dev/null +++ b/templates/dhcp-relay.yaml @@ -0,0 +1,189 @@ +heat_template_version: 2016-10-14 + +parameters: + + key_name: + type: string + default: default + description: Nova keypair to inject into the undercloud and bmc + + dhcp_relay_flavor: + type: string + default: m1.small + description: The Nova flavor to use for the dhcrelay instance + + dhcp_relay_image: + type: string + default: CentOS-7-x86_64-GenericCloud + description: | + The base image for the dhcrelay instance. A CentOS 7 image is currently + the only one supported. + + dhcp_relay_provision_address: + type: string + description: DHCP relay address on the provision network subnet + default: 192.168.24.253 + + dhcp_relay_provision2_address: + type: string + description: DHCP relay address on the provision2 network subnet + default: 192.168.25.253 + + dhcp_relay_provision3_address: + type: string + description: DHCP relay address on the provision3 network subnet + default: 192.168.26.253 + + dhcp_ips: + type: json + description: | + The IP addresses of DHCP servers to relay DHCP requests to. + + networks: + type: json + + private_net: + type: string + + +resources: + dhcp_relay_port_private: + type: OS::Neutron::Port + properties: + name: dhcp_relay_port_private + network: {get_param: private_net} + + dhcp_relay_port_provision: + type: OS::Neutron::Port + properties: + name: dhcp_relay_port_provision + network: {get_param: [networks, provision]} + port_security_enabled: False + fixed_ips: + - ip_address: {get_param: dhcp_relay_provision_address} + + dhcp_relay_port_provision2: + type: OS::Neutron::Port + properties: + name: dhcp_relay_port_provision2 + network: {get_param: [networks, provision2]} + port_security_enabled: False + fixed_ips: + - ip_address: {get_param: dhcp_relay_provision2_address} + + dhcp_relay_port_provision3: + type: OS::Neutron::Port + properties: + name: dhcp_relay_port_provision3 + network: {get_param: [networks, provision3]} + port_security_enabled: False + fixed_ips: + - ip_address: {get_param: dhcp_relay_provision3_address} + + init_networks: + type: OS::Heat::CloudConfig + properties: + cloud_config: + network: + version: 2 + ethernets: + eth0: + dhcp4: false + addresses: + - list_join: + - / + - - {get_attr: [dhcp_relay_port_provision, fixed_ips, 0, ip_address]} + - {str_split: ['/', {get_attr: [dhcp_relay_port_provision, subnets, 0, cidr]}, 1]} + eth1: + dhcp4: false + addresses: + - list_join: + - / + - - {get_attr: [dhcp_relay_port_provision2, fixed_ips, 0, ip_address]} + - {str_split: ['/', {get_attr: [dhcp_relay_port_provision2, subnets, 0, cidr]}, 1]} + eth2: + dhcp4: false + addresses: + - list_join: + - / + - - {get_attr: [dhcp_relay_port_provision3, fixed_ips, 0, ip_address]} + - {str_split: ['/', {get_attr: [dhcp_relay_port_provision3, subnets, 0, cidr]}, 1]} + eth3: + dhcp4: true + + init_packages: + type: OS::Heat::CloudConfig + properties: + cloud_config: + package_upgrade: true + packages: + - dhcp + + init_files: + type: OS::Heat::CloudConfig + properties: + cloud_config: + write_files: + - path: /etc/systemd/system/dhcrelay.service + content: + str_replace: + template: | + [Unit] + Description=DHCP Relay Agent Daemon + Documentation=man:dhcrelay(8) + Wants=network-online.target + After=network-online.target + + [Service] + Type=simple + ExecStart=/usr/sbin/dhcrelay -d --no-pid $dhcp_ips -i eth1 -i eth2 -i eth3 + StandardError=null + + [Install] + WantedBy=multi-user.target + params: + $dhcp_ips: + list_join: + - ' ' + - {get_param: dhcp_ips} + - path: /etc/sysctl.d/98-rp-filter.conf + content: | + net.ipv4.conf.eth1.rp_filter = 0 + net.ipv4.conf.eth2.rp_filter = 0 + net.ipv4.conf.eth3.rp_filter = 0 + + init_runcmd: + type: OS::Heat::CloudConfig + properties: + cloud_config: + runcmd: + - ['sysctl','--system'] + - ['systemctl', 'daemon-reload'] + - ['systemctl', 'enable', 'dhcrelay.service'] + - ['systemctl', 'start', 'dhcrelay.service'] + - ['systemctl', 'status', 'dhcrelay.service'] + + dhcrelay_init: + type: OS::Heat::MultipartMime + properties: + parts: + - config: {get_resource: init_networks} + - config: {get_resource: init_packages} + - config: {get_resource: init_files} + - config: {get_resource: init_runcmd} + + dhcp_relay_server: + type: OS::Nova::Server + properties: + name: dhcrelay + flavor: {get_param: dhcp_relay_flavor} + image: {get_param: dhcp_relay_image} + key_name: {get_param: key_name} + networks: + - {port: {get_resource: dhcp_relay_port_private}} + - {port: {get_resource: dhcp_relay_port_provision}} + - {port: {get_resource: dhcp_relay_port_provision2}} + - {port: {get_resource: dhcp_relay_port_provision3}} + config_drive: true + user_data_format: RAW + user_data: {get_resource: dhcrelay_init} diff --git a/templates/env.yaml.example b/templates/env.yaml.example deleted file mode 100644 index 55c46d2..0000000 --- a/templates/env.yaml.example +++ /dev/null @@ -1,59 +0,0 @@ -# DEPRECATED: This sample environment file has been replaced by the one in -# environments/base.yaml and the other sample environments in that directory. -# This file should not be used for new OVB deployments. - -parameters: - bmc_flavor: bmc - bmc_image: CentOS-7-x86_64-GenericCloud - baremetal_flavor: baremetal - baremetal_image: ipxe-boot - key_name: default - private_net: private - bmc_prefix: bmc - baremetal_prefix: baremetal - node_count: 2 - public_net: public - provision_net: provision - # QuintupleO-specific params ignored by virtual-baremetal.yaml - undercloud_name: undercloud - undercloud_image: CentOS-7-x86_64-GenericCloud - undercloud_flavor: m1.xlarge - external_net: external - public_net_shared: false - provision_net_shared: false - -#parameter_defaults: - # Set a default role for the nodes in this environment. This parameter is - # ignored by Heat, but used by build-nodes-json. - #role: control - -## Uncomment and customize the following to use an existing floating ip -# undercloud_floating_ip_id: 'uuid of floating ip' -# undercloud_floating_ip: 'address of floating ip' - -#resource_registry: -## Uncomment the following to use an existing floating ip -# OS::OVB::UndercloudFloating: templates/undercloud-floating-existing.yaml - -## Uncomment the following to use no floating ip -# OS::OVB::UndercloudFloating: templates/undercloud-floating-none.yaml - -## Uncomment the following to create a private network -# OS::OVB::PrivateNetwork: templates/private-net-create.yaml - -## Uncomment to create all networks required for network-isolation. -## parameter_defaults should be used to override default parameter values -## in baremetal-networks-all.yaml -# OS::OVB::BaremetalNetworks: templates/baremetal-networks-all.yaml -# OS::OVB::BaremetalPorts: templates/baremetal-ports-all.yaml - -## Uncomment to use the neutron port-security extension to allow DHCP from -## the undercloud to overcloud nodes. There are *-port-security.yaml versions -## of all the standard port resource templates. The examples below are to use -## port-security with a minimal deployment (i.e. no network isolation). -# OS::OVB::BaremetalPorts: templates/baremetal-ports-default-port-security.yaml -# OS::OVB::BMCPort: templates/bmc-port-port-security.yaml -# OS::OVB::UndercloudPorts: templates/undercloud-ports-port-security.yaml - -## Uncomment to deploy a quintupleo environment without an undercloud. -# OS::OVB::UndercloudEnvironment: OS::Heat::None diff --git a/templates/quintupleo.yaml b/templates/quintupleo.yaml index d77ad39..340d8ad 100644 --- a/templates/quintupleo.yaml +++ b/templates/quintupleo.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-04-08 # Template that wraps virtual-baremetal.yaml and does some additional environment # setup automatically: @@ -49,36 +49,6 @@ parameters: default: external description: An external network from which floating ips can be provisioned - provision_net: - type: string - default: provision - description: Name of a network that will be used for provisioning traffic - - provision_net_cidr: - type: string - description: CIDR for provision network subnet - default: 192.0.2.0/24 - - provision_net_shared: - type: boolean - description: Whether this network should be shared across all tenants - default: false - - public_net: - type: string - description: Name of the overcloud external network - default: public - - public_net_cidr: - type: string - description: CIDR for external network subnet - default: 10.0.0.0/24 - - public_net_shared: - type: boolean - description: Whether this network should be shared across all tenants - default: false - bmc_prefix: type: string