From 0ee82cd296cff494bd6e11cc16e854257d15391b Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Fri, 27 Jul 2018 22:22:36 +0000 Subject: [PATCH 01/46] Abstract undercloud network creation Doing this make it possible to override the network configuration and deploy more/different networks. --- .../baremetal-ports-all-port-security.yaml | 13 ++-- templates/baremetal-ports-all.yaml | 13 ++-- ...baremetal-ports-default-port-security.yaml | 11 +-- templates/baremetal-ports-default.yaml | 11 +-- ...al-ports-extra-node-fip-port-security.yaml | 13 ++-- ...emetal-ports-extra-node-port-security.yaml | 13 ++-- ...metal-ports-public-bond-port-security.yaml | 15 ++-- templates/baremetal-ports-public-bond.yaml | 15 ++-- templates/quintupleo.yaml | 71 ++----------------- templates/resource-registry.yaml | 1 + templates/undercloud-networks.yaml | 69 ++++++++++++++++++ templates/undercloud-ports-port-security.yaml | 11 ++- templates/undercloud-ports.yaml | 11 ++- templates/undercloud-volume.yaml | 9 +-- templates/undercloud.yaml | 9 +-- templates/virtual-baremetal-servers.yaml | 10 +-- templates/virtual-baremetal.yaml | 18 ++--- 17 files changed, 130 insertions(+), 183 deletions(-) create mode 100644 templates/undercloud-networks.yaml diff --git a/templates/baremetal-ports-all-port-security.yaml b/templates/baremetal-ports-all-port-security.yaml index 66c29d3..3ea7cef 100644 --- a/templates/baremetal-ports-all-port-security.yaml +++ b/templates/baremetal-ports-all-port-security.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -46,7 +41,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} port_security_enabled: False internal_port: @@ -106,7 +101,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} port_security_enabled: False outputs: diff --git a/templates/baremetal-ports-all.yaml b/templates/baremetal-ports-all.yaml index 7dff06c..5f9736e 100644 --- a/templates/baremetal-ports-all.yaml +++ b/templates/baremetal-ports-all.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -46,7 +41,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} internal_port: type: OS::Neutron::Port @@ -101,7 +96,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} outputs: ports: diff --git a/templates/baremetal-ports-default-port-security.yaml b/templates/baremetal-ports-default-port-security.yaml index 2b114c7..c9d19a0 100644 --- a/templates/baremetal-ports-default-port-security.yaml +++ b/templates/baremetal-ports-default-port-security.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -26,7 +21,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} port_security_enabled: False outputs: diff --git a/templates/baremetal-ports-default.yaml b/templates/baremetal-ports-default.yaml index fd6ee0f..3e7fbc7 100644 --- a/templates/baremetal-ports-default.yaml +++ b/templates/baremetal-ports-default.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -26,7 +21,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} outputs: ports: diff --git a/templates/baremetal-ports-extra-node-fip-port-security.yaml b/templates/baremetal-ports-extra-node-fip-port-security.yaml index 0db18b9..41672f4 100644 --- a/templates/baremetal-ports-extra-node-fip-port-security.yaml +++ b/templates/baremetal-ports-extra-node-fip-port-security.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json private_net: type: string @@ -62,7 +57,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} port_security_enabled: False public_port: @@ -74,7 +69,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} port_security_enabled: False extra_node_fip: diff --git a/templates/baremetal-ports-extra-node-port-security.yaml b/templates/baremetal-ports-extra-node-port-security.yaml index b91394d..151fdfc 100644 --- a/templates/baremetal-ports-extra-node-port-security.yaml +++ b/templates/baremetal-ports-extra-node-port-security.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json private_net: type: string @@ -59,7 +54,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} port_security_enabled: False public_port: @@ -71,7 +66,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} port_security_enabled: False outputs: diff --git a/templates/baremetal-ports-public-bond-port-security.yaml b/templates/baremetal-ports-public-bond-port-security.yaml index 5e2d4d7..8e59a45 100644 --- a/templates/baremetal-ports-public-bond-port-security.yaml +++ b/templates/baremetal-ports-public-bond-port-security.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -46,7 +41,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} port_security_enabled: False internal_port: @@ -106,7 +101,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} port_security_enabled: False public_bond_port: @@ -118,7 +113,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} port_security_enabled: False outputs: diff --git a/templates/baremetal-ports-public-bond.yaml b/templates/baremetal-ports-public-bond.yaml index 496c63e..b93009a 100644 --- a/templates/baremetal-ports-public-bond.yaml +++ b/templates/baremetal-ports-public-bond.yaml @@ -5,13 +5,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string - description: Name of external network - default: public + networks: + type: json suffix: type: string @@ -46,7 +41,7 @@ resources: - '' - - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: provision_net} + network: {get_param: [networks, provision]} internal_port: type: OS::Neutron::Port @@ -101,7 +96,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} public_bond_port: type: OS::Neutron::Port @@ -112,7 +107,7 @@ resources: - - public_ - {get_param: baremetal_prefix} - {get_param: suffix} - network: {get_param: public_net} + network: {get_param: [networks, public]} outputs: ports: diff --git a/templates/quintupleo.yaml b/templates/quintupleo.yaml index d77ad39..adaacbe 100644 --- a/templates/quintupleo.yaml +++ b/templates/quintupleo.yaml @@ -49,36 +49,6 @@ parameters: default: external description: An external network from which floating ips can be provisioned - provision_net: - type: string - default: provision - description: Name of a network that will be used for provisioning traffic - - provision_net_cidr: - type: string - description: CIDR for provision network subnet - default: 192.0.2.0/24 - - provision_net_shared: - type: boolean - description: Whether this network should be shared across all tenants - default: false - - public_net: - type: string - description: Name of the overcloud external network - default: public - - public_net_cidr: - type: string - description: CIDR for external network subnet - default: 10.0.0.0/24 - - public_net_shared: - type: boolean - description: Whether this network should be shared across all tenants - default: false - bmc_prefix: type: string default: bmc @@ -173,35 +143,8 @@ parameters: resources: - provision_network: - type: OS::Neutron::Net - properties: - name: {get_param: provision_net} - shared: {get_param: provision_net_shared} - - provision_subnet: - type: OS::Neutron::Subnet - properties: - network: {get_resource: provision_network} - name: {get_param: provision_net} - cidr: {get_param: provision_net_cidr} - gateway_ip: null - enable_dhcp: false - - public_network: - type: OS::Neutron::Net - properties: - name: {get_param: public_net} - shared: {get_param: public_net_shared} - - public_subnet: - type: OS::Neutron::Subnet - properties: - network: {get_resource: public_network} - name: {get_param: public_net} - cidr: {get_param: public_net_cidr} - gateway_ip: null - enable_dhcp: false + undercloud_networks: + type: OS::OVB::UndercloudNetworks private_network: type: OS::OVB::PrivateNetwork @@ -211,7 +154,7 @@ resources: undercloud_env: type: OS::OVB::UndercloudEnvironment - depends_on: [provision_subnet, public_subnet] + depends_on: [undercloud_networks, private_network] properties: undercloud_flavor: {get_param: undercloud_flavor} undercloud_image: {get_param: undercloud_image} @@ -220,21 +163,19 @@ resources: undercloud_user_data_format: {get_param: undercloud_user_data_format} undercloud_user_data: {get_param: undercloud_user_data} private_net: {get_attr: [private_network, private_net]} - provision_net: {get_resource: provision_network} - public_net: {get_resource: public_network} + networks: {get_attr: [undercloud_networks, networks]} external_net: {get_param: external_net} baremetal_env: type: OS::OVB::BaremetalEnvironment - depends_on: [provision_subnet, public_subnet] + depends_on: undercloud_networks properties: baremetal_flavor: {get_param: baremetal_flavor} baremetal_image: {get_param: baremetal_image} key_name: {get_param: key_name} node_count: {get_param: node_count} - public_net: {get_resource: public_network} private_net: {get_attr: [private_network, private_net]} - provision_net: {get_resource: provision_network} + networks: {get_attr: [undercloud_networks, networks]} bmc_flavor: {get_param: bmc_flavor} bmc_prefix: {get_param: bmc_prefix} bmc_image: {get_param: bmc_image} diff --git a/templates/resource-registry.yaml b/templates/resource-registry.yaml index 69df109..e6c20ab 100644 --- a/templates/resource-registry.yaml +++ b/templates/resource-registry.yaml @@ -8,3 +8,4 @@ resource_registry: OS::OVB::BaremetalPorts: baremetal-ports-default.yaml OS::OVB::BMCPort: bmc-port.yaml OS::OVB::UndercloudPorts: undercloud-ports.yaml + OS::OVB::UndercloudNetworks: undercloud-networks.yaml diff --git a/templates/undercloud-networks.yaml b/templates/undercloud-networks.yaml new file mode 100644 index 0000000..093e85d --- /dev/null +++ b/templates/undercloud-networks.yaml @@ -0,0 +1,69 @@ +heat_template_version: 2015-04-30 + +parameters: + provision_net: + type: string + default: provision + description: Name of a network that will be used for provisioning traffic + + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.0.2.0/24 + + provision_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + public_net: + type: string + description: Name of the overcloud external network + default: public + + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + + public_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + +resources: + provision_network: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net} + shared: {get_param: provision_net_shared} + + provision_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network} + name: {get_param: provision_net} + cidr: {get_param: provision_net_cidr} + gateway_ip: null + enable_dhcp: false + + public_network: + type: OS::Neutron::Net + properties: + name: {get_param: public_net} + shared: {get_param: public_net_shared} + + public_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: public_network} + name: {get_param: public_net} + cidr: {get_param: public_net_cidr} + gateway_ip: null + enable_dhcp: false + +outputs: + networks: + value: + provision: {get_resource: provision_network} + public: {get_resource: public_network} diff --git a/templates/undercloud-ports-port-security.yaml b/templates/undercloud-ports-port-security.yaml index 9a0cb2b..1cac893 100644 --- a/templates/undercloud-ports-port-security.yaml +++ b/templates/undercloud-ports-port-security.yaml @@ -8,11 +8,8 @@ parameters: private_net: type: string - provision_net: - type: string - - public_net: - type: string + networks: + type: json resources: undercloud_sg: @@ -53,7 +50,7 @@ resources: - '_' - - {get_param: undercloud_name} - 'provision' - network: {get_param: provision_net} + network: {get_param: [networks, provision]} port_security_enabled: False public_undercloud_port: @@ -64,7 +61,7 @@ resources: - '_' - - {get_param: undercloud_name} - 'public' - network: {get_param: public_net} + network: {get_param: [networks, public]} port_security_enabled: False outputs: diff --git a/templates/undercloud-ports.yaml b/templates/undercloud-ports.yaml index d05b5cb..dc3f1ce 100644 --- a/templates/undercloud-ports.yaml +++ b/templates/undercloud-ports.yaml @@ -8,11 +8,8 @@ parameters: private_net: type: string - provision_net: - type: string - - public_net: - type: string + networks: + type: json resources: undercloud_sg: @@ -53,7 +50,7 @@ resources: - '_' - - {get_param: undercloud_name} - 'provision' - network: {get_param: provision_net} + network: {get_param: [networks, provision]} public_undercloud_port: type: OS::Neutron::Port @@ -63,7 +60,7 @@ resources: - '_' - - {get_param: undercloud_name} - 'public' - network: {get_param: public_net} + network: {get_param: [networks, public]} outputs: ports: diff --git a/templates/undercloud-volume.yaml b/templates/undercloud-volume.yaml index 825edb2..62c39f8 100644 --- a/templates/undercloud-volume.yaml +++ b/templates/undercloud-volume.yaml @@ -19,10 +19,8 @@ parameters: description: The size of the volume for the undercloud instance private_net: type: string - provision_net: - type: string - public_net: - type: string + networks: + type: json external_net: type: string @@ -32,8 +30,7 @@ resources: properties: undercloud_name: {get_param: undercloud_name} private_net: {get_param: private_net} - provision_net: {get_param: provision_net} - public_net: {get_param: public_net} + networks: {get_param: networks} undercloud_volume: type: OS::Cinder::Volume diff --git a/templates/undercloud.yaml b/templates/undercloud.yaml index a6aa640..3b08d6a 100644 --- a/templates/undercloud.yaml +++ b/templates/undercloud.yaml @@ -15,10 +15,8 @@ parameters: type: string private_net: type: string - provision_net: - type: string - public_net: - type: string + networks: + type: json external_net: type: string @@ -28,8 +26,7 @@ resources: properties: undercloud_name: {get_param: undercloud_name} private_net: {get_param: private_net} - provision_net: {get_param: provision_net} - public_net: {get_param: public_net} + networks: {get_param: networks} undercloud_server: type: OS::Nova::Server diff --git a/templates/virtual-baremetal-servers.yaml b/templates/virtual-baremetal-servers.yaml index 8dea67f..0ec471c 100644 --- a/templates/virtual-baremetal-servers.yaml +++ b/templates/virtual-baremetal-servers.yaml @@ -14,11 +14,8 @@ parameters: baremetal_prefix: type: string - provision_net: - type: string - - public_net: - type: string + networks: + type: json suffix: type: string @@ -30,8 +27,7 @@ resources: properties: suffix: {get_param: suffix} baremetal_prefix: {get_param: baremetal_prefix} - provision_net: {get_param: provision_net} - public_net: {get_param: public_net} + networks: {get_param: networks} baremetal_server: type: OS::Nova::Server diff --git a/templates/virtual-baremetal.yaml b/templates/virtual-baremetal.yaml index 25b7758..f5cb6ae 100644 --- a/templates/virtual-baremetal.yaml +++ b/templates/virtual-baremetal.yaml @@ -45,22 +45,15 @@ parameters: default: 1 description: Number of baremetal nodes to deploy - public_net: - type: string - description: | - An additional network that will be attached to the baremetal instances, - intended to be used for non-provisioning traffic - default: public - private_net: type: string default: private description: Name of a private network which can have floating ips associated with it - provision_net: - type: string - default: provision - description: Name of a network that will be used for provisioning traffic + networks: + type: json + default: '{"private": "private", "provision": "provision"}' + description: A map of networks to their names. bmc_prefix: type: string @@ -206,7 +199,6 @@ resources: baremetal_flavor: {get_param: baremetal_flavor} baremetal_image: {get_param: baremetal_image} key_name: {get_param: key_name} - provision_net: {get_param: provision_net} - public_net: {get_param: public_net} + networks: {get_param: networks} suffix: _%index% baremetal_prefix: {get_param: baremetal_prefix} From 1577f4c2ced379f5d59af070429cb66f1fed8f6c Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Tue, 31 Jul 2018 15:46:13 +0000 Subject: [PATCH 02/46] Add template for routed undercloud networks --- templates/undercloud-networks-routed.yaml | 172 ++++++++++++++++++++++ 1 file changed, 172 insertions(+) create mode 100644 templates/undercloud-networks-routed.yaml diff --git a/templates/undercloud-networks-routed.yaml b/templates/undercloud-networks-routed.yaml new file mode 100644 index 0000000..3baaea6 --- /dev/null +++ b/templates/undercloud-networks-routed.yaml @@ -0,0 +1,172 @@ +heat_template_version: 2015-04-30 + +parameters: + provision_net: + type: string + default: provision + description: Name of a network that will be used for provisioning traffic + + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.0.2.0/24 + + provision_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + provision_net2: + type: string + default: provision2 + description: Name of a second network that will be used for provisioning traffic + + provision_net2_cidr: + type: string + description: CIDR for second provision network subnet + default: 192.0.3.0/24 + + provision_net2_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + provision_net3: + type: string + default: provision3 + description: Name of a third network that will be used for provisioning traffic + + provision_net3_cidr: + type: string + description: CIDR for third provision network subnet + default: 192.0.4.0/24 + + provision_net3_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + public_net: + type: string + description: Name of the overcloud external network + default: public + + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + + public_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + +resources: + provision_router: + type: OS::Neutron::Router + properties: + name: provision-router + + provision_network: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net} + shared: {get_param: provision_net_shared} + + provision_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network} + name: {get_param: provision_net} + cidr: {get_param: provision_net_cidr} + gateway_ip: null + enable_dhcp: false + + provision_router_port: + type: OS::Neutron::Port + properties: + network: {get_resource: provision_network} + port_security_enabled: false + + provision_router_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: provision_router} + port: {get_resource: provision_router_port} + + provision_network2: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net2} + shared: {get_param: provision_net2_shared} + + provision_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network2} + name: {get_param: provision_net2} + cidr: {get_param: provision_net2_cidr} + gateway_ip: null + enable_dhcp: false + + provision_router_port2: + type: OS::Neutron::Port + properties: + network: {get_resource: provision_network2} + port_security_enabled: false + + provision_router_interface2: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: provision_router} + port: {get_resource: provision_router_port2} + + provision_network3: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net3} + shared: {get_param: provision_net3_shared} + + provision_subnet3: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network3} + name: {get_param: provision_net3} + cidr: {get_param: provision_net3_cidr} + gateway_ip: null + enable_dhcp: false + + provision_router_port3: + type: OS::Neutron::Port + properties: + network: {get_resource: provision_network3} + port_security_enabled: false + + provision_router_interface3: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: provision_router} + port: {get_resource: provision_router_port3} + + public_network: + type: OS::Neutron::Net + properties: + name: {get_param: public_net} + shared: {get_param: public_net_shared} + + public_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: public_network} + name: {get_param: public_net} + cidr: {get_param: public_net_cidr} + gateway_ip: null + enable_dhcp: false + +outputs: + networks: + value: + provision: {get_resource: provision_network} + provision2: {get_resource: provision_network2} + provision3: {get_resource: provision_network3} + public: {get_resource: public_network} From de90c9e5f582b50af94d6a0ad118f1356cde3391 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Tue, 31 Jul 2018 16:42:38 +0000 Subject: [PATCH 03/46] Add routed baremetal networks template --- templates/baremetal-networks-routed.yaml | 342 +++++++++++++++++++++++ 1 file changed, 342 insertions(+) create mode 100644 templates/baremetal-networks-routed.yaml diff --git a/templates/baremetal-networks-routed.yaml b/templates/baremetal-networks-routed.yaml new file mode 100644 index 0000000..3ffccf6 --- /dev/null +++ b/templates/baremetal-networks-routed.yaml @@ -0,0 +1,342 @@ +heat_template_version: 2014-10-16 + +# Template which creates all networks required for full network isloation. + +parameters: + + overcloud_internal_net: + type: string + description: Name of internal API network + default: overcloud_internal + + overcloud_internal_net_cidr: + type: string + description: | + CIDR for internal API network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.17.0.0/24 + + overcloud_internal_net2: + type: string + description: Name of internal API network + default: overcloud_internal2 + + overcloud_internal_net2_cidr: + type: string + description: | + CIDR for internal API network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.17.1.0/24 + + overcloud_storage_net: + type: string + description: Name of storage network + default: overcloud_storage + + overcloud_storage_net_cidr: + type: string + description: | + CIDR for storage network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.18.0.0/24 + + overcloud_storage_net2: + type: string + description: Name of storage network + default: overcloud_storage2 + + overcloud_storage_net2_cidr: + type: string + description: | + CIDR for storage network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.18.1.0/24 + + overcloud_storage_mgmt_net: + type: string + description: Name of storage management network + default: overcloud_storage_mgmt + + overcloud_storage_mgmt_net_cidr: + type: string + description: | + CIDR for storage management network subnet. This is typically irrelevant + and does not need to be changed. + default: 172.19.0.0/24 + + overcloud_storage_mgmt_net2: + type: string + description: Name of storage management network + default: overcloud_storage_mgmt2 + + overcloud_storage_mgmt_net2_cidr: + type: string + description: | + CIDR for storage management network subnet. This is typically irrelevant + and does not need to be changed. + default: 172.19.1.0/24 + + overcloud_tenant_net: + type: string + description: Name of tenant network + default: overcloud_tenant + + overcloud_tenant_net_cidr: + type: string + description: | + CIDR for tenant network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.16.0.0/24 + + overcloud_tenant_net2: + type: string + description: Name of tenant network + default: overcloud_tenant2 + + overcloud_tenant_net2_cidr: + type: string + description: | + CIDR for tenant network subnet. This is typically irrelevant and + does not need to be changed. + default: 172.16.1.0/24 + +resources: + internal_router: + type: OS::Neutron::Router + properties: + name: internal-router + + internal_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_internal_net} + + internal_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: internal_network} + name: {get_param: overcloud_internal_net} + cidr: {get_param: overcloud_internal_net_cidr} + gateway_ip: null + enable_dhcp: false + + internal_subnet_port: + type: OS::Neutron::Port + properties: + network: {get_resource: internal_network} + port_security_enabled: false + + internal_subnet_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: internal_router} + port: {get_resource: internal_subnet_port} + + internal_network2: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_internal_net2} + + internal_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: internal_network2} + name: {get_param: overcloud_internal_net2} + cidr: {get_param: overcloud_internal_net2_cidr} + gateway_ip: null + enable_dhcp: false + + internal_subnet2_port: + type: OS::Neutron::Port + properties: + network: {get_resource: internal_network2} + port_security_enabled: false + + internal_subnet2_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: internal_router} + port: {get_resource: internal_subnet2_port} + + storage_router: + type: OS::Neutron::Router + properties: + name: storage-router + + storage_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_net} + + storage_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_network} + name: {get_param: overcloud_storage_net} + cidr: {get_param: overcloud_storage_net_cidr} + gateway_ip: null + enable_dhcp: false + + storage_subnet_port: + type: OS::Neutron::Port + properties: + network: {get_resource: storage_network} + port_security_enabled: false + + storage_subnet_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: storage_router} + port: {get_resource: storage_subnet_port} + + storage_network2: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_net2} + + storage_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_network2} + name: {get_param: overcloud_storage_net2} + cidr: {get_param: overcloud_storage_net2_cidr} + gateway_ip: null + enable_dhcp: false + + storage_subnet2_port: + type: OS::Neutron::Port + properties: + network: {get_resource: storage_network2} + port_security_enabled: false + + storage_subnet2_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: storage_router} + port: {get_resource: storage_subnet2_port} + + storage_mgmt_router: + type: OS::Neutron::Router + properties: + name: storage-mgmt-router + + storage_mgmt_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_mgmt_net} + + storage_mgmt_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_mgmt_network} + name: {get_param: overcloud_storage_mgmt_net} + cidr: {get_param: overcloud_storage_mgmt_net_cidr} + gateway_ip: null + enable_dhcp: false + + storage_mgmt_subnet_port: + type: OS::Neutron::Port + properties: + network: {get_resource: storage_mgmt_network} + port_security_enabled: false + + storage_mgmt_subnet_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: storage_mgmt_router} + port: {get_resource: storage_mgmt_subnet_port} + + storage_mgmt_network2: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_storage_mgmt_net2} + + storage_mgmt_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: storage_mgmt_network2} + name: {get_param: overcloud_storage_mgmt_net2} + cidr: {get_param: overcloud_storage_mgmt_net2_cidr} + gateway_ip: null + enable_dhcp: false + + storage_mgmt_subnet2_port: + type: OS::Neutron::Port + properties: + network: {get_resource: storage_mgmt_network2} + port_security_enabled: false + + storage_mgmt_subnet2_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: storage_mgmt_router} + port: {get_resource: storage_mgmt_subnet2_port} + + tenant_router: + type: OS::Neutron::Router + properties: + name: tenant-router + + tenant_network: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_tenant_net} + + tenant_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: tenant_network} + name: {get_param: overcloud_tenant_net} + cidr: {get_param: overcloud_tenant_net_cidr} + gateway_ip: null + enable_dhcp: false + + tenant_subnet_port: + type: OS::Neutron::Port + properties: + network: {get_resource: tenant_network} + port_security_enabled: false + + tenant_subnet_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: tenant_router} + port: {get_resource: tenant_subnet_port} + + tenant_network2: + type: OS::Neutron::Net + properties: + name: {get_param: overcloud_tenant_net2} + + tenant_subnet2: + type: OS::Neutron::Subnet + properties: + network: {get_resource: tenant_network2} + name: {get_param: overcloud_tenant_net2} + cidr: {get_param: overcloud_tenant_net2_cidr} + gateway_ip: null + enable_dhcp: false + + tenant_subnet2_port: + type: OS::Neutron::Port + properties: + network: {get_resource: tenant_network2} + port_security_enabled: false + + tenant_subnet2_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: tenant_router} + port: {get_resource: tenant_subnet2_port} + +outputs: + networks: + value: + internal_net: {get_resource: internal_network} + internal_net2: {get_resource: internal_network2} + storage_net: {get_resource: storage_network} + storage_net2: {get_resource: storage_network2} + storage_mgmt_net: {get_resource: storage_mgmt_network} + storage_mgmt_net2: {get_resource: storage_mgmt_network2} + tenant_net: {get_resource: tenant_network} + tenant_net2: {get_resource: tenant_network2} From 096f7217d6883927eac3a6a7bbdde9d32418064e Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Wed, 1 Aug 2018 17:38:36 +0000 Subject: [PATCH 04/46] Allow roles to specify their networks For a routed network topology we want to be able to deploy roles that don't necessarily connect to the same networks as the base role. By default the behavior will be the same as before, but now it will be possible to override the parameters in a role env. --- openstack_virtual_baremetal/deploy.py | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index 295390f..6b8df54 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -284,8 +284,15 @@ def _process_role(role_file, base_envs, stack_name, args): 'overcloud_storage_net', 'overcloud_tenant_net', ] # Parameters that are inherited but can be overridden by the role - allowed_parameter_keys = ['baremetal_image', 'bmc_flavor', 'key_name'] - allowed_registry_keys = ['OS::OVB::BaremetalPorts', 'OS::OVB::BMCPort'] + allowed_parameter_keys = ['baremetal_image', 'bmc_flavor', 'key_name', + 'provision_net', 'overcloud_internal_net', + 'overcloud_storage_net', + 'overcloud_storage_mgmt_net', + 'overcloud_tenant_net', + ] + allowed_registry_keys = ['OS::OVB::BaremetalPorts', 'OS::OVB::BMCPort', + 'OS::OVB::UndercloudNetworks', + ] role_env = role_data # resource_registry is intentionally omitted as it should not be inherited for section in ['parameters', 'parameter_defaults']: @@ -323,6 +330,11 @@ def _process_role(role_file, base_envs, stack_name, args): raise RuntimeError('_ character not allowed in role name "%s".' % role) role_env['parameters']['baremetal_prefix'] = '%s-%s' % (base_prefix, role) role_env['parameters']['bmc_prefix'] = '%s-%s' % (bmc_prefix, role) + role_env['parameter_defaults']['networks'] = { + 'private': role_env['parameter_defaults']['private_net'], + 'provision': role_env['parameter_defaults']['provision_net'], + 'public': role_env['parameter_defaults']['public_net'], + } role_file = 'env-%s-%s.yaml' % (stack_name, role) _write_role_file(role_env, role_file) return role_file, role From 22612113ee606b88ab8aa544efeac0f68c3f0646 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Thu, 2 Aug 2018 19:57:29 +0000 Subject: [PATCH 05/46] Add id support to routed networks Previously routed networks only worked when --id was not used with deploy.py. This adds the routed networks to the list of parameters that can be updated with an id. --- openstack_virtual_baremetal/deploy.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index 6b8df54..d8d47d9 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -101,6 +101,11 @@ def _process_args(args): def _add_identifier(env_data, name, identifier, default=None): + """Append identifier to the end of parameter name in env_data + + Look for ``name`` in either the ``parameters`` or ``parameter_defaults`` + key of ``env_data`` and append '-``identifier``' to it. + """ # We require both sections for id environments if not env_data.get('parameters'): env_data['parameters'] = {} @@ -142,6 +147,8 @@ def _build_env_data(env_paths): def _generate_id_env(args): env_data = _build_env_data(args.env) _add_identifier(env_data, 'provision_net', args.id, default='provision') + _add_identifier(env_data, 'provision_net2', args.id, default='provision2') + _add_identifier(env_data, 'provision_net3', args.id, default='provision3') _add_identifier(env_data, 'public_net', args.id, default='public') _add_identifier(env_data, 'baremetal_prefix', @@ -163,6 +170,16 @@ def _generate_id_env(args): default='storage_mgmt') _add_identifier(env_data, 'overcloud_tenant_net', args.id, default='tenant') + # TODO(bnemec): Network names should be parameterized so we don't have to + # hardcode them into deploy.py like this. + _add_identifier(env_data, 'overcloud_internal_net2', args.id, + default='overcloud_internal2') + _add_identifier(env_data, 'overcloud_storage_net2', args.id, + default='overcloud_storage2') + _add_identifier(env_data, 'overcloud_storage_mgmt_net2', args.id, + default='overcloud_storage_mgmt2') + _add_identifier(env_data, 'overcloud_tenant_net2', args.id, + default='overcloud_tenant2') # We don't modify any resource_registry entries, and because we may be # writing the new env file to a different path it can break relative paths # in the resource_registry. @@ -330,6 +347,13 @@ def _process_role(role_file, base_envs, stack_name, args): raise RuntimeError('_ character not allowed in role name "%s".' % role) role_env['parameters']['baremetal_prefix'] = '%s-%s' % (base_prefix, role) role_env['parameters']['bmc_prefix'] = '%s-%s' % (bmc_prefix, role) + # At this time roles are only attached to a single set of networks, so + # we use just the primary network parameters. + _add_identifier(role_env, 'provision_net', args.id) + _add_identifier(role_env, 'overcloud_internal_net', args.id) + _add_identifier(role_env, 'overcloud_storage_net', args.id) + _add_identifier(role_env, 'overcloud_storage_mgmt_net', args.id) + _add_identifier(role_env, 'overcloud_tenant_net', args.id) role_env['parameter_defaults']['networks'] = { 'private': role_env['parameter_defaults']['private_net'], 'provision': role_env['parameter_defaults']['provision_net'], From 0818602c8e5e5a6d10a03b1efc9f19dca19f3468 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Thu, 2 Aug 2018 22:06:20 +0000 Subject: [PATCH 06/46] Add dhcp-relay resource This is an instance that handles dhcp across multiple routed networks. Co-Authored-By: Harald Jensas --- templates/dhcp-relay.yaml | 176 +++++++++++++++++++++++++++++++ templates/resource-registry.yaml | 1 + templates/virtual-baremetal.yaml | 5 + 3 files changed, 182 insertions(+) create mode 100644 templates/dhcp-relay.yaml diff --git a/templates/dhcp-relay.yaml b/templates/dhcp-relay.yaml new file mode 100644 index 0000000..9cfc051 --- /dev/null +++ b/templates/dhcp-relay.yaml @@ -0,0 +1,176 @@ +heat_template_version: 2016-10-14 + +parameters: + + key_name: + type: string + default: default + description: Nova keypair to inject into the undercloud and bmc + + dhcp_relay_flavor: + type: string + default: m1.small + description: The Nova flavor to use for the dhcrelay instance + + dhcp_relay_image: + type: string + default: CentOS-7-x86_64-GenericCloud + description: | + The base image for the dhcrelay instance. A CentOS 7 image is currently + the only one supported. + + inspector_dhcp_ip: + type: string + default: 172.20.0.1 + description: | + The IP address on the undercloud provisioning network. 'local_ip' in + undercloud.conf + + provision_dhcp_ip: + type: string + default: 172.20.0.10 + description: | + The IP address on the undercloud provisioning network. + (The first address in the underclouds local_subnet allocation range. + I.e the dhcp_start address) + + networks: + type: json + + private_net: + type: string + + +resources: + dhcp_relay_port_private: + type: OS::Neutron::Port + properties: + name: dhcp_relay_port_private + network: {get_param: private_net} + + dhcp_relay_port_provision: + type: OS::Neutron::Port + properties: + name: dhcp_relay_port_provision + network: {get_param: [networks, provision]} + port_security_enabled: False + + dhcp_relay_port_provision2: + type: OS::Neutron::Port + properties: + name: dhcp_relay_port_provision2 + network: {get_param: [networks, provision2]} + port_security_enabled: False + + dhcp_relay_port_provision3: + type: OS::Neutron::Port + properties: + name: dhcp_relay_port_provision3 + network: {get_param: [networks, provision3]} + port_security_enabled: False + + init_networks: + type: OS::Heat::CloudConfig + properties: + cloud_config: + network: + version: 2 + ethernets: + eth0: + dhcp4: false + addresses: + - list_join: + - / + - - {get_attr: [dhcp_relay_port_provision, fixed_ips, 0, ip_address]} + - {str_split: ['/', {get_attr: [dhcp_relay_port_provision, subnets, 0, cidr]}, 1]} + eth1: + dhcp4: false + addresses: + - list_join: + - / + - - {get_attr: [dhcp_relay_port_provision2, fixed_ips, 0, ip_address]} + - {str_split: ['/', {get_attr: [dhcp_relay_port_provision2, subnets, 0, cidr]}, 1]} + eth2: + dhcp4: false + addresses: + - list_join: + - / + - - {get_attr: [dhcp_relay_port_provision3, fixed_ips, 0, ip_address]} + - {str_split: ['/', {get_attr: [dhcp_relay_port_provision3, subnets, 0, cidr]}, 1]} + eth3: + dhcp4: true + + init_packages: + type: OS::Heat::CloudConfig + properties: + cloud_config: + package_upgrade: true + packages: + - dhcp + + init_files: + type: OS::Heat::CloudConfig + properties: + cloud_config: + write_files: + - path: /etc/systemd/system/dhcrelay.service + content: + str_replace: + template: | + [Unit] + Description=DHCP Relay Agent Daemon + Documentation=man:dhcrelay(8) + Wants=network-online.target + After=network-online.target + + [Service] + Type=simple + ExecStart=/usr/sbin/dhcrelay -d --no-pid $provision_dhcp_ip $inspector_dhcp_ip -i eth1 -i eth2 -i eth3 + StandardError=null + + [Install] + WantedBy=multi-user.target + params: + $provision_dhcp_ip: {get_param: provision_dhcp_ip} + $inspector_dhcp_ip: {get_param: inspector_dhcp_ip} + - path: /etc/sysctl.d/98-rp-filter.conf + content: | + net.ipv4.conf.eth1.rp_filter = 0 + net.ipv4.conf.eth2.rp_filter = 0 + net.ipv4.conf.eth3.rp_filter = 0 + + init_runcmd: + type: OS::Heat::CloudConfig + properties: + cloud_config: + runcmd: + - ['sysctl','--system'] + - ['systemctl', 'daemon-reload'] + - ['systemctl', 'enable', 'dhcrelay.service'] + - ['systemctl', 'start', 'dhcrelay.service'] + - ['systemctl', 'status', 'dhcrelay.service'] + + dhcrelay_init: + type: OS::Heat::MultipartMime + properties: + parts: + - config: {get_resource: init_networks} + - config: {get_resource: init_packages} + - config: {get_resource: init_files} + - config: {get_resource: init_runcmd} + + dhcp_relay_server: + type: OS::Nova::Server + properties: + name: dhcrelay + flavor: {get_param: dhcp_relay_flavor} + image: {get_param: dhcp_relay_image} + key_name: {get_param: key_name} + networks: + - {port: {get_resource: dhcp_relay_port_private}} + - {port: {get_resource: dhcp_relay_port_provision}} + - {port: {get_resource: dhcp_relay_port_provision2}} + - {port: {get_resource: dhcp_relay_port_provision3}} + config_drive: true + user_data_format: RAW + user_data: {get_resource: dhcrelay_init} diff --git a/templates/resource-registry.yaml b/templates/resource-registry.yaml index e6c20ab..021acc5 100644 --- a/templates/resource-registry.yaml +++ b/templates/resource-registry.yaml @@ -9,3 +9,4 @@ resource_registry: OS::OVB::BMCPort: bmc-port.yaml OS::OVB::UndercloudPorts: undercloud-ports.yaml OS::OVB::UndercloudNetworks: undercloud-networks.yaml + OS::OVB::DHCPRelay: OS::Heat::None diff --git a/templates/virtual-baremetal.yaml b/templates/virtual-baremetal.yaml index f5cb6ae..413c76e 100644 --- a/templates/virtual-baremetal.yaml +++ b/templates/virtual-baremetal.yaml @@ -202,3 +202,8 @@ resources: networks: {get_param: networks} suffix: _%index% baremetal_prefix: {get_param: baremetal_prefix} + + dhcp_relay: + type: OS::OVB::DHCPRelay + properties: + networks: {get_param: networks} From ef30ff2e56d86e3e951dec1fb28269986cf27675 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Thu, 4 Oct 2018 22:55:29 +0000 Subject: [PATCH 07/46] Add sample environments for routed networks Also fixes a problem with the base environment that was preventing the env-generator from functioning with the new template layout. --- doc/source/deploy/environment-index.rst | 20 +++++++++ environments/routed-networks-role.yaml | 48 +++++++++++++++++++++ environments/routed-networks.yaml | 26 +++++++++++ sample-env-generator/environments.yaml | 57 +++++++++++++++++++++++-- 4 files changed, 147 insertions(+), 4 deletions(-) create mode 100644 environments/routed-networks-role.yaml create mode 100644 environments/routed-networks.yaml diff --git a/doc/source/deploy/environment-index.rst b/doc/source/deploy/environment-index.rst index 7fc4701..6f4c26c 100644 --- a/doc/source/deploy/environment-index.rst +++ b/doc/source/deploy/environment-index.rst @@ -136,6 +136,26 @@ Disable the Undercloud in a QuintupleO Stack instance. +Base Role Configuration for Routed Networks +------------------------------------------- + +**File:** environments/routed-networks-role.yaml + +**Description:** A base role environment that contains the necessary parameters for +deploying with routed networks. + + +Enable Routed Networks +---------------------- + +**File:** environments/routed-networks.yaml + +**Description:** Enable use of routed networks, where there may be multiple separate +networks connected with a router and DHCP relay. Do not pass any other +network configuration environments after this one or they may override +the changes made by this environment. + + Assign the Undercloud an Existing Floating IP --------------------------------------------- diff --git a/environments/routed-networks-role.yaml b/environments/routed-networks-role.yaml new file mode 100644 index 0000000..91c12bc --- /dev/null +++ b/environments/routed-networks-role.yaml @@ -0,0 +1,48 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Base Role Configuration for Routed Networks +# description: | +# A base role environment that contains the necessary parameters for +# deploying with routed networks. +parameter_defaults: + # Recommended to be at least 1 vcpu, 4 GB RAM, 50 GB disk + # Type: string + baremetal_flavor: baremetal + + # Nova keypair to inject into the undercloud and bmc + # Type: string + key_name: default + + # Number of baremetal nodes to deploy + # Type: number + node_count: 2 + + # Name of internal API network + # Type: string + overcloud_internal_net: overcloud_internal2 + + # Name of storage management network + # Type: string + overcloud_storage_mgmt_net: overcloud_storage_mgmt2 + + # Name of storage network + # Type: string + overcloud_storage_net: overcloud_storage2 + + # Name of tenant network + # Type: string + overcloud_tenant_net: overcloud_tenant2 + + # Name of a network that will be used for provisioning traffic + # Type: string + provision_net: provision2 + + # The default role for nodes in this environment. This parameter is + # ignored by Heat, but used by build-nodes-json. + # Type: string + role: leaf1 + diff --git a/environments/routed-networks.yaml b/environments/routed-networks.yaml new file mode 100644 index 0000000..0334433 --- /dev/null +++ b/environments/routed-networks.yaml @@ -0,0 +1,26 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Enable Routed Networks +# description: | +# Enable use of routed networks, where there may be multiple separate +# networks connected with a router and DHCP relay. Do not pass any other +# network configuration environments after this one or they may override +# the changes made by this environment. +parameter_defaults: + # The Nova flavor to use for the dhcrelay instance + # Type: string + dhcp_relay_flavor: m1.small + + # The base image for the dhcrelay instance. A CentOS 7 image is currently + # the only one supported. + # Type: string + dhcp_relay_image: CentOS-7-x86_64-GenericCloud + +resource_registry: + OS::OVB::BaremetalNetworks: templates/baremetal-networks-routed.yaml + OS::OVB::DHCPRelay: templates/dhcp-relay.yaml + OS::OVB::UndercloudNetworks: templates/undercloud-networks-routed.yaml diff --git a/sample-env-generator/environments.yaml b/sample-env-generator/environments.yaml index b9cbb07..d20f648 100644 --- a/sample-env-generator/environments.yaml +++ b/sample-env-generator/environments.yaml @@ -14,15 +14,17 @@ environments: - bmc_prefix - baremetal_prefix - node_count - - public_net - - public_net_shared - - provision_net - - provision_net_shared - undercloud_name - undercloud_image - undercloud_flavor - external_net - role + templates/undercloud-networks.yaml: + parameters: + - public_net + - public_net_shared + - provision_net + - provision_net_shared sample_values: baremetal_image: ipxe-boot - @@ -220,3 +222,50 @@ environments: - bmc_use_cache sample_values: bmc_use_cache: True + - + name: routed-networks + title: Enable Routed Networks + description: | + Enable use of routed networks, where there may be multiple separate + networks connected with a router and DHCP relay. Do not pass any other + network configuration environments after this one or they may override + the changes made by this environment. + files: + templates/dhcp-relay.yaml: + parameters: + - dhcp_relay_flavor + - dhcp_relay_image + resource_registry: + OS::OVB::UndercloudNetworks: templates/undercloud-networks-routed.yaml + OS::OVB::BaremetalNetworks: templates/baremetal-networks-routed.yaml + OS::OVB::DHCPRelay: templates/dhcp-relay.yaml + - + name: routed-networks-role + title: Base Role Configuration for Routed Networks + description: | + A base role environment that contains the necessary parameters for + deploying with routed networks. + files: + templates/quintupleo.yaml: + parameters: + - baremetal_flavor + - key_name + - node_count + - role + templates/undercloud-networks.yaml: + parameters: + - provision_net + templates/baremetal-networks-all.yaml: + parameters: + - overcloud_internal_net + - overcloud_storage_net + - overcloud_storage_mgmt_net + - overcloud_tenant_net + sample_values: + role: leaf1 + provision_net: provision2 + overcloud_internal_net: overcloud_internal2 + overcloud_storage_net: overcloud_storage2 + overcloud_storage_mgmt_net: overcloud_storage_mgmt2 + overcloud_tenant_net: overcloud_tenant2 + From c1364026fa3069072e8ce70261a867e84578d641 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Tue, 9 Oct 2018 19:49:56 +0200 Subject: [PATCH 08/46] Fix a key error in _process_role() + pep8 and py27 tests The role does not always override the network information. Update the networks in role_env, get the network from parameter_defaults, fallback to parameters if not set and finally if the netwok is not in parameters set default. Also make default for networks: in templates json instead of literal string. --- openstack_virtual_baremetal/deploy.py | 13 ++++++++----- .../tests/test_deploy.py | 18 +++++++++++++----- templates/virtual-baremetal.yaml | 2 +- 3 files changed, 22 insertions(+), 11 deletions(-) diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index d8d47d9..3471b8b 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -354,11 +354,14 @@ def _process_role(role_file, base_envs, stack_name, args): _add_identifier(role_env, 'overcloud_storage_net', args.id) _add_identifier(role_env, 'overcloud_storage_mgmt_net', args.id) _add_identifier(role_env, 'overcloud_tenant_net', args.id) - role_env['parameter_defaults']['networks'] = { - 'private': role_env['parameter_defaults']['private_net'], - 'provision': role_env['parameter_defaults']['provision_net'], - 'public': role_env['parameter_defaults']['public_net'], - } + if not role_env['parameter_defaults'].get('networks'): + role_env['parameter_defaults']['networks'] = {} + for k, v in {'private': 'private_net', + 'provision': 'provision_net', + 'public': 'public_net'}.items(): + role_env['parameter_defaults']['networks'].update( + {k: role_env['parameter_defaults'].get( + v, role_env['parameters'].get(v, k))}) role_file = 'env-%s-%s.yaml' % (stack_name, role) _write_role_file(role_env, role_file) return role_file, role diff --git a/openstack_virtual_baremetal/tests/test_deploy.py b/openstack_virtual_baremetal/tests/test_deploy.py index 07fb293..3829fd6 100755 --- a/openstack_virtual_baremetal/tests/test_deploy.py +++ b/openstack_virtual_baremetal/tests/test_deploy.py @@ -192,11 +192,11 @@ class TestIdEnv(unittest.TestCase): # _process_role test data role_base_data = { 'parameter_defaults': { - 'overcloud_storage_mgmt_net': 'storage_mgmt-foo', - 'overcloud_internal_net': 'internal-foo', - 'overcloud_storage_net': 'storage-foo', + 'overcloud_storage_mgmt_net': 'storage_mgmt', + 'overcloud_internal_net': 'internal', + 'overcloud_storage_net': 'storage', + 'overcloud_tenant_net': 'tenant', 'role': 'control', - 'overcloud_tenant_net': 'tenant-foo' }, 'parameters': { 'os_user': 'admin', @@ -398,8 +398,16 @@ class TestDeploy(testtools.TestCase): output['parameters']['bmc_prefix']) # These should be inherited self.assertEqual('ipxe-boot', output['parameters']['baremetal_image']) - self.assertEqual('tenant-foo', + self.assertEqual('tenant-' + args.id, output['parameter_defaults']['overcloud_tenant_net']) + self.assertEqual('internal-' + args.id, + output['parameter_defaults']['overcloud_internal_net'] + ) + self.assertEqual('storage-' + args.id, + output['parameter_defaults']['overcloud_storage_net']) + self.assertEqual('storage_mgmt-' + args.id, + output['parameter_defaults'][ + 'overcloud_storage_mgmt_net']) # This should not be present in a role env, even if set in the file self.assertNotIn('OS::OVB::BaremetalNetworks', output['resource_registry']) diff --git a/templates/virtual-baremetal.yaml b/templates/virtual-baremetal.yaml index 413c76e..e179de5 100644 --- a/templates/virtual-baremetal.yaml +++ b/templates/virtual-baremetal.yaml @@ -52,7 +52,7 @@ parameters: networks: type: json - default: '{"private": "private", "provision": "provision"}' + default: {"private": "private", "provision": "provision"} description: A map of networks to their names. bmc_prefix: From 43a37ee843995fd3611b04e5425a3aa4e6e32ba6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Tue, 25 Sep 2018 14:51:46 +0200 Subject: [PATCH 09/46] Fix build-nodes-json for routed networks When using routed networks, i.e multiple provision networks passing in the evironment file to build-nodes-json did'nt work. It resulted in key errors when looking up the mac address of the provision_net interface. This change automates this by creating a provision_net_map, mapping baremetal_port id's to subnet names. Also deprecates the --provision-net option as it is no longer needed. --- .../build_nodes_json.py | 31 ++-- .../tests/test_build_nodes_json.py | 137 +++++++++++------- 2 files changed, 106 insertions(+), 62 deletions(-) diff --git a/openstack_virtual_baremetal/build_nodes_json.py b/openstack_virtual_baremetal/build_nodes_json.py index 4a23458..6b7ced8 100755 --- a/openstack_virtual_baremetal/build_nodes_json.py +++ b/openstack_virtual_baremetal/build_nodes_json.py @@ -45,7 +45,7 @@ def _parse_args(): parser.add_argument('--provision_net', dest='provision_net', default='provision', - help='Provisioning network name') + help='DEPRECATED: This parameter is ignored.') parser.add_argument('--nodes_json', dest='nodes_json', default='nodes.json', @@ -82,7 +82,6 @@ def _get_names(args): if args.env is None: bmc_base = args.bmc_prefix baremetal_base = args.baremetal_prefix - provision_net = args.provision_net # FIXME: This is not necessarily true. undercloud_name = 'undercloud' else: @@ -90,12 +89,11 @@ def _get_names(args): e = yaml.safe_load(f) bmc_base = _get_from_env(e, 'bmc_prefix') baremetal_base = _get_from_env(e, 'baremetal_prefix') - provision_net = _get_from_env(e, 'provision_net') role = e.get('parameter_defaults', {}).get('role') if role and baremetal_base.endswith('-' + role): baremetal_base = baremetal_base[:-len(role) - 1] undercloud_name = e.get('parameter_defaults', {}).get('undercloud_name') # noqa: E501 - return bmc_base, baremetal_base, provision_net, undercloud_name + return bmc_base, baremetal_base, undercloud_name def _get_clients(): @@ -116,10 +114,17 @@ def _get_ports(neutron, bmc_base, baremetal_base): raise RuntimeError('Found different numbers of baremetal and ' 'bmc ports. bmc: %s baremetal: %s' % (bmc_ports, bm_ports)) - return bmc_ports, bm_ports + provision_net_map = {} + for port in bm_ports: + provision_net_map.update({ + port.get('id'): + neutron.list_subnets( + id=port['fixed_ips'][0]['subnet_id'])['subnets'][0].get( + 'name')}) + return bmc_ports, bm_ports, provision_net_map -def _build_nodes(nova, glance, bmc_ports, bm_ports, provision_net, +def _build_nodes(nova, glance, bmc_ports, bm_ports, provision_net_map, baremetal_base, undercloud_name, driver, physical_network): node_template = { 'pm_type': driver, @@ -136,9 +141,6 @@ def _build_nodes(nova, glance, bmc_ports, bm_ports, provision_net, } if physical_network: node_template.pop('mac') - node_template.update( - {'ports': [{'address': '', 'physical_network': provision_net}]}) - nodes = [] bmc_bm_pairs = [] cache = {} @@ -151,9 +153,11 @@ def _build_nodes(nova, glance, bmc_ports, bm_ports, provision_net, node = dict(node_template) node['pm_addr'] = bmc_port['fixed_ips'][0]['ip_address'] bmc_bm_pairs.append((node['pm_addr'], baremetal.name)) + provision_net = provision_net_map.get(baremetal_port['id']) mac = baremetal.addresses[provision_net][0]['OS-EXT-IPS-MAC:mac_addr'] if physical_network: - node['ports'][0]['address'] = mac + node.update({'ports': [{'address': mac, + 'physical_network': provision_net}]}) else: node['mac'] = [mac] if not cache.get(baremetal.flavor['id']): @@ -282,14 +286,15 @@ def _write_pairs(bmc_bm_pairs): def main(): args = _parse_args() - bmc_base, baremetal_base, provision_net, undercloud_name = _get_names(args) + bmc_base, baremetal_base, undercloud_name = _get_names(args) nova, neutron, glance = _get_clients() - bmc_ports, bm_ports = _get_ports(neutron, bmc_base, baremetal_base) + bmc_ports, bm_ports, provision_net_map = _get_ports(neutron, bmc_base, + baremetal_base) (nodes, bmc_bm_pairs, extra_nodes, network_details) = _build_nodes(nova, glance, bmc_ports, bm_ports, - provision_net, baremetal_base, + provision_net_map, baremetal_base, undercloud_name, args.driver, args.physical_network) _write_nodes(nodes, extra_nodes, network_details, args) diff --git a/openstack_virtual_baremetal/tests/test_build_nodes_json.py b/openstack_virtual_baremetal/tests/test_build_nodes_json.py index a2d1efe..bcf30b0 100644 --- a/openstack_virtual_baremetal/tests/test_build_nodes_json.py +++ b/openstack_virtual_baremetal/tests/test_build_nodes_json.py @@ -70,13 +70,11 @@ class TestBuildNodesJson(testtools.TestCase): args.env = None args.bmc_prefix = 'bmc-foo' args.baremetal_prefix = 'baremetal-foo' - args.provision_net = 'provision-foo' args.add_undercloud = False - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertEqual('undercloud', undercloud_name) def test_get_names_no_env_w_undercloud(self): @@ -84,13 +82,11 @@ class TestBuildNodesJson(testtools.TestCase): args.env = None args.bmc_prefix = 'bmc-foo' args.baremetal_prefix = 'baremetal-foo' - args.provision_net = 'provision-foo' args.add_undercloud = True - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertEqual('undercloud', undercloud_name) @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', @@ -104,15 +100,13 @@ class TestBuildNodesJson(testtools.TestCase): 'parameters': { 'bmc_prefix': 'bmc-foo', 'baremetal_prefix': 'baremetal-foo', - 'provision_net': 'provision-foo' }, } mock_load.return_value = mock_env - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertIsNone(undercloud_name) @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', @@ -126,15 +120,13 @@ class TestBuildNodesJson(testtools.TestCase): 'parameter_defaults': { 'bmc_prefix': 'bmc-foo', 'baremetal_prefix': 'baremetal-foo', - 'provision_net': 'provision-foo' }, } mock_load.return_value = mock_env - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertIsNone(undercloud_name) @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', @@ -148,16 +140,14 @@ class TestBuildNodesJson(testtools.TestCase): 'parameter_defaults': { 'bmc_prefix': 'bmc', 'baremetal_prefix': 'baremetal', - 'provision_net': 'provision', 'role': 'foo', }, } mock_load.return_value = mock_env - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc', bmc_base) self.assertEqual('baremetal', baremetal_base) - self.assertEqual('provision', provision_net) self.assertIsNone(undercloud_name) @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', @@ -171,16 +161,14 @@ class TestBuildNodesJson(testtools.TestCase): 'parameter_defaults': { 'bmc_prefix': 'bmc-foo', 'baremetal_prefix': 'baremetal-foo-bar', - 'provision_net': 'provision-foo', 'role': 'bar', }, } mock_load.return_value = mock_env - bmc_base, baremetal_base, provision_net, undercloud_name = ( + bmc_base, baremetal_base, undercloud_name = ( build_nodes_json._get_names(args)) self.assertEqual('bmc-foo', bmc_base) self.assertEqual('baremetal-foo', baremetal_base) - self.assertEqual('provision-foo', provision_net) self.assertIsNone(undercloud_name) @mock.patch('os_client_config.make_client') @@ -203,21 +191,42 @@ class TestBuildNodesJson(testtools.TestCase): def test_get_ports(self): neutron = mock.Mock() + fake_fixed_ips = [{'subnet_id': 'provision_id'}] fake_ports = { 'ports': [ - {'name': 'random'}, - {'name': 'bmc_1'}, - {'name': 'bmc_0'}, - {'name': 'baremetal_1'}, - {'name': 'baremetal_0'}, + {'name': 'random', + 'id': 'random_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'bmc_1', + 'id': 'bmc_1_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'bmc_0', + 'id': 'bmc_0_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'baremetal_1', + 'id': 'baremetal_1_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'baremetal_0', + 'id': 'baremetal_0_id', + 'fixed_ips': fake_fixed_ips}, + ] + } + fake_subnets = { + 'subnets': [ + {'name': 'provision', + 'id': 'provision_id'} ] } neutron.list_ports.return_value = fake_ports - bmc_ports, bm_ports = build_nodes_json._get_ports(neutron, 'bmc', - 'baremetal') - self.assertEqual([{'name': 'bmc_0'}, {'name': 'bmc_1'}], bmc_ports) - self.assertEqual([{'name': 'baremetal_0'}, {'name': 'baremetal_1'}], + neutron.list_subnets.return_value = fake_subnets + bmc_ports, bm_ports, provision_net_map = build_nodes_json._get_ports( + neutron, 'bmc', 'baremetal') + self.assertEqual([fake_ports['ports'][2], fake_ports['ports'][1]], + bmc_ports) + self.assertEqual([fake_ports['ports'][4], fake_ports['ports'][3]], bm_ports) + self.assertEqual({'baremetal_0_id': 'provision', + 'baremetal_1_id': 'provision'}, provision_net_map) def test_get_ports_mismatch(self): neutron = mock.Mock() @@ -228,20 +237,38 @@ class TestBuildNodesJson(testtools.TestCase): def test_get_ports_multiple(self): neutron = mock.Mock() + fake_fixed_ips = [{'subnet_id': 'provision_id'}] fake_ports = { 'ports': [ - {'name': 'random'}, - {'name': 'bmc-foo_0'}, - {'name': 'bmc-bar_0'}, - {'name': 'baremetal-foo_0'}, - {'name': 'baremetal-bar_0'}, + {'name': 'random', + 'id': 'random_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'bmc-foo_0', + 'id': 'bmc_foo_0_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'bmc-bar_0', + 'id': 'bmc_bar_0_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'baremetal-foo_0', + 'id': 'baremetal_foo_0_id', + 'fixed_ips': fake_fixed_ips}, + {'name': 'baremetal-bar_0', + 'id': 'baremetal_bar_0_id', + 'fixed_ips': fake_fixed_ips}, + ] + } + fake_subnets = { + 'subnets': [ + {'name': 'provision', + 'id': 'provision_id'} ] } neutron.list_ports.return_value = fake_ports - bmc_ports, bm_ports = build_nodes_json._get_ports(neutron, 'bmc-foo', - 'baremetal-foo') - self.assertEqual([{'name': 'bmc-foo_0'}], bmc_ports) - self.assertEqual([{'name': 'baremetal-foo_0'}], bm_ports) + neutron.list_subnets.return_value = fake_subnets + bmc_ports, bm_ports, provision_net_map = build_nodes_json._get_ports( + neutron, 'bmc-foo', 'baremetal-foo') + self.assertEqual([fake_ports['ports'][1]], bmc_ports) + self.assertEqual([fake_ports['ports'][3]], bm_ports) def _fake_port(self, device_id, ip, mac): return {'device_id': device_id, @@ -275,7 +302,11 @@ class TestBuildNodesJson(testtools.TestCase): bmc_ports = [{'fixed_ips': [{'ip_address': '1.1.1.1'}]}, {'fixed_ips': [{'ip_address': '1.1.1.2'}]} ] - bm_ports = [{'device_id': '1'}, {'device_id': '2'}] + bm_ports = [{'device_id': '1', 'id': 'port_id_server1'}, + {'device_id': '2', 'id': 'port_id_server2'}] + provision_net_map = {'port_id_server1': 'provision', + 'port_id_server2': 'provision', + 'port_id_server3': 'provision', } physical_network = False nova = mock.Mock() servers = [mock.Mock(), mock.Mock(), mock.Mock()] @@ -304,8 +335,8 @@ class TestBuildNodesJson(testtools.TestCase): bmc_bm_pairs, extra_nodes, network_details) = build_nodes_json._build_nodes( - nova, glance, bmc_ports, bm_ports, 'provision', 'bm', 'undercloud', - 'pxe_ipmitool', physical_network) + nova, glance, bmc_ports, bm_ports, provision_net_map, 'bm', + 'undercloud', 'pxe_ipmitool', physical_network) expected_nodes = copy.deepcopy(TEST_NODES) expected_nodes[1]['disk'] = 100 self.assertEqual(expected_nodes, nodes) @@ -323,7 +354,11 @@ class TestBuildNodesJson(testtools.TestCase): bmc_ports = [{'fixed_ips': [{'ip_address': '1.1.1.1'}]}, {'fixed_ips': [{'ip_address': '1.1.1.2'}]} ] - bm_ports = [{'device_id': '1'}, {'device_id': '2'}] + bm_ports = [{'device_id': '1', 'id': 'port_id_server1'}, + {'device_id': '2', 'id': 'port_id_server2'}] + provision_net_map = {'port_id_server1': 'provision', + 'port_id_server2': 'provision', + 'port_id_server3': 'provision', } physical_network = False nova = mock.Mock() servers = [mock.Mock(), mock.Mock(), mock.Mock()] @@ -352,8 +387,8 @@ class TestBuildNodesJson(testtools.TestCase): bmc_bm_pairs, extra_nodes, network_details) = build_nodes_json._build_nodes( - nova, glance, bmc_ports, bm_ports, 'provision', 'bm', 'undercloud', - 'ipmi', physical_network) + nova, glance, bmc_ports, bm_ports, provision_net_map, 'bm', + 'undercloud', 'ipmi', physical_network) expected_nodes = copy.deepcopy(TEST_NODES) expected_nodes[1]['disk'] = 100 for node in expected_nodes: @@ -372,7 +407,11 @@ class TestBuildNodesJson(testtools.TestCase): bmc_ports = [{'fixed_ips': [{'ip_address': '1.1.1.1'}]}, {'fixed_ips': [{'ip_address': '1.1.1.2'}]} ] - bm_ports = [{'device_id': '1'}, {'device_id': '2'}] + bm_ports = [{'device_id': '1', 'id': 'port_id_server1'}, + {'device_id': '2', 'id': 'port_id_server2'}] + provision_net_map = {'port_id_server1': 'provision', + 'port_id_server2': 'provision', + 'port_id_server3': 'provision', } physical_network = False nova = mock.Mock() servers = [mock.Mock(), mock.Mock(), mock.Mock()] @@ -388,8 +427,8 @@ class TestBuildNodesJson(testtools.TestCase): glance.images.get.return_value = mock_image_get nodes, bmc_bm_pairs, extra_nodes, _ = build_nodes_json._build_nodes( - nova, glance, bmc_ports, bm_ports, 'provision', 'bm-foo', None, - 'pxe_ipmitool', physical_network) + nova, glance, bmc_ports, bm_ports, provision_net_map, 'bm-foo', + None, 'pxe_ipmitool', physical_network) expected_nodes = copy.deepcopy(TEST_NODES) expected_nodes[0]['name'] = 'bm-foo-control-0' expected_nodes[0]['capabilities'] = ('boot_option:local,' @@ -495,9 +534,9 @@ class TestBuildNodesJson(testtools.TestCase): mock_parse_args.return_value = args bmc_base = mock.Mock() baremetal_base = mock.Mock() - provision_net = mock.Mock() + provision_net_map = mock.Mock() undercloud_name = 'undercloud' - mock_get_names.return_value = (bmc_base, baremetal_base, provision_net, + mock_get_names.return_value = (bmc_base, baremetal_base, undercloud_name) nova = mock.Mock() neutron = mock.Mock() @@ -505,7 +544,7 @@ class TestBuildNodesJson(testtools.TestCase): mock_get_clients.return_value = (nova, neutron, glance) bmc_ports = mock.Mock() bm_ports = mock.Mock() - mock_get_ports.return_value = (bmc_ports, bm_ports) + mock_get_ports.return_value = (bmc_ports, bm_ports, provision_net_map) nodes = mock.Mock() pairs = mock.Mock() extra_nodes = mock.Mock() @@ -521,7 +560,7 @@ class TestBuildNodesJson(testtools.TestCase): mock_get_ports.assert_called_once_with(neutron, bmc_base, baremetal_base) mock_build_nodes.assert_called_once_with(nova, glance, bmc_ports, - bm_ports, provision_net, + bm_ports, provision_net_map, baremetal_base, undercloud_name, args.driver, From 6c8d9c5da90e23d5a798104474cc87774233ec86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 26 Sep 2018 13:31:25 +0200 Subject: [PATCH 10/46] Only add identifyer if arg.id is set When deploying routed networks using quintupleo and roles without '--id' arg specified the role stack fail with property error: resources.internal_port.properties.network: \ Error validating value 'overcloud_internal-None' By only appending id if arg.id is set, the above problem is fixed. Additionally: The TripleO undercloud hard codes the physical network for the provisioning network which is L2 local to the undercloud to 'ctlplane'. It makes sense to set the following in ovb environment: provision_net: ctlplane provision_net2: ctlplane-leaf1 provision_net3: ctlplane-leaf2 By ommitting the '-id ' parameter in combination with the above the nodes.json build by build-nodes-json works out of the box. --- openstack_virtual_baremetal/deploy.py | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index 3471b8b..cb21b96 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -113,15 +113,17 @@ def _add_identifier(env_data, name, identifier, default=None): env_data['parameter_defaults'] = {} parameter = False try: - original = env_data['parameters'][name] + value = env_data['parameters'][name] parameter = True except KeyError: - original = env_data['parameter_defaults'].get(name) - if original is None: - original = default - if original is None: + value = env_data['parameter_defaults'].get(name) + if value is None: + value = default + if value is None: raise RuntimeError('No base value found when adding id') - value = '%s-%s' % (original, identifier) + if identifier: + value = '%s-%s' % (value, identifier) + # If it was passed in as a parameter we need to set it in the parameters # section or it will be overridden by the original value. We can't always # do that though because some parameters are not exposed at the top-level. From ece2b44df35cbd3ef9400fe7f578d463eccb46fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Mon, 8 Oct 2018 15:16:09 +0200 Subject: [PATCH 11/46] routed networks - output network environment data Prior to routed networks the OVB workloads could use any IP addressing, since it did not rely on any infrastructure networking. With routed networks the