default: bmc @@ -171,37 +141,17 @@ parameters: ignored by Heat, but used by build-nodes-json. default: '' + dhcp_ips: + type: json + default: + - 192.168.24.1 + - 192.168.24.10 + description: | + The IP addresses of DHCP servers to relay DHCP requests to. resources: - provision_network: - type: OS::Neutron::Net - properties: - name: {get_param: provision_net} - shared: {get_param: provision_net_shared} - - provision_subnet: - type: OS::Neutron::Subnet - properties: - network: {get_resource: provision_network} - name: {get_param: provision_net} - cidr: {get_param: provision_net_cidr} - gateway_ip: null - enable_dhcp: false - - public_network: - type: OS::Neutron::Net - properties: - name: {get_param: public_net} - shared: {get_param: public_net_shared} - - public_subnet: - type: OS::Neutron::Subnet - properties: - network: {get_resource: public_network} - name: {get_param: public_net} - cidr: {get_param: public_net_cidr} - gateway_ip: null - enable_dhcp: false + undercloud_networks: + type: OS::OVB::UndercloudNetworks private_network: type: OS::OVB::PrivateNetwork @@ -211,7 +161,7 @@ resources: undercloud_env: type: OS::OVB::UndercloudEnvironment - depends_on: [provision_subnet, public_subnet] + depends_on: [undercloud_networks, private_network] properties: undercloud_flavor: {get_param: undercloud_flavor} undercloud_image: {get_param: undercloud_image} @@ -220,21 +170,19 @@ resources: undercloud_user_data_format: {get_param: undercloud_user_data_format} undercloud_user_data: {get_param: undercloud_user_data} private_net: {get_attr: [private_network, private_net]} - provision_net: {get_resource: provision_network} - public_net: {get_resource: public_network} + networks: {get_attr: [undercloud_networks, networks]} external_net: {get_param: external_net} baremetal_env: type: OS::OVB::BaremetalEnvironment - depends_on: [provision_subnet, public_subnet] + depends_on: undercloud_networks properties: baremetal_flavor: {get_param: baremetal_flavor} baremetal_image: {get_param: baremetal_image} key_name: {get_param: key_name} node_count: {get_param: node_count} - public_net: {get_resource: public_network} private_net: {get_attr: [private_network, private_net]} - provision_net: {get_resource: provision_network} + networks: {get_attr: [undercloud_networks, networks]} bmc_flavor: {get_param: bmc_flavor} bmc_prefix: {get_param: bmc_prefix} bmc_image: {get_param: bmc_image} @@ -247,6 +195,7 @@ resources: os_user_domain: {get_param: os_user_domain} os_project_domain: {get_param: os_project_domain} cloud_data: {get_param: cloud_data} + dhcp_ips: {get_param: dhcp_ips} outputs: undercloud_host_floating_ip: @@ -257,3 +206,10 @@ outputs: description: "ip of the undercloud instance on the private network" value: get_attr: [undercloud_env, undercloud_host_private_ip] + network_environment_data: + description: "Network environment data, router addresses etc." + value: + map_merge: + - get_attr: [undercloud_networks, provision_network_routers] + - get_attr: [baremetal_env, baremetal_networks_routers_addresses] + - get_attr: [undercloud_networks, public_network_router] diff --git a/templates/resource-registry.yaml b/templates/resource-registry.yaml index 69df109..021acc5 100644 --- a/templates/resource-registry.yaml +++ b/templates/resource-registry.yaml @@ -8,3 +8,5 @@ resource_registry: OS::OVB::BaremetalPorts: baremetal-ports-default.yaml OS::OVB::BMCPort: bmc-port.yaml OS::OVB::UndercloudPorts: undercloud-ports.yaml + OS::OVB::UndercloudNetworks: undercloud-networks.yaml + OS::OVB::DHCPRelay: OS::Heat::None diff --git a/templates/undercloud-networks-existing.yaml b/templates/undercloud-networks-existing.yaml new file mode 100644 index 0000000..a8c28ea --- /dev/null +++ b/templates/undercloud-networks-existing.yaml @@ -0,0 +1,44 @@ +heat_template_version: 2015-04-30 + +parameters: + provision_net: + type: string + default: provision + description: Name of a network that will be used for provisioning traffic + + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.0.2.0/24 + + provision_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + public_net: + type: string + description: Name of the overcloud external network + default: public + + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + + public_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + +outputs: + networks: + value: + provision: {get_param: provision_net} + public: {get_param: public_net} + # The provision and public network routers is here for compatibility only + provision_network_routers: + value: null + public_network_router: + value: null diff --git a/templates/undercloud-networks-public-router.yaml b/templates/undercloud-networks-public-router.yaml new file mode 100644 index 0000000..9626bee --- /dev/null +++ b/templates/undercloud-networks-public-router.yaml @@ -0,0 +1,105 @@ +heat_template_version: 2015-04-30 + +parameters: + provision_net: + type: string + default: provision + description: Name of a network that will be used for provisioning traffic + + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.168.24.0/24 + + provision_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + public_net: + type: string + description: Name of the overcloud external network + default: public + + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + + public_net_router_address: + type: string + description: Router address for the public network subnet + default: 10.0.0.254 + + public_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + external_net: + type: string + description: An external network for the networks to route to + +resources: + provision_network: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net} + shared: {get_param: provision_net_shared} + + provision_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network} + name: {get_param: provision_net} + cidr: {get_param: provision_net_cidr} + gateway_ip: null + enable_dhcp: false + + public_network: + type: OS::Neutron::Net + properties: + name: {get_param: public_net} + shared: {get_param: public_net_shared} + + public_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: public_network} + name: {get_param: public_net} + cidr: {get_param: public_net_cidr} + gateway_ip: null + enable_dhcp: false + + public_router: + type: OS::Neutron::Router + properties: + name: public-router + external_gateway_info: + network: {get_param: external_net} + + public_router_port: + type: OS::Neutron::Port + properties: + network: {get_resource: public_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: public_net_router_address} + + public_router_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: public_router} + port: {get_resource: public_router_port} + +outputs: + networks: + value: + provision: {get_resource: provision_network} + public: {get_resource: public_network} + # The provision_network_routers is here for compatibility only + provision_network_routers: + value: {} + public_network_router: + value: + public_router: {get_attr: [public_router_port, fixed_ips, 0, ip_address]} diff --git a/templates/undercloud-networks-routed.yaml b/templates/undercloud-networks-routed.yaml new file mode 100644 index 0000000..b533cb3 --- /dev/null +++ b/templates/undercloud-networks-routed.yaml @@ -0,0 +1,233 @@ +heat_template_version: 2015-04-30 + +parameters: + provision_net: + type: string + default: provision + description: Name of a network that will be used for provisioning traffic + + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.168.24.0/24 + + provision_net_router_address: + type: string + description: Router address for the provision network subnet + default: 192.168.24.254 + + provision_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + provision_net2: + type: string + default: provision2 + description: Name of a second network that will be used for provisioning traffic + + provision_net2_cidr: + type: string + description: CIDR for second provision network subnet + default: 192.168.25.0/24 + + provision_net2_router_address: + type: string + description: Router address for the provision network subnet + default: 192.168.25.254 + + provision_net2_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + provision_net3: + type: string + default: provision3 + description: Name of a third network that will be used for provisioning traffic + + provision_net3_cidr: + type: string + description: CIDR for third provision network subnet + default: 192.168.26.0/24 + + provision_net3_router_address: + type: string + description: Router address for the provision network subnet + default: 