workloads must use IP addressing in the subnets in the OVB infrastructure to enable use of the routers and dhcp_relay. * Use allocation pool's to control the OVB infrastructure use of addresses in IP subnets. * Add stack output to templates containing iformation about the infrastructure provisioned. I.e the addresses of routers in the different subnets. Also make the dhcp_servers to which the dhcp_relay instance will relay dhcp request to configurable. --- templates/baremetal-networks-all.yaml | 2 + templates/baremetal-networks-none.yaml | 2 + templates/baremetal-networks-routed.yaml | 58 +++++++++++++++++++++++ templates/dhcp-relay.yaml | 27 +++++------ templates/quintupleo.yaml | 16 ++++++- templates/undercloud-networks-routed.yaml | 23 +++++++++ templates/undercloud-networks.yaml | 3 ++ templates/virtual-baremetal.yaml | 13 +++++ 8 files changed, 127 insertions(+), 17 deletions(-) diff --git a/templates/baremetal-networks-all.yaml b/templates/baremetal-networks-all.yaml index 5faa88b..ad4fe17 100644 --- a/templates/baremetal-networks-all.yaml +++ b/templates/baremetal-networks-all.yaml @@ -117,3 +117,5 @@ outputs: storage_net: {get_resource: storage_network} storage_mgmt_net: {get_resource: storage_mgmt_network} tenant_net: {get_resource: tenant_network} + routers_addresses: + value: {} diff --git a/templates/baremetal-networks-none.yaml b/templates/baremetal-networks-none.yaml index bd488a2..f1033fe 100644 --- a/templates/baremetal-networks-none.yaml +++ b/templates/baremetal-networks-none.yaml @@ -3,3 +3,5 @@ heat_template_version: 2014-10-16 outputs: networks: value: {} + routers_addresses: + value: {} diff --git a/templates/baremetal-networks-routed.yaml b/templates/baremetal-networks-routed.yaml index 3ffccf6..d7ae92f 100644 --- a/templates/baremetal-networks-routed.yaml +++ b/templates/baremetal-networks-routed.yaml @@ -16,6 +16,11 @@ parameters: does not need to be changed. default: 172.17.0.0/24 + overcloud_internal_net_allocation_pools: + type: json + description: Allocation pool for third overcloud_internal_net subnet + default: [{"start": "172.17.0.200", "end": "172.17.0.254"}] + overcloud_internal_net2: type: string description: Name of internal API network @@ -28,6 +33,11 @@ parameters: does not need to be changed. default: 172.17.1.0/24 + overcloud_internal_net2_allocation_pools: + type: json + description: Allocation pool for third overcloud_internal_net2 subnet + default: [{"start": "172.17.1.200", "end": "172.17.1.254"}] + overcloud_storage_net: type: string description: Name of storage network @@ -40,6 +50,11 @@ parameters: does not need to be changed. default: 172.18.0.0/24 + overcloud_storage_net_allocation_pools: + type: json + description: Allocation pool for third overcloud_storage_net subnet + default: [{"start": "172.18.0.200", "end": "172.18.0.254"}] + overcloud_storage_net2: type: string description: Name of storage network @@ -52,6 +67,11 @@ parameters: does not need to be changed. default: 172.18.1.0/24 + overcloud_storage_net2_allocation_pools: + type: json + description: Allocation pool for third overcloud_storage_net2 subnet + default: [{"start": "172.18.1.200", "end": "172.18.1.254"}] + overcloud_storage_mgmt_net: type: string description: Name of storage management network @@ -64,6 +84,11 @@ parameters: and does not need to be changed. default: 172.19.0.0/24 + overcloud_storage_mgmt_net_allocation_pools: + type: json + description: Allocation pool for third overcloud_storage_mgmt_net subnet + default: [{"start": "172.19.0.200", "end": "172.19.0.254"}] + overcloud_storage_mgmt_net2: type: string description: Name of storage management network @@ -76,6 +101,11 @@ parameters: and does not need to be changed. default: 172.19.1.0/24 + overcloud_storage_mgmt_net2_allocation_pools: + type: json + description: Allocation pool for third overcloud_storage_mgmt_net2 subnet + default: [{"start": "172.19.1.200", "end": "172.19.1.254"}] + overcloud_tenant_net: type: string description: Name of tenant network @@ -88,6 +118,11 @@ parameters: does not need to be changed. default: 172.16.0.0/24 + overcloud_tenant_net_allocation_pools: + type: json + description: Allocation pool for third overcloud_tenant_net subnet + default: [{"start": "172.16.0.200", "end": "172.16.0.254"}] + overcloud_tenant_net2: type: string description: Name of tenant network @@ -100,6 +135,11 @@ parameters: does not need to be changed. default: 172.16.1.0/24 + overcloud_tenant_net2_allocation_pools: + type: json + description: Allocation pool for third overcloud_tenant_net2 subnet + default: [{"start": "172.16.1.200", "end": "172.16.1.254"}] + resources: internal_router: type: OS::Neutron::Router @@ -117,6 +157,7 @@ resources: network: {get_resource: internal_network} name: {get_param: overcloud_internal_net} cidr: {get_param: overcloud_internal_net_cidr} + allocation_pools: {get_param: overcloud_internal_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -143,6 +184,7 @@ resources: network: {get_resource: internal_network2} name: {get_param: overcloud_internal_net2} cidr: {get_param: overcloud_internal_net2_cidr} + allocation_pools: {get_param: overcloud_internal_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -174,6 +216,7 @@ resources: network: {get_resource: storage_network} name: {get_param: overcloud_storage_net} cidr: {get_param: overcloud_storage_net_cidr} + allocation_pools: {get_param: overcloud_storage_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -200,6 +243,7 @@ resources: network: {get_resource: storage_network2} name: {get_param: overcloud_storage_net2} cidr: {get_param: overcloud_storage_net2_cidr} + allocation_pools: {get_param: overcloud_storage_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -231,6 +275,7 @@ resources: network: {get_resource: storage_mgmt_network} name: {get_param: overcloud_storage_mgmt_net} cidr: {get_param: overcloud_storage_mgmt_net_cidr} + allocation_pools: {get_param: overcloud_storage_mgmt_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -257,6 +302,7 @@ resources: network: {get_resource: storage_mgmt_network2} name: {get_param: overcloud_storage_mgmt_net2} cidr: {get_param: overcloud_storage_mgmt_net2_cidr} + allocation_pools: {get_param: overcloud_storage_mgmt_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -288,6 +334,7 @@ resources: network: {get_resource: tenant_network} name: {get_param: overcloud_tenant_net} cidr: {get_param: overcloud_tenant_net_cidr} + allocation_pools: {get_param: overcloud_tenant_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -314,6 +361,7 @@ resources: network: {get_resource: tenant_network2} name: {get_param: overcloud_tenant_net2} cidr: {get_param: overcloud_tenant_net2_cidr} + allocation_pools: {get_param: overcloud_tenant_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -340,3 +388,13 @@ outputs: storage_mgmt_net2: {get_resource: storage_mgmt_network2} tenant_net: {get_resource: tenant_network} tenant_net2: {get_resource: tenant_network2} + routers_addresses: + value: + internal_router_address: {get_attr: [internal_subnet_port, fixed_ips, 0, ip_address]} + internal2_router: {get_attr: [internal_subnet2_port, fixed_ips, 0, ip_address]} + storage_router_address: {get_attr: [storage_subnet_port, fixed_ips, 0, ip_address]} + storage2_router_address: {get_attr: [storage_subnet2_port, fixed_ips, 0, ip_address]} + storage_mgmt_router_address: {get_attr: [storage_mgmt_subnet_port, fixed_ips, 0, ip_address]} + storage_mgmt2_router_address: {get_attr: [storage_mgmt_subnet2_port, fixed_ips, 0, ip_address]} + tenant_router_address: {get_attr: [tenant_subnet_port, fixed_ips, 0, ip_address]} + tenant2_router_address: {get_attr: [tenant_subnet2_port, fixed_ips, 0, ip_address]} diff --git a/templates/dhcp-relay.yaml b/templates/dhcp-relay.yaml index 9cfc051..2bed800 100644 --- a/templates/dhcp-relay.yaml +++ b/templates/dhcp-relay.yaml @@ -19,20 +19,13 @@ parameters: The base image for the dhcrelay instance. A CentOS 7 image is currently the only one supported. - inspector_dhcp_ip: - type: string - default: 172.20.0.1 + dhcp_ips: + type: json + default: + - 192.0.2.50 + - 192.0.2.51 description: | - The IP address on the undercloud provisioning network. 'local_ip' in - undercloud.conf - - provision_dhcp_ip: - type: string - default: 172.20.0.10 - description: | - The IP address on the undercloud provisioning network. - (The first address in the underclouds local_subnet allocation range. - I.e the dhcp_start address) + The IP addresses of DHCP servers to relay DHCP requests to. networks: type: json @@ -125,14 +118,16 @@ resources: [Service] Type=simple - ExecStart=/usr/sbin/dhcrelay -d --no-pid $provision_dhcp_ip $inspector_dhcp_ip -i eth1 -i eth2 -i eth3 + ExecStart=/usr/sbin/dhcrelay -d --no-pid $dhcp_ips -i eth1 -i eth2 -i eth3 StandardError=null [Install] WantedBy=multi-user.target params: - $provision_dhcp_ip: {get_param: provision_dhcp_ip} - $inspector_dhcp_ip: {get_param: inspector_dhcp_ip} + $dhcp_ips: + list_join: + - ' ' + - {get_param: dhcp_ips} - path: /etc/sysctl.d/98-rp-filter.conf content: | net.ipv4.conf.eth1.rp_filter = 0 diff --git a/templates/quintupleo.yaml b/templates/quintupleo.yaml index adaacbe..122c9ff 100644 --- a/templates/quintupleo.yaml +++ b/templates/quintupleo.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2015-04-30 +heat_template_version: 2016-04-08 # Template that wraps virtual-baremetal.yaml and does some additional environment # setup automatically: @@ -188,6 +188,14 @@ resources: os_user_domain: {get_param: os_user_domain} os_project_domain: {get_param: os_project_domain} cloud_data: {get_param: cloud_data} + dhcp_ips: + - {get_attr: [undercloud_networks, undercloud_config_data, undercloud_local_ip]} + - {get_attr: [undercloud_networks, undercloud_config_data, provision_undercloud_dhcp_start]} + + network_environment_data: + type: OS::Heat::Value + properties: + value: outputs: undercloud_host_floating_ip: @@ -198,3 +206,9 @@ outputs: description: "ip of the undercloud instance on the private network" value: get_attr: [undercloud_env, undercloud_host_private_ip] + network_environment_data: + description: "Network environment data, router addresses etc." + value: + map_merge: + - get_attr: [undercloud_networks, provision_network_routers] + - get_attr: [baremetal_env, baremetal_networks_routers_addresses] diff --git a/templates/undercloud-networks-routed.yaml b/templates/undercloud-networks-routed.yaml index 3baaea6..eb09ffb 100644 --- a/templates/undercloud-networks-routed.yaml +++ b/templates/undercloud-networks-routed.yaml @@ -11,6 +11,11 @@ parameters: description: CIDR for provision network subnet default: 192.0.2.0/24 + provision_net_allocation_pools: + type: json + description: Allocation pool for third provision network subnet + default: [{"start": "192.0.2.200", "end": "192.0.2.254"}] + provision_net_shared: type: boolean description: Whether this network should be shared across all tenants @@ -26,6 +31,11 @@ parameters: description: CIDR for second provision network subnet default: 192.0.3.0/24 + provision_net2_allocation_pools: + type: json + description: Allocation pool for third provision network subnet + default: [{"start": "192.0.3.200", "end": "192.0.3.254"}] + provision_net2_shared: type: boolean description: Whether this network should be shared across all tenants @@ -41,6 +51,11 @@ parameters: description: CIDR for third provision network subnet default: 192.0.4.0/24 + provision_net3_allocation_pools: + type: json + description: Allocation pool for third provision network subnet + default: [{"start": "192.0.4.200", "end": "192.0.4.254"}] + provision_net3_shared: type: boolean description: Whether this network should be shared across all tenants @@ -79,6 +94,7 @@ resources: network: {get_resource: provision_network} name: {get_param: provision_net} cidr: {get_param: provision_net_cidr} + allocation_pools: {get_param: provision_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -106,6 +122,7 @@ resources: network: {get_resource: provision_network2} name: {get_param: provision_net2} cidr: {get_param: provision_net2_cidr} + allocation_pools: {get_param: provision_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -133,6 +150,7 @@ resources: network: {get_resource: provision_network3} name: {get_param: provision_net3} cidr: {get_param: provision_net3_cidr} + allocation_pools: {get_param: provision_net3_allocation_pools} gateway_ip: null enable_dhcp: false @@ -170,3 +188,8 @@ outputs: provision2: {get_resource: provision_network2} provision3: {get_resource: provision_network3} public: {get_resource: public_network} + provision_network_routers: + value: + provision_router: {get_attr: [provision_router_port, fixed_ips, 0, ip_address]} + provision2_router: {get_attr: [provision_router_port2, fixed_ips, 0, ip_address]} + provision3_router: {get_attr: [provision_router_port2, fixed_ips, 0, ip_address]} diff --git a/templates/undercloud-networks.yaml b/templates/undercloud-networks.yaml index 093e85d..b0131f6 100644 --- a/templates/undercloud-networks.yaml +++ b/templates/undercloud-networks.yaml @@ -67,3 +67,6 @@ outputs: value: provision: {get_resource: provision_network} public: {get_resource: public_network} + # The provision_network_routers is here for compatibility only + provision_network_routers: + value: {} diff --git a/templates/virtual-baremetal.yaml b/templates/virtual-baremetal.yaml index e179de5..dcb2a00 100644 --- a/templates/virtual-baremetal.yaml +++ b/templates/virtual-baremetal.yaml @@ -114,6 +114,14 @@ parameters: default: '{}' hidden: true + dhcp_ips: + type: json + default: + - 192.0.2.1 + - 192.0.2.10 + description: | + The IP addresses of DHCP servers to relay DHCP requests to. + # Ignored parameters for compatibility with QuintupleO env files undercloud_image: type: string @@ -207,3 +215,8 @@ resources: type: OS::OVB::DHCPRelay properties: networks: {get_param: networks} + dhcp_ips: {get_param: dhcp_ips} + +outputs: + baremetal_networks_routers_addresses: + value: {get_attr: [baremetal_networks, routers_addresses]} From 99b51eabd71d91d17576eda01ca9abda8c99a061 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 10 Oct 2018 01:22:17 +0200 Subject: [PATCH 12/46] Fix outout provision3_router The provision3_router was getting provision2_router's address in stack output. --- templates/undercloud-networks-routed.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/undercloud-networks-routed.yaml b/templates/undercloud-networks-routed.yaml index eb09ffb..7291e23 100644 --- a/templates/undercloud-networks-routed.yaml +++ b/templates/undercloud-networks-routed.yaml @@ -192,4 +192,4 @@ outputs: value: provision_router: {get_attr: [provision_router_port, fixed_ips, 0, ip_address]} provision2_router: {get_attr: [provision_router_port2, fixed_ips, 0, ip_address]} - provision3_router: {get_attr: [provision_router_port2, fixed_ips, 0, ip_address]} + provision3_router: {get_attr: [provision_router_port3, fixed_ips, 0, ip_address]} From 2b9ee46a29a996a7a889b9415bd94034d5fd7c1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 10 Oct 2018 04:33:31 +0200 Subject: [PATCH 13/46] Fix dhcp_ips - param for dhcp-relay Remove some remnants of experiments ... --- templates/dhcp-relay.yaml | 4 ++-- templates/quintupleo.yaml | 12 +++++++++--- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/templates/dhcp-relay.yaml b/templates/dhcp-relay.yaml index 2bed800..325d268 100644 --- a/templates/dhcp-relay.yaml +++ b/templates/dhcp-relay.yaml @@ -22,8 +22,8 @@ parameters: dhcp_ips: type: json default: - - 192.0.2.50 - - 192.0.2.51 + - 192.0.2.1 + - 192.0.2.10 description: | The IP addresses of DHCP servers to relay DHCP requests to. diff --git a/templates/quintupleo.yaml b/templates/quintupleo.yaml index 122c9ff..e949564 100644 --- a/templates/quintupleo.yaml +++ b/templates/quintupleo.yaml @@ -141,6 +141,13 @@ parameters: ignored by Heat, but used by build-nodes-json. default: '' + dhcp_ips: + type: json + default: + - 192.0.2.1 + - 192.0.2.10 + description: | + The IP addresses of DHCP servers to relay DHCP requests to. resources: undercloud_networks: @@ -188,9 +195,8 @@ resources: os_user_domain: {get_param: os_user_domain} os_project_domain: {get_param: os_project_domain} cloud_data: {get_param: cloud_data} - dhcp_ips: - - {get_attr: [undercloud_networks, undercloud_config_data, undercloud_local_ip]} - - {get_attr: [undercloud_networks, undercloud_config_data, provision_undercloud_dhcp_start]} + dhcp_ips: {get_param: dhcp_ips} + network_environment_data: type: OS::Heat::Value From 4d4819295766444c72a42566e8577ebc8c0828aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Fri, 12 Oct 2018 19:51:35 +0200 Subject: [PATCH 14/46] Doc - Quintupleo routed networks Add a chapter in the quintupleo section of the documentation with steps to deploy a TripleO development environment with routed networks. --- doc/source/deploy/quintupleo.rst | 214 +++++++++++++++++++++++++++++++ 1 file changed, 214 insertions(+) diff --git a/doc/source/deploy/quintupleo.rst b/doc/source/deploy/quintupleo.rst index 695c78a..b576228 100644 --- a/doc/source/deploy/quintupleo.rst +++ b/doc/source/deploy/quintupleo.rst @@ -156,3 +156,217 @@ it has only been successfully tested with OVB on Newton and above. The port-security environments can be recognized by the presence of `port-security` somewhere in the filename. Network environments without that substring are the standard ones that require the noop Neutron firewall driver. + +QuintupleO and routed networks +------------------------------ + +TripleO supports deploying OpenStack with nodes on multiple network segments +which is connected via L3 routing. OVB can set up a full development +environment with routers and DHCP-relay service. This environment is targeted +for TripleO development, however it should be useful for non-TripleO users of +OVB as well. + +#. Create environment file's ``env-routed.yaml``, ``env-role-leaf1.yaml`` and + ``env-role-leaf1.yaml``. + + Example ``env-routed.yaml``:: + + parameter_defaults: + baremetal_flavor: m1.large + baremetal_image: ipxe-boot + baremetal_prefix: baremetal + bmc_flavor: m1.small + bmc_image: CentOS-7-x86_64-GenericCloud + bmc_prefix: bmc + external_net: external_net + key_name: default + node_count: 1 + private_net: private + provision_net: ctlplane + provision_net2: ctlplane-leaf1 + provision_net3: ctlplane-leaf2 + provision_net_shared: False + public_net: public + public_net_shared: False + + # The default role for nodes in this environment. This parameter is + # ignored by Heat, but used by build-nodes-json. + # Type: string + role: '' + + undercloud_flavor: m1.large + undercloud_image: CentOS-7-x86_64-GenericCloud + undercloud_name: undercloud + + dhcp_relay_image: CentOS-7-x86_64-GenericCloud + dhcp_relay_flavor: m1.small + + Example ``env-role-leaf1.yaml``:: + + parameter_defaults: + baremetal_flavor: m1.large + key_name: default + node_count: 1 + role: leaf1 + provision_net: ctlplane-leaf1 + overcloud_internal_net: overcloud_internal + overcloud_storage_net: overcloud_storage + overcloud_storage_mgmt_net: overcloud_storage_mgmt + overcloud_tenant_net: overcloud_tenant + + Example ``env-role-leaf2.yaml``:: + + parameter_defaults: + baremetal_flavor: m1.large2 + key_name: default + node_count: 1 + role: leaf2 + provision_net: ctlplane-leaf2 + overcloud_internal_net: overcloud_internal2 + overcloud_storage_net: overcloud_storage2 + overcloud_storage_mgmt_net: overcloud_storage_mgmt2 + overcloud_tenant_net: overcloud_tenant2 + +#. To enable routed networks and the DHCP-relay service the following registry + overrides are required. + + - ``OS::OVB::UndercloudNetworks:`` + Use the ``templates/undercloud-networks-routed.yaml`` template. This + template will create three provisioning networks and a router. The + router is wired up to each provision network to enable L3 connectivity + between endpoints in each network. + - ``OS::OVB::DHCPRelay:`` + Use the ``templates/dhcp-relay.yaml`` template. This template deploys + the DHCP-relay instance, connects it to the three provisioning networks + and configures the ``dhcrelay`` service to relay DHCP request to the + dhcp server provided in the ``dhcp_ips`` parameter. + - ``OS::OVB::BaremetalNetworks:`` + Use the ``templates/baremetal-networks-routed.yaml`` template. This + template deploys a 8 different networks and 4 routers. The routers is + wired to networks in pairs, enabling L3 connectivity between endpoints + on each network pair. + + Example custom registry - ``env-custom-registry.yaml``:: + + resource_registry: + OS::OVB::UndercloudNetworks: templates/undercloud-networks-routed.yaml + OS::OVB::DHCPRelay: templates/dhcp-relay.yaml + OS::OVB::BaremetalNetworks: templates/baremetal-networks-routed.yaml + +#. Deploy the QuintupleO routed networks environment by running the deploy.py + command. For example:: + + ./bin/deploy.py --env env-routed-lab.yaml \ + --quintupleo \ + --env environments/all-networks-port-security.yaml \ + --env env-custom-registry.yaml \ + --role env-role-leaf1.yaml \ + --role env-role-leaf2.yaml + +#. When generateomg the ``nodes.json`` file for TripleO undercloud node import + the environment ``env-routed.yaml`` should be specified. Also to include + physical network attributes of the node ports in ``nodes.json`` specify the + ``--physical_network`` option when running ``build-nodes-json``. For + example:: + + bin/build-nodes-json --env env-routed-lab.yaml --physical_network + + The following is an example node definition produced when using the + ``--physical-network`` options. (Notice that ports are defined with both + ``address`` and ``physical_network`` attributes. + + :: + + { + "pm_password": "password", + "name": "baremetal-leaf1-0", + "memory": 8192, + "pm_addr": "10.0.1.13", + "ports": [ + { + "physical_network": "ctlplane-leaf1", + "address": "fa:16:3e:2f:a1:cf" + } + ], + "capabilities": "boot_option:local,profile:leaf1", + "pm_type": "pxe_ipmitool", + "disk": 80, + "arch": "x86_64", + "cpu": 4, + "pm_user": "admin" + } + +#. The router addresses in the environment is dynamically allocated. For + convinience these are made available via the ``network_environment_data`` + key in the stack output of the quintupleo heat stack. To retrive this data + run the ``openstack stack show`` command. For example:: + + $ openstack stack show quintupleo -c outputs -f yaml + + outputs: + - description: floating ip of the undercloud instance + output_key: undercloud_host_floating_ip + output_value: 38.145.35.98 + - description: Network environment data, router addresses etc. + output_key: network_environment_data + output_value: + internal2_router: 172.17.1.204 + internal_router_address: 172.17.0.201 + provision2_router: 192.0.3.206 + provision3_router: 192.0.4.204 + provision_router: 192.0.2.203 + storage2_router_address: 172.18.1.209 + storage_mgmt2_router_address: 172.19.1.206 + storage_mgmt_router_address: 172.19.0.209 + storage_router_address: 172.18.0.208 + tenant2_router_address: 172.16.1.200 + tenant_router_address: 172.16.0.201 + - description: ip of the undercloud instance on the private network + output_key: undercloud_host_private_ip + output_value: 10.0.1.14 + +#. Below is an example TripleO Undercloud configuration (``undercloud.conf``) + with routed networks support enabled and the three provisioning networks + defined. + + :: + + [DEFAULT] + enable_routed_networks = true + enable_ui = false + overcloud_domain_name = localdomain + scheduler_max_attempts = 2 + undercloud_ntp_servers = pool.ntp.org + undercloud_hostname = undercloud.rdocloud + local_interface = eth1 + local_mtu = 1450 + local_ip = 192.0.2.1/24 + undercloud_public_host = 192.0.2.2 + undercloud_admin_host = 192.0.2.3 + undercloud_nameservers = 8.8.8.8,8.8.4.4 + local_subnet = ctlplane-subnet + subnets = ctlplane-subnet,ctlplane-leaf1,ctlplane-leaf2 + + [ctlplane-subnet] + cidr = 192.0.2.0/24 + dhcp_start = 192.0.2.10 + dhcp_end = 192.0.2.30 + gateway = 192.0.2.203 + inspection_iprange = 192.0.2.100,192.0.2.120 + masquerade = true + + [ctlplane-leaf1] + cidr = 192.0.3.0/24 + dhcp_start = 192.0.3.10 + dhcp_end = 192.0.3.30 + gateway = 192.0.3.206 + inspection_iprange = 192.0.3.100,192.0.3.120 + masquerade = true + + [ctlplane-leaf2] + cidr = 192.0.4.0/24 + dhcp_start = 192.0.4.10 + dhcp_end = 192.0.4.30 + gateway = 192.0.4.204 + inspection_iprange = 192.0.4.100,192.0.4.120 + masquerade = true From 3ffed11adaf82f6884d76e9e2a35591b0f7e6223 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 17 Oct 2018 12:59:28 +0200 Subject: [PATCH 15/46] Fix resource registry path's in environments/routed-networks.yaml It need's '../' to move one directory up where the 'templates' directory exists. --- environments/routed-networks.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/environments/routed-networks.yaml b/environments/routed-networks.yaml index 0334433..6b6142d 100644 --- a/environments/routed-networks.yaml +++ b/environments/routed-networks.yaml @@ -21,6 +21,6 @@ parameter_defaults: dhcp_relay_image: CentOS-7-x86_64-GenericCloud resource_registry: - OS::OVB::BaremetalNetworks: templates/baremetal-networks-routed.yaml - OS::OVB::DHCPRelay: templates/dhcp-relay.yaml - OS::OVB::UndercloudNetworks: templates/undercloud-networks-routed.yaml + OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-routed.yaml + OS::OVB::DHCPRelay: ../templates/dhcp-relay.yaml + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-routed.yaml From 8de7f81dd1f260ffb553a9756331bf43721da90a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 17 Oct 2018 12:52:41 +0200 Subject: [PATCH 16/46] Update routed-networks docs Reference sample environments in environment index. Update the deploy command to use the default env files. Add Note regarding TripleO Undercloud physical network name of ``local_subnet``. Fixes some typos. --- doc/source/deploy/environment-index.rst | 6 ++ doc/source/deploy/quintupleo.rst | 126 ++++++------------------ 2 files changed, 35 insertions(+), 97 deletions(-) diff --git a/doc/source/deploy/environment-index.rst b/doc/source/deploy/environment-index.rst index 6f4c26c..53653db 100644 --- a/doc/source/deploy/environment-index.rst +++ b/doc/source/deploy/environment-index.rst @@ -1,3 +1,5 @@ +.. _env-index: + Sample Environment Index ======================== @@ -136,6 +138,8 @@ Disable the Undercloud in a QuintupleO Stack instance. +.. _env-routed-networks-role: + Base Role Configuration for Routed Networks ------------------------------------------- @@ -145,6 +149,8 @@ Base Role Configuration for Routed Networks deploying with routed networks. +.. _env-enable-routed-networks: + Enable Routed Networks ---------------------- diff --git a/doc/source/deploy/quintupleo.rst b/doc/source/deploy/quintupleo.rst index b576228..af52b54 100644 --- a/doc/source/deploy/quintupleo.rst +++ b/doc/source/deploy/quintupleo.rst @@ -166,110 +166,32 @@ environment with routers and DHCP-relay service. This environment is targeted for TripleO development, however it should be useful for non-TripleO users of OVB as well. -#. Create environment file's ``env-routed.yaml``, ``env-role-leaf1.yaml`` and - ``env-role-leaf1.yaml``. +#. When deploying QuintupleO with routed networks environment files to enable + routed networks must be included, as well as one or more role environment + files. See :ref:`env-enable-routed-networks` and + :ref:`env-routed-networks-role` in the :ref:`env-index` for details. - Example ``env-routed.yaml``:: +#. Copy the example env file and edit it to reflect the host environment:: - parameter_defaults: - baremetal_flavor: m1.large - baremetal_image: ipxe-boot - baremetal_prefix: baremetal - bmc_flavor: m1.small - bmc_image: CentOS-7-x86_64-GenericCloud - bmc_prefix: bmc - external_net: external_net - key_name: default - node_count: 1 - private_net: private - provision_net: ctlplane - provision_net2: ctlplane-leaf1 - provision_net3: ctlplane-leaf2 - provision_net_shared: False - public_net: public - public_net_shared: False - - # The default role for nodes in this environment. This parameter is - # ignored by Heat, but used by build-nodes-json. - # Type: string - role: '' - - undercloud_flavor: m1.large - undercloud_image: CentOS-7-x86_64-GenericCloud - undercloud_name: undercloud - - dhcp_relay_image: CentOS-7-x86_64-GenericCloud - dhcp_relay_flavor: m1.small - - Example ``env-role-leaf1.yaml``:: - - parameter_defaults: - baremetal_flavor: m1.large - key_name: default - node_count: 1 - role: leaf1 - provision_net: ctlplane-leaf1 - overcloud_internal_net: overcloud_internal - overcloud_storage_net: overcloud_storage - overcloud_storage_mgmt_net: overcloud_storage_mgmt - overcloud_tenant_net: overcloud_tenant - - Example ``env-role-leaf2.yaml``:: - - parameter_defaults: - baremetal_flavor: m1.large2 - key_name: default - node_count: 1 - role: leaf2 - provision_net: ctlplane-leaf2 - overcloud_internal_net: overcloud_internal2 - overcloud_storage_net: overcloud_storage2 - overcloud_storage_mgmt_net: overcloud_storage_mgmt2 - overcloud_tenant_net: overcloud_tenant2 - -#. To enable routed networks and the DHCP-relay service the following registry - overrides are required. - - - ``OS::OVB::UndercloudNetworks:`` - Use the ``templates/undercloud-networks-routed.yaml`` template. This - template will create three provisioning networks and a router. The - router is wired up to each provision network to enable L3 connectivity - between endpoints in each network. - - ``OS::OVB::DHCPRelay:`` - Use the ``templates/dhcp-relay.yaml`` template. This template deploys - the DHCP-relay instance, connects it to the three provisioning networks - and configures the ``dhcrelay`` service to relay DHCP request to the - dhcp server provided in the ``dhcp_ips`` parameter. - - ``OS::OVB::BaremetalNetworks:`` - Use the ``templates/baremetal-networks-routed.yaml`` template. This - template deploys a 8 different networks and 4 routers. The routers is - wired to networks in pairs, enabling L3 connectivity between endpoints - on each network pair. - - Example custom registry - ``env-custom-registry.yaml``:: - - resource_registry: - OS::OVB::UndercloudNetworks: templates/undercloud-networks-routed.yaml - OS::OVB::DHCPRelay: templates/dhcp-relay.yaml - OS::OVB::BaremetalNetworks: templates/baremetal-networks-routed.yaml + cp environments/base.yaml env.yaml + vi env.yaml #. Deploy the QuintupleO routed networks environment by running the deploy.py command. For example:: - ./bin/deploy.py --env env-routed-lab.yaml \ + ./bin/deploy.py --env env.yaml \ --quintupleo \ --env environments/all-networks-port-security.yaml \ - --env env-custom-registry.yaml \ - --role env-role-leaf1.yaml \ - --role env-role-leaf2.yaml + --env environments/routed-networks.yaml \ + --role environments/routed-networks-role.yaml -#. When generateomg the ``nodes.json`` file for TripleO undercloud node import +#. When generateing the ``nodes.json`` file for TripleO undercloud node import the environment ``env-routed.yaml`` should be specified. Also to include physical network attributes of the node ports in ``nodes.json`` specify the ``--physical_network`` option when running ``build-nodes-json``. For example:: - bin/build-nodes-json --env env-routed-lab.yaml --physical_network + bin/build-nodes-json --physical_network The following is an example node definition produced when using the ``--physical-network`` options. (Notice that ports are defined with both @@ -284,7 +206,7 @@ OVB as well. "pm_addr": "10.0.1.13", "ports": [ { - "physical_network": "ctlplane-leaf1", + "physical_network": "provision2", "address": "fa:16:3e:2f:a1:cf" } ], @@ -296,7 +218,17 @@ OVB as well. "pm_user": "admin" } -#. The router addresses in the environment is dynamically allocated. For + .. NOTE:: Due to technical debet (backward compatibility) the TripleO + Undercloud uses ``ctlplane`` as the physical network name for the + subnet that is local to the Undercloud itself. Either override + the name of the provision network in the ovb environment by + setting: ``provision_net: ctlplane`` in the + ``parameters_defaults`` section or edit the generated nodes.json + file, replacing: + ``"physical_network": ""`` with + ``"physical_network": "ctlplane"``. + +#. The router addresses in the environment are dynamically allocated. For convinience these are made available via the ``network_environment_data`` key in the stack output of the quintupleo heat stack. To retrive this data run the ``openstack stack show`` command. For example:: @@ -344,10 +276,10 @@ OVB as well. undercloud_public_host = 192.0.2.2 undercloud_admin_host = 192.0.2.3 undercloud_nameservers = 8.8.8.8,8.8.4.4 - local_subnet = ctlplane-subnet - subnets = ctlplane-subnet,ctlplane-leaf1,ctlplane-leaf2 + local_subnet = provision + subnets = provision,provision2,provision3 - [ctlplane-subnet] + [provision] cidr = 192.0.2.0/24 dhcp_start = 192.0.2.10 dhcp_end = 192.0.2.30 @@ -355,7 +287,7 @@ OVB as well. inspection_iprange = 192.0.2.100,192.0.2.120 masquerade = true - [ctlplane-leaf1] + [provision2] cidr = 192.0.3.0/24 dhcp_start = 192.0.3.10 dhcp_end = 192.0.3.30 @@ -363,7 +295,7 @@ OVB as well. inspection_iprange = 192.0.3.100,192.0.3.120 masquerade = true - [ctlplane-leaf2] + [provision3] cidr = 192.0.4.0/24 dhcp_start = 192.0.4.10 dhcp_end = 192.0.4.30 From 5152b59e3aa3bbbac4741a7d72ab0800eb1cf832 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 17 Oct 2018 13:28:05 +0200 Subject: [PATCH 17/46] Remove unused OS::Heat::Value resource --- templates/quintupleo.