192.168.26.254 + + provision_net3_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + public_net: + type: string + description: Name of the overcloud external network + default: public + + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + + public_net_router_address: + type: string + description: Router address for the public network subnet + default: 10.0.0.254 + + public_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + external_net: + type: string + description: An external network for the networks to route to + +resources: + provision_router: + type: OS::Neutron::Router + properties: + name: provision-router + external_gateway_info: + network: {get_param: external_net} + + provision_network: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net} + shared: {get_param: provision_net_shared} + + provision_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network} + name: {get_param: provision_net} + cidr: {get_param: provision_net_cidr} + gateway_ip: null + enable_dhcp: false + + provision_router_port: + type: OS::Neutron::Port + properties: + network: {get_resource: provision_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: provision_net_router_address} + + provision_router_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: provision_router} + port: {get_resource: provision_router_port} + + provision_network2: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net2} + shared: {get_param: provision_net2_shared} + + provision_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network2} + name: {get_param: provision_net2} + cidr: {get_param: provision_net2_cidr} + gateway_ip: null + enable_dhcp: false + + provision_router_port2: + type: OS::Neutron::Port + properties: + network: {get_resource: provision_network2} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: provision_net2_router_address} + + provision_router_interface2: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: provision_router} + port: {get_resource: provision_router_port2} + + provision_network3: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net3} + shared: {get_param: provision_net3_shared} + + provision_subnet3: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network3} + name: {get_param: provision_net3} + cidr: {get_param: provision_net3_cidr} + gateway_ip: null + enable_dhcp: false + + provision_router_port3: + type: OS::Neutron::Port + properties: + network: {get_resource: provision_network3} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: provision_net3_router_address} + + provision_router_interface3: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: provision_router} + port: {get_resource: provision_router_port3} + + public_network: + type: OS::Neutron::Net + properties: + name: {get_param: public_net} + shared: {get_param: public_net_shared} + + public_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: public_network} + name: {get_param: public_net} + cidr: {get_param: public_net_cidr} + gateway_ip: null + enable_dhcp: false + + public_router: + type: OS::Neutron::Router + properties: + name: public-router + external_gateway_info: + network: {get_param: external_net} + + public_router_port: + type: OS::Neutron::Port + properties: + network: {get_resource: public_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: public_net_router_address} + + public_router_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: public_router} + port: {get_resource: public_router_port} + +outputs: + networks: + value: + provision: {get_resource: provision_network} + provision2: {get_resource: provision_network2} + provision3: {get_resource: provision_network3} + public: {get_resource: public_network} + provision_network_routers: + value: + provision_router: {get_attr: [provision_router_port, fixed_ips, 0, ip_address]} + provision2_router: {get_attr: [provision_router_port2, fixed_ips, 0, ip_address]} + provision3_router: {get_attr: [provision_router_port3, fixed_ips, 0, ip_address]} + public_network_router: + value: + public_router: {get_attr: [public_router_port, fixed_ips, 0, ip_address]} diff --git a/templates/undercloud-networks.yaml b/templates/undercloud-networks.yaml new file mode 100644 index 0000000..a25e1a9 --- /dev/null +++ b/templates/undercloud-networks.yaml @@ -0,0 +1,74 @@ +heat_template_version: 2015-04-30 + +parameters: + provision_net: + type: string + default: provision + description: Name of a network that will be used for provisioning traffic + + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.168.24.0/24 + + provision_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + public_net: + type: string + description: Name of the overcloud external network + default: public + + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + + public_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + +resources: + provision_network: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net} + shared: {get_param: provision_net_shared} + + provision_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network} + name: {get_param: provision_net} + cidr: {get_param: provision_net_cidr} + gateway_ip: null + enable_dhcp: false + + public_network: + type: OS::Neutron::Net + properties: + name: {get_param: public_net} + shared: {get_param: public_net_shared} + + public_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: public_network} + name: {get_param: public_net} + cidr: {get_param: public_net_cidr} + gateway_ip: null + enable_dhcp: false + +outputs: + networks: + value: + provision: {get_resource: provision_network} + public: {get_resource: public_network} + # The provision and public network routers is here for compatibility only + provision_network_routers: + value: null + public_network_router: + value: null diff --git a/templates/undercloud-ports-port-security.yaml b/templates/undercloud-ports-port-security.yaml deleted file mode 100644 index 9a0cb2b..0000000 --- a/templates/undercloud-ports-port-security.yaml +++ /dev/null @@ -1,75 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - undercloud_name: - type: string - - private_net: - type: string - - provision_net: - type: string - - public_net: - type: string - -resources: - undercloud_sg: - type: OS::Neutron::SecurityGroup - properties: - name: - list_join: - - '_' - - - {get_param: undercloud_name} - - 'sg' - description: Ping, SSH, and TripleO UI - rules: - - protocol: icmp - - protocol: tcp - port_range_min: 22 - port_range_max: 22 - - protocol: tcp - port_range_min: 3000 - port_range_max: 3000 - - private_undercloud_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '_' - - - {get_param: undercloud_name} - - 'private' - network: {get_param: private_net} - security_groups: - - {get_resource: undercloud_sg} - - provision_undercloud_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '_' - - - {get_param: undercloud_name} - - 'provision' - network: {get_param: provision_net} - port_security_enabled: False - - public_undercloud_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '_' - - - {get_param: undercloud_name} - - 'public' - network: {get_param: public_net} - port_security_enabled: False - -outputs: - ports: - value: - - {port: {get_resource: private_undercloud_port}} - - {port: {get_resource: provision_undercloud_port}} - - {port: {get_resource: public_undercloud_port}} diff --git a/templates/undercloud-ports.yaml b/templates/undercloud-ports.yaml index d05b5cb..1cac893 100644 --- a/templates/undercloud-ports.yaml +++ b/templates/undercloud-ports.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: @@ -8,11 +8,8 @@ parameters: private_net: type: string - provision_net: - type: string - - public_net: - type: string + networks: + type: json resources: undercloud_sg: @@ -53,7 +50,8 @@ resources: - '_' - - {get_param: undercloud_name} - 'provision' - network: {get_param: provision_net} + network: {get_param: [networks, provision]} + port_security_enabled: False public_undercloud_port: type: OS::Neutron::Port @@ -63,7 +61,8 @@ resources: - '_' - - {get_param: undercloud_name} - 'public' - network: {get_param: public_net} + network: {get_param: [networks, public]} + port_security_enabled: False outputs: ports: diff --git a/templates/undercloud-volume.yaml b/templates/undercloud-volume.yaml index 825edb2..62c39f8 100644 --- a/templates/undercloud-volume.yaml +++ b/templates/undercloud-volume.yaml @@ -19,10 +19,8 @@ parameters: description: The size of the volume for the undercloud instance private_net: type: string - provision_net: - type: string - public_net: - type: string + networks: + type: json external_net: type: string @@ -32,8 +30,7 @@ resources: properties: undercloud_name: {get_param: undercloud_name} private_net: {get_param: private_net} - provision_net: {get_param: provision_net} - public_net: {get_param: public_net} + networks: {get_param: networks} undercloud_volume: type: OS::Cinder::Volume diff --git a/templates/undercloud.yaml b/templates/undercloud.yaml index a6aa640..3b08d6a 100644 --- a/templates/undercloud.yaml +++ b/templates/undercloud.yaml @@ -15,10 +15,8 @@ parameters: type: string private_net: type: string - provision_net: - type: string - public_net: - type: string + networks: + type: json external_net: type: string @@ -28,8 +26,7 @@ resources: properties: undercloud_name: {get_param: undercloud_name} private_net: {get_param: private_net} - provision_net: {get_param: provision_net} - public_net: {get_param: public_net} + networks: {get_param: networks} undercloud_server: type: OS::Nova::Server diff --git a/templates/virtual-baremetal-servers.yaml b/templates/virtual-baremetal-servers.yaml index 8dea67f..0ec471c 100644 --- a/templates/virtual-baremetal-servers.yaml +++ b/templates/virtual-baremetal-servers.yaml @@ -14,11 +14,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string + networks: + type: json suffix: type: string @@ -30,8 +27,7 @@ resources: properties: suffix: {get_param: suffix} baremetal_prefix: {get_param: baremetal_prefix} - provision_net: {get_param: provision_net} - public_net: {get_param: public_net} + networks: {get_param: networks} baremetal_server: type: OS::Nova::Server diff --git a/templates/virtual-baremetal.yaml b/templates/virtual-baremetal.yaml index 25b7758..0bf1a60 100644 --- a/templates/virtual-baremetal.yaml +++ b/templates/virtual-baremetal.yaml @@ -45,22 +45,15 @@ parameters: default: 1 description: Number of baremetal nodes to deploy - public_net: - type: string - description: | - An additional network that will be attached to the baremetal instances, - intended to be used for non-provisioning traffic - default: public - private_net: type: string default: private description: Name of a private network which can have floating ips associated with it - provision_net: - type: string - default: provision - description: Name of a network that will be used for provisioning traffic + networks: + type: json + default: {"private": "private", "provision": "provision"} + description: A map of networks to their names. bmc_prefix: type: string @@ -121,6 +114,14 @@ parameters: default: '{}' hidden: true + dhcp_ips: + type: json + default: + - 192.168.24.1 + - 192.168.24.10 + description: | + The IP addresses of DHCP servers to relay DHCP requests to. + # Ignored parameters for compatibility with QuintupleO env files undercloud_image: type: string @@ -162,6 +163,15 @@ resources: - _%index% network: {get_param: private_net} + bmc_handle: + type: OS::Heat::WaitConditionHandle + + bmc_wait_condition: + type: OS::Heat::WaitCondition + properties: + handle: {get_resource: bmc_handle} + timeout: 600 + bmc_server: type: OS::Nova::Server depends_on: [openstack_baremetal_servers, bmc_other_ports, bmc_port] @@ -190,6 +200,7 @@ resources: $private_net: {get_param: private_net} $openstackbmc_script: {get_file: ../bin/openstackbmc} $cloud_data: {get_param: cloud_data} + $signal_command: {get_attr: [bmc_handle, curl_cli]} template: {get_file: ../bin/install_openstackbmc.sh} baremetal_networks: @@ -206,7 +217,16 @@ resources: baremetal_flavor: {get_param: baremetal_flavor} baremetal_image: {get_param: baremetal_image} key_name: {get_param: key_name} - provision_net: {get_param: provision_net} - public_net: {get_param: public_net} + networks: {get_param: networks} suffix: _%index% baremetal_prefix: {get_param: baremetal_prefix} + + dhcp_relay: + type: OS::OVB::DHCPRelay + properties: + networks: {get_param: networks} + dhcp_ips: {get_param: dhcp_ips} + +outputs: + baremetal_networks_routers_addresses: + value: {get_attr: [baremetal_networks, routers_addresses]} diff --git a/test-requirements.txt b/test-requirements.txt index fa82139..6455919 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -7,5 +7,5 @@ testtools>=0.9.36,!=1.2.0 mock>=1.0 # docs -sphinx>=1.1.2,!=1.2.0,!=1.3b1,<1.3 -sphinx_rtd_theme==0.1.7 +sphinx>=1.6 +sphinx_rtd_theme