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/templates/quintupleo.yaml b/templates/quintupleo.yaml index e949564..ed0af86 100644 --- a/templates/quintupleo.yaml +++ b/templates/quintupleo.yaml @@ -197,12 +197,6 @@ resources: cloud_data: {get_param: cloud_data} dhcp_ips: {get_param: dhcp_ips} - - network_environment_data: - type: OS::Heat::Value - properties: - value: - outputs: undercloud_host_floating_ip: description: "floating ip of the undercloud instance" From f4975e90ea715997d1d5110164acd161fc2bf0eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 17 Oct 2018 13:29:51 +0200 Subject: [PATCH 18/46] Fix typo in Allocation pool description --- templates/baremetal-networks-routed.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/templates/baremetal-networks-routed.yaml b/templates/baremetal-networks-routed.yaml index d7ae92f..49a6d96 100644 --- a/templates/baremetal-networks-routed.yaml +++ b/templates/baremetal-networks-routed.yaml @@ -18,7 +18,7 @@ parameters: overcloud_internal_net_allocation_pools: type: json - description: Allocation pool for third overcloud_internal_net subnet + description: Allocation pool for the overcloud_internal_net subnet default: [{"start": "172.17.0.200", "end": "172.17.0.254"}] overcloud_internal_net2: @@ -35,7 +35,7 @@ parameters: overcloud_internal_net2_allocation_pools: type: json - description: Allocation pool for third overcloud_internal_net2 subnet + description: Allocation pool for the overcloud_internal_net2 subnet default: [{"start": "172.17.1.200", "end": "172.17.1.254"}] overcloud_storage_net: @@ -52,7 +52,7 @@ parameters: overcloud_storage_net_allocation_pools: type: json - description: Allocation pool for third overcloud_storage_net subnet + description: Allocation pool for the overcloud_storage_net subnet default: [{"start": "172.18.0.200", "end": "172.18.0.254"}] overcloud_storage_net2: @@ -69,7 +69,7 @@ parameters: overcloud_storage_net2_allocation_pools: type: json - description: Allocation pool for third overcloud_storage_net2 subnet + description: Allocation pool for the overcloud_storage_net2 subnet default: [{"start": "172.18.1.200", "end": "172.18.1.254"}] overcloud_storage_mgmt_net: @@ -86,7 +86,7 @@ parameters: overcloud_storage_mgmt_net_allocation_pools: type: json - description: Allocation pool for third overcloud_storage_mgmt_net subnet + description: Allocation pool for the overcloud_storage_mgmt_net subnet default: [{"start": "172.19.0.200", "end": "172.19.0.254"}] overcloud_storage_mgmt_net2: @@ -103,7 +103,7 @@ parameters: overcloud_storage_mgmt_net2_allocation_pools: type: json - description: Allocation pool for third overcloud_storage_mgmt_net2 subnet + description: Allocation pool for the overcloud_storage_mgmt_net2 subnet default: [{"start": "172.19.1.200", "end": "172.19.1.254"}] overcloud_tenant_net: @@ -120,7 +120,7 @@ parameters: overcloud_tenant_net_allocation_pools: type: json - description: Allocation pool for third overcloud_tenant_net subnet + description: Allocation pool for the overcloud_tenant_net subnet default: [{"start": "172.16.0.200", "end": "172.16.0.254"}] overcloud_tenant_net2: @@ -137,7 +137,7 @@ parameters: overcloud_tenant_net2_allocation_pools: type: json - description: Allocation pool for third overcloud_tenant_net2 subnet + description: Allocation pool for the overcloud_tenant_net2 subnet default: [{"start": "172.16.1.200", "end": "172.16.1.254"}] resources: From 9b95965945889059526f4ef90d84c1b7f5a6affb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 17 Oct 2018 14:13:06 +0200 Subject: [PATCH 19/46] Fix more typos in docs --- doc/source/deploy/quintupleo.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/source/deploy/quintupleo.rst b/doc/source/deploy/quintupleo.rst index af52b54..bfe1e6d 100644 --- a/doc/source/deploy/quintupleo.rst +++ b/doc/source/deploy/quintupleo.rst @@ -229,8 +229,8 @@ OVB as well. ``"physical_network": "ctlplane"``. #. The router addresses in the environment are dynamically allocated. For - convinience these are made available via the ``network_environment_data`` - key in the stack output of the quintupleo heat stack. To retrive this data + convenience these are made available via the ``network_environment_data`` + key in the stack output of the quintupleo heat stack. To retrieve this data run the ``openstack stack show`` command. For example:: $ openstack stack show quintupleo -c outputs -f yaml From 0bbb4f230201ca7b7bdb824ec6ecee4825f8c626 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Thu, 18 Oct 2018 10:38:34 +0200 Subject: [PATCH 20/46] Use fixed-ips for router addresses Drop the use of allocation pools, and instead use fixed ip's for the router addresses. Using an allocation pool forced the use of large CIDR's to avoid overlapping addresses. --- templates/baremetal-networks-routed.yaml | 88 ++++++++++++----------- templates/undercloud-networks-routed.yaml | 33 +++++---- 2 files changed, 66 insertions(+), 55 deletions(-) diff --git a/templates/baremetal-networks-routed.yaml b/templates/baremetal-networks-routed.yaml index 49a6d96..55242e3 100644 --- a/templates/baremetal-networks-routed.yaml +++ b/templates/baremetal-networks-routed.yaml @@ -16,10 +16,10 @@ parameters: does not need to be changed. default: 172.17.0.0/24 - overcloud_internal_net_allocation_pools: - type: json - description: Allocation pool for the overcloud_internal_net subnet - default: [{"start": "172.17.0.200", "end": "172.17.0.254"}] + overcloud_internal_net_router_address: + type: string + description: Router address for the overcloud_internal_net + default: 172.17.0.254 overcloud_internal_net2: type: string @@ -33,10 +33,10 @@ parameters: does not need to be changed. default: 172.17.1.0/24 - overcloud_internal_net2_allocation_pools: - type: json - description: Allocation pool for the overcloud_internal_net2 subnet - default: [{"start": "172.17.1.200", "end": "172.17.1.254"}] + overcloud_internal_net2_router_address: + type: string + description: Router address for the overcloud_internal_net2 subnet + default: 172.17.1.254 overcloud_storage_net: type: string @@ -50,10 +50,10 @@ parameters: does not need to be changed. default: 172.18.0.0/24 - overcloud_storage_net_allocation_pools: - type: json - description: Allocation pool for the overcloud_storage_net subnet - default: [{"start": "172.18.0.200", "end": "172.18.0.254"}] + overcloud_storage_net_router_address: + type: string + description: Router address for the overcloud_storage_net subnet + default: 172.18.0.254 overcloud_storage_net2: type: string @@ -67,10 +67,10 @@ parameters: does not need to be changed. default: 172.18.1.0/24 - overcloud_storage_net2_allocation_pools: - type: json - description: Allocation pool for the overcloud_storage_net2 subnet - default: [{"start": "172.18.1.200", "end": "172.18.1.254"}] + overcloud_storage_net2_router_address: + type: string + description: Router address for the overcloud_storage_net2 subnet + default: 172.18.1.254 overcloud_storage_mgmt_net: type: string @@ -84,10 +84,10 @@ parameters: and does not need to be changed. default: 172.19.0.0/24 - overcloud_storage_mgmt_net_allocation_pools: - type: json - description: Allocation pool for the overcloud_storage_mgmt_net subnet - default: [{"start": "172.19.0.200", "end": "172.19.0.254"}] + overcloud_storage_mgmt_net_router_address: + type: string + description: Router address for the overcloud_storage_mgmt_net subnet + default: 172.19.0.254 overcloud_storage_mgmt_net2: type: string @@ -101,10 +101,10 @@ parameters: and does not need to be changed. default: 172.19.1.0/24 - overcloud_storage_mgmt_net2_allocation_pools: - type: json - description: Allocation pool for the overcloud_storage_mgmt_net2 subnet - default: [{"start": "172.19.1.200", "end": "172.19.1.254"}] + overcloud_storage_mgmt_net2_router_address: + type: string + description: Router address for the overcloud_storage_mgmt_net2 subnet + default: 172.19.1.254 overcloud_tenant_net: type: string @@ -118,10 +118,10 @@ parameters: does not need to be changed. default: 172.16.0.0/24 - overcloud_tenant_net_allocation_pools: - type: json - description: Allocation pool for the overcloud_tenant_net subnet - default: [{"start": "172.16.0.200", "end": "172.16.0.254"}] + overcloud_tenant_net_router_address: + type: string + description: Router address for the overcloud_tenant_net subnet + default: 172.16.0.254 overcloud_tenant_net2: type: string @@ -135,10 +135,10 @@ parameters: does not need to be changed. default: 172.16.1.0/24 - overcloud_tenant_net2_allocation_pools: - type: json - description: Allocation pool for the overcloud_tenant_net2 subnet - default: [{"start": "172.16.1.200", "end": "172.16.1.254"}] + overcloud_tenant_net2_router_address: + type: string + description: Router address for the overcloud_tenant_net2 subnet + default: 172.16.1.254 resources: internal_router: @@ -157,7 +157,6 @@ resources: network: {get_resource: internal_network} name: {get_param: overcloud_internal_net} cidr: {get_param: overcloud_internal_net_cidr} - allocation_pools: {get_param: overcloud_internal_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -166,6 +165,8 @@ resources: properties: network: {get_resource: internal_network} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_internal_net_router_address} internal_subnet_interface: type: OS::Neutron::RouterInterface @@ -184,7 +185,6 @@ resources: network: {get_resource: internal_network2} name: {get_param: overcloud_internal_net2} cidr: {get_param: overcloud_internal_net2_cidr} - allocation_pools: {get_param: overcloud_internal_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -193,6 +193,8 @@ resources: properties: network: {get_resource: internal_network2} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_internal_net2_router_address} internal_subnet2_interface: type: OS::Neutron::RouterInterface @@ -216,7 +218,6 @@ resources: network: {get_resource: storage_network} name: {get_param: overcloud_storage_net} cidr: {get_param: overcloud_storage_net_cidr} - allocation_pools: {get_param: overcloud_storage_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -225,6 +226,8 @@ resources: properties: network: {get_resource: storage_network} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_storage_net_router_address} storage_subnet_interface: type: OS::Neutron::RouterInterface @@ -243,7 +246,6 @@ resources: network: {get_resource: storage_network2} name: {get_param: overcloud_storage_net2} cidr: {get_param: overcloud_storage_net2_cidr} - allocation_pools: {get_param: overcloud_storage_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -252,6 +254,8 @@ resources: properties: network: {get_resource: storage_network2} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_storage_net2_router_address} storage_subnet2_interface: type: OS::Neutron::RouterInterface @@ -275,7 +279,6 @@ resources: network: {get_resource: storage_mgmt_network} name: {get_param: overcloud_storage_mgmt_net} cidr: {get_param: overcloud_storage_mgmt_net_cidr} - allocation_pools: {get_param: overcloud_storage_mgmt_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -284,6 +287,8 @@ resources: properties: network: {get_resource: storage_mgmt_network} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_storage_mgmt_net_router_address} storage_mgmt_subnet_interface: type: OS::Neutron::RouterInterface @@ -302,7 +307,6 @@ resources: network: {get_resource: storage_mgmt_network2} name: {get_param: overcloud_storage_mgmt_net2} cidr: {get_param: overcloud_storage_mgmt_net2_cidr} - allocation_pools: {get_param: overcloud_storage_mgmt_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -311,6 +315,8 @@ resources: properties: network: {get_resource: storage_mgmt_network2} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_storage_mgmt_net2_router_address} storage_mgmt_subnet2_interface: type: OS::Neutron::RouterInterface @@ -334,7 +340,6 @@ resources: network: {get_resource: tenant_network} name: {get_param: overcloud_tenant_net} cidr: {get_param: overcloud_tenant_net_cidr} - allocation_pools: {get_param: overcloud_tenant_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -343,6 +348,8 @@ resources: properties: network: {get_resource: tenant_network} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_tenant_net_router_address} tenant_subnet_interface: type: OS::Neutron::RouterInterface @@ -361,7 +368,6 @@ resources: network: {get_resource: tenant_network2} name: {get_param: overcloud_tenant_net2} cidr: {get_param: overcloud_tenant_net2_cidr} - allocation_pools: {get_param: overcloud_tenant_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -370,6 +376,8 @@ resources: properties: network: {get_resource: tenant_network2} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: overcloud_tenant_net2_router_address} tenant_subnet2_interface: type: OS::Neutron::RouterInterface diff --git a/templates/undercloud-networks-routed.yaml b/templates/undercloud-networks-routed.yaml index 7291e23..19f86ac 100644 --- a/templates/undercloud-networks-routed.yaml +++ b/templates/undercloud-networks-routed.yaml @@ -11,10 +11,10 @@ parameters: description: CIDR for provision network subnet default: 192.0.2.0/24 - provision_net_allocation_pools: - type: json - description: Allocation pool for third provision network subnet - default: [{"start": "192.0.2.200", "end": "192.0.2.254"}] + provision_net_router_address: + type: string + description: Router address for the provision network subnet + default: 192.0.2.254 provision_net_shared: type: boolean @@ -31,10 +31,10 @@ parameters: description: CIDR for second provision network subnet default: 192.0.3.0/24 - provision_net2_allocation_pools: - type: json - description: Allocation pool for third provision network subnet - default: [{"start": "192.0.3.200", "end": "192.0.3.254"}] + provision_net2_router_address: + type: string + description: Router address for the provision network subnet + default: 192.0.3.254 provision_net2_shared: type: boolean @@ -51,10 +51,10 @@ parameters: description: CIDR for third provision network subnet default: 192.0.4.0/24 - provision_net3_allocation_pools: - type: json - description: Allocation pool for third provision network subnet - default: [{"start": "192.0.4.200", "end": "192.0.4.254"}] + provision_net3_router_address: + type: string + description: Router address for the provision network subnet + default: 192.0.4.254 provision_net3_shared: type: boolean @@ -94,7 +94,6 @@ resources: network: {get_resource: provision_network} name: {get_param: provision_net} cidr: {get_param: provision_net_cidr} - allocation_pools: {get_param: provision_net_allocation_pools} gateway_ip: null enable_dhcp: false @@ -103,6 +102,8 @@ resources: properties: network: {get_resource: provision_network} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: provision_net_router_address} provision_router_interface: type: OS::Neutron::RouterInterface @@ -122,7 +123,6 @@ resources: network: {get_resource: provision_network2} name: {get_param: provision_net2} cidr: {get_param: provision_net2_cidr} - allocation_pools: {get_param: provision_net2_allocation_pools} gateway_ip: null enable_dhcp: false @@ -131,6 +131,8 @@ resources: properties: network: {get_resource: provision_network2} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: provision_net2_router_address} provision_router_interface2: type: OS::Neutron::RouterInterface @@ -150,7 +152,6 @@ resources: network: {get_resource: provision_network3} name: {get_param: provision_net3} cidr: {get_param: provision_net3_cidr} - allocation_pools: {get_param: provision_net3_allocation_pools} gateway_ip: null enable_dhcp: false @@ -159,6 +160,8 @@ resources: properties: network: {get_resource: provision_network3} port_security_enabled: false + fixed_ips: + - ip_address: {get_param: provision_net3_router_address} provision_router_interface3: type: OS::Neutron::RouterInterface From a16f379e1bb8e9bb52db1cc828a55add8d3c138f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Thu, 18 Oct 2018 11:43:41 +0200 Subject: [PATCH 21/46] Use 192.168.x.x addressing instead of 192.0.x.x addressing 192.0.x.x is non-private addresses. Since we now in some cases care about the address ranges used in the environment switch to use addresses in the private space 192.168.x.x. Also minor update to doc, router addresses are no longer dynamically allocated. --- .../network-environment.yaml | 4 +- bond-network-templates/ui-settings.pickle | 4 +- doc/source/deploy/baremetal.rst | 2 +- doc/source/deploy/quintupleo.rst | 62 +++++++++---------- .../network-environment.yaml | 4 +- ipv6-network-templates/ui-settings.pickle | 4 +- network-templates/network-environment.yaml | 4 +- network-templates/ui-settings.pickle | 4 +- .../network-environment.yaml | 4 +- .../bond-network-templates/ui-settings.pickle | 4 +- .../network-environment.yaml | 4 +- .../ipv6-network-templates/ui-settings.pickle | 4 +- .../network-environment.yaml | 4 +- .../network-templates/ui-settings.pickle | 4 +- templates/dhcp-relay.yaml | 3 - templates/quintupleo.yaml | 4 +- templates/undercloud-networks-routed.yaml | 12 ++-- templates/undercloud-networks.yaml | 2 +- templates/virtual-baremetal.yaml | 4 +- 19 files changed, 67 insertions(+), 70 deletions(-) diff --git a/bond-network-templates/network-environment.yaml b/bond-network-templates/network-environment.yaml index 3d81639..a4f4a1f 100644 --- a/bond-network-templates/network-environment.yaml +++ b/bond-network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 10.0.0.0/24 ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] ExternalInterfaceDefaultRoute: 10.0.0.1 diff --git a/bond-network-templates/ui-settings.pickle b/bond-network-templates/ui-settings.pickle index 74ec540..22bfce2 100644 --- a/bond-network-templates/ui-settings.pickle +++ b/bond-network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/doc/source/deploy/baremetal.rst b/doc/source/deploy/baremetal.rst index b680fd8..0ce9ac7 100644 --- a/doc/source/deploy/baremetal.rst +++ b/doc/source/deploy/baremetal.rst @@ -37,7 +37,7 @@ method, which creates most of the resources needed automatically. :: neutron net-create provision - neutron subnet-create --name provision --no-gateway --disable-dhcp provision 192.0.2.0/24 + neutron subnet-create --name provision --no-gateway --disable-dhcp provision 192.168.24.0/24 #. Create "public" network. diff --git a/doc/source/deploy/quintupleo.rst b/doc/source/deploy/quintupleo.rst index bfe1e6d..3b8c71c 100644 --- a/doc/source/deploy/quintupleo.rst +++ b/doc/source/deploy/quintupleo.rst @@ -228,10 +228,10 @@ OVB as well. ``"physical_network": ""`` with ``"physical_network": "ctlplane"``. -#. The router addresses in the environment are dynamically allocated. For - convenience these are made available via the ``network_environment_data`` - key in the stack output of the quintupleo heat stack. To retrieve this data - run the ``openstack stack show`` command. For example:: +#. For convenience router addresses are made available via the + ``network_environment_data`` key in the stack output of the quintupleo heat + stack. To retrieve this data run the ``openstack stack show`` command. For + example:: $ openstack stack show quintupleo -c outputs -f yaml @@ -244,15 +244,15 @@ OVB as well. output_value: internal2_router: 172.17.1.204 internal_router_address: 172.17.0.201 - provision2_router: 192.0.3.206 - provision3_router: 192.0.4.204 - provision_router: 192.0.2.203 - storage2_router_address: 172.18.1.209 - storage_mgmt2_router_address: 172.19.1.206 - storage_mgmt_router_address: 172.19.0.209 - storage_router_address: 172.18.0.208 - tenant2_router_address: 172.16.1.200 - tenant_router_address: 172.16.0.201 + provision2_router: 192.168.25.254 + provision3_router: 192.168.26.254 + provision_router: 192.168.24.254 + storage2_router_address: 172.18.1.254 + storage_mgmt2_router_address: 172.19.1.254 + storage_mgmt_router_address: 172.19.0.254 + storage_router_address: 172.18.0.254 + tenant2_router_address: 172.16.1.254 + tenant_router_address: 172.16.0.254 - description: ip of the undercloud instance on the private network output_key: undercloud_host_private_ip output_value: 10.0.1.14 @@ -272,33 +272,33 @@ OVB as well. undercloud_hostname = undercloud.rdocloud local_interface = eth1 local_mtu = 1450 - local_ip = 192.0.2.1/24 - undercloud_public_host = 192.0.2.2 - undercloud_admin_host = 192.0.2.3 + local_ip = 192.168.24.1/24 + undercloud_public_host = 192.168.24.2 + undercloud_admin_host = 192.168.24.3 undercloud_nameservers = 8.8.8.8,8.8.4.4 local_subnet = provision subnets = provision,provision2,provision3 [provision] - cidr = 192.0.2.0/24 - dhcp_start = 192.0.2.10 - dhcp_end = 192.0.2.30 - gateway = 192.0.2.203 - inspection_iprange = 192.0.2.100,192.0.2.120 + cidr = 192.168.24.0/24 + dhcp_start = 192.168.24.10 + dhcp_end = 192.168.24.30 + gateway = 192.168.24.254 + inspection_iprange = 192.168.24.100,192.168.24.120 masquerade = true [provision2] - cidr = 192.0.3.0/24 - dhcp_start = 192.0.3.10 - dhcp_end = 192.0.3.30 - gateway = 192.0.3.206 - inspection_iprange = 192.0.3.100,192.0.3.120 + cidr = 192.168.25.0/24 + dhcp_start = 192.168.25.10 + dhcp_end = 192.168.25.30 + gateway = 192.168.25.254 + inspection_iprange = 192.168.25.100,192.168.25.120 masquerade = true [provision3] - cidr = 192.0.4.0/24 - dhcp_start = 192.0.4.10 - dhcp_end = 192.0.4.30 - gateway = 192.0.4.204 - inspection_iprange = 192.0.4.100,192.0.4.120 + cidr = 192.168.26.0/24 + dhcp_start = 192.168.26.10 + dhcp_end = 192.168.26.30 + gateway = 192.168.26.254 + inspection_iprange = 192.168.26.100,192.168.26.120 masquerade = true diff --git a/ipv6-network-templates/network-environment.yaml b/ipv6-network-templates/network-environment.yaml index 824081a..d845650 100644 --- a/ipv6-network-templates/network-environment.yaml +++ b/ipv6-network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 2001:db8:fd00:1000::/64 ExternalAllocationPools: [{"start": "2001:db8:fd00:1000::10", "end": "2001:db8:fd00:1000:ffff:ffff:ffff:fffe"}] ExternalInterfaceDefaultRoute: 2001:db8:fd00:1000::1 diff --git a/ipv6-network-templates/ui-settings.pickle b/ipv6-network-templates/ui-settings.pickle index bc3ac5a..725c716 100644 --- a/ipv6-network-templates/ui-settings.pickle +++ b/ipv6-network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/network-templates/network-environment.yaml b/network-templates/network-environment.yaml index 05b0d1f..466aa80 100644 --- a/network-templates/network-environment.yaml +++ b/network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 10.0.0.0/24 ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] ExternalInterfaceDefaultRoute: 10.0.0.1 diff --git a/network-templates/ui-settings.pickle b/network-templates/ui-settings.pickle index 0b71d5c..195eabc 100644 --- a/network-templates/ui-settings.pickle +++ b/network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/overcloud-templates/bond-network-templates/network-environment.yaml b/overcloud-templates/bond-network-templates/network-environment.yaml index 3d81639..a4f4a1f 100644 --- a/overcloud-templates/bond-network-templates/network-environment.yaml +++ b/overcloud-templates/bond-network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 10.0.0.0/24 ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] ExternalInterfaceDefaultRoute: 10.0.0.1 diff --git a/overcloud-templates/bond-network-templates/ui-settings.pickle b/overcloud-templates/bond-network-templates/ui-settings.pickle index 74ec540..22bfce2 100644 --- a/overcloud-templates/bond-network-templates/ui-settings.pickle +++ b/overcloud-templates/bond-network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/overcloud-templates/ipv6-network-templates/network-environment.yaml b/overcloud-templates/ipv6-network-templates/network-environment.yaml index 824081a..d845650 100644 --- a/overcloud-templates/ipv6-network-templates/network-environment.yaml +++ b/overcloud-templates/ipv6-network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 2001:db8:fd00:1000::/64 ExternalAllocationPools: [{"start": "2001:db8:fd00:1000::10", "end": "2001:db8:fd00:1000:ffff:ffff:ffff:fffe"}] ExternalInterfaceDefaultRoute: 2001:db8:fd00:1000::1 diff --git a/overcloud-templates/ipv6-network-templates/ui-settings.pickle b/overcloud-templates/ipv6-network-templates/ui-settings.pickle index 556326c..ff60aee 100644 --- a/overcloud-templates/ipv6-network-templates/ui-settings.pickle +++ b/overcloud-templates/ipv6-network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/overcloud-templates/network-templates/network-environment.yaml b/overcloud-templates/network-templates/network-environment.yaml index 05b0d1f..466aa80 100644 --- a/overcloud-templates/network-templates/network-environment.yaml +++ b/overcloud-templates/network-templates/network-environment.yaml @@ -8,8 +8,8 @@ resource_registry: parameter_defaults: ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.0.2.1 - EC2MetadataIp: 192.0.2.1 + ControlPlaneDefaultRoute: 192.168.24.1 + EC2MetadataIp: 192.168.24.1 ExternalNetCidr: 10.0.0.0/24 ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] ExternalInterfaceDefaultRoute: 10.0.0.1 diff --git a/overcloud-templates/network-templates/ui-settings.pickle b/overcloud-templates/network-templates/ui-settings.pickle index a70c44a..9ff60a0 100644 --- a/overcloud-templates/network-templates/ui-settings.pickle +++ b/overcloud-templates/network-templates/ui-settings.pickle @@ -7,14 +7,14 @@ p3 (dp4 S'route' p5 -V192.0.2.1 +V192.168.24.1 p6 sS'mask' p7 I24 sS'ec2' p8 -V192.0.2.1 +V192.168.24.1 p9 ssS'major' p10 diff --git a/templates/dhcp-relay.yaml b/templates/dhcp-relay.yaml index 325d268..b54e17f 100644 --- a/templates/dhcp-relay.yaml +++ b/templates/dhcp-relay.yaml @@ -21,9 +21,6 @@ parameters: dhcp_ips: type: json - default: - - 192.0.2.1 - - 192.0.2.10 description: | The IP addresses of DHCP servers to relay DHCP requests to. diff --git a/templates/quintupleo.yaml b/templates/quintupleo.yaml index ed0af86..b7e665c 100644 --- a/templates/quintupleo.yaml +++ b/templates/quintupleo.yaml @@ -144,8 +144,8 @@ parameters: dhcp_ips: type: json default: - - 192.0.2.1 - - 192.0.2.10 + - 192.168.24.1 + - 192.168.24.10 description: | The IP addresses of DHCP servers to relay DHCP requests to. diff --git a/templates/undercloud-networks-routed.yaml b/templates/undercloud-networks-routed.yaml index 19f86ac..b66aecb 100644 --- a/templates/undercloud-networks-routed.yaml +++ b/templates/undercloud-networks-routed.yaml @@ -9,12 +9,12 @@ parameters: provision_net_cidr: type: string description: CIDR for provision network subnet - default: 192.0.2.0/24 + default: 192.168.24.0/24 provision_net_router_address: type: string description: Router address for the provision network subnet - default: 192.0.2.254 + default: 192.168.24.254 provision_net_shared: type: boolean @@ -29,12 +29,12 @@ parameters: provision_net2_cidr: type: string description: CIDR for second provision network subnet - default: 192.0.3.0/24 + default: 192.168.25.0/24 provision_net2_router_address: type: string description: Router address for the provision network subnet - default: 192.0.3.254 + default: 192.168.25.254 provision_net2_shared: type: boolean @@ -49,12 +49,12 @@ parameters: provision_net3_cidr: type: string description: CIDR for third provision network subnet - default: 192.0.4.0/24 + default: 192.168.26.0/24 provision_net3_router_address: type: string description: Router address for the provision network subnet - default: 192.0.4.254 + default: 192.168.26.254 provision_net3_shared: type: boolean diff --git a/templates/undercloud-networks.yaml b/templates/undercloud-networks.yaml index b0131f6..4f9bc34 100644 --- a/templates/undercloud-networks.yaml +++ b/templates/undercloud-networks.yaml @@ -9,7 +9,7 @@ parameters: provision_net_cidr: type: string description: CIDR for provision network subnet - default: 192.0.2.0/24 + default: 192.168.24.0/24 provision_net_shared: type: boolean diff --git a/templates/virtual-baremetal.yaml b/templates/virtual-baremetal.yaml index dcb2a00..84fad04 100644 --- a/templates/virtual-baremetal.yaml +++ b/templates/virtual-baremetal.yaml @@ -117,8 +117,8 @@ parameters: dhcp_ips: type: json default: - - 192.0.2.1 - - 192.0.2.10 + - 192.168.24.1 + - 192.168.24.10 description: | The IP addresses of DHCP servers to relay DHCP requests to. From 026eeb342b7ff17a0a2f5cd9ee639fc1499a671b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Thu, 18 Oct 2018 12:48:02 +0200 Subject: [PATCH 22/46] Revert changes to deploy.py in c13640 and update unit tests Revert the change to _process_role() method done in commit: c1364026fa3069072e8ce70261a867e84578d641. Passing networks will only be supported via parameters_defaults. Update the unit tests to include the data in parameter_defaults. --- openstack_virtual_baremetal/deploy.py | 13 +++++-------- openstack_virtual_baremetal/tests/test_deploy.py | 7 +++---- 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index cb21b96..e5885ba 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -356,14 +356,11 @@ def _process_role(role_file, base_envs, stack_name, args): _add_identifier(role_env, 'overcloud_storage_net', args.id) _add_identifier(role_env, 'overcloud_storage_mgmt_net', args.id) _add_identifier(role_env, 'overcloud_tenant_net', args.id) - if not role_env['parameter_defaults'].get('networks'): - role_env['parameter_defaults']['networks'] = {} - for k, v in {'private': 'private_net', - 'provision': 'provision_net', - 'public': 'public_net'}.items(): - role_env['parameter_defaults']['networks'].update( - {k: role_env['parameter_defaults'].get( - v, role_env['parameters'].get(v, k))}) + role_env['parameter_defaults']['networks'] = { + 'private': role_env['parameter_defaults']['private_net'], + 'provision': role_env['parameter_defaults']['provision_net'], + 'public': role_env['parameter_defaults']['public_net'], + } role_file = 'env-%s-%s.yaml' % (stack_name, role) _write_role_file(role_env, role_file) return role_file, role diff --git a/openstack_virtual_baremetal/tests/test_deploy.py b/openstack_virtual_baremetal/tests/test_deploy.py index 3829fd6..9675636 100755 --- a/openstack_virtual_baremetal/tests/test_deploy.py +++ b/openstack_virtual_baremetal/tests/test_deploy.py @@ -213,7 +213,6 @@ role_base_data = { 'undercloud_image': 'centos7-base', 'baremetal_image': 'ipxe-boot', 'external_net': 'external', - 'private_net': 'private', 'baremetal_prefix': 'baremetal-foo-control', 'undercloud_flavor': 'undercloud-16', 'node_count': 3, @@ -229,6 +228,9 @@ role_base_data = { role_specific_data = { 'parameter_defaults': { 'role': 'compute', + 'public_net': 'public', + 'private_net': 'private', + 'provision_net': 'provision', }, 'parameters': { 'key_name': 'default', @@ -254,16 +256,13 @@ role_original_data = { 'undercloud_name': 'undercloud', 'baremetal_flavor': 'baremetal', 'os_auth_url': 'http://1.1.1.1:5000/v2.0', - 'provision_net': 'provision', 'bmc_image': 'bmc-base', 'os_tenant': 'admin', 'bmc_prefix': 'bmc', - 'public_net': 'public', 'undercloud_image': 'centos7-base', 'baremetal_image': 'ipxe-boot', 'external_net': 'external', 'os_password': 'password', - 'private_net': 'private', 'undercloud_flavor': 'undercloud-16', 'node_count': 3, 'bmc_flavor': 'bmc' From bc309fe0fcd39883ebe872585f60ea9bde4e0b6a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Thu, 18 Oct 2018 12:56:32 +0200 Subject: [PATCH 23/46] Revert "Fix resource registry path's in environments/routed-networks.yaml" This reverts commit 3ffed11adaf82f6884d76e9e2a35591b0f7e6223. --- environments/routed-networks.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/environments/routed-networks.yaml b/environments/routed-networks.yaml index 6b6142d..0334433 100644 --- a/environments/routed-networks.yaml +++ b/environments/routed-networks.yaml @@ -21,6 +21,6 @@ parameter_defaults: dhcp_relay_image: CentOS-7-x86_64-GenericCloud resource_registry: - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-routed.yaml - OS::OVB::DHCPRelay: ../templates/dhcp-relay.yaml - OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-routed.yaml + OS::OVB::BaremetalNetworks: templates/baremetal-networks-routed.yaml + OS::OVB::DHCPRelay: templates/dhcp-relay.yaml + OS::OVB::UndercloudNetworks: templates/undercloud-networks-routed.yaml From 4b74d2e1e9240c824323561557d2619a5219a5d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Thu, 18 Oct 2018 13:03:56 +0200 Subject: [PATCH 24/46] Doc - copy and edit sample environments Instead of referencing same environment files directly, change the doc to copy the sample files and edit them. --- doc/source/deploy/quintupleo.rst | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/doc/source/deploy/quintupleo.rst b/doc/source/deploy/quintupleo.rst index 3b8c71c..4bf550f 100644 --- a/doc/source/deploy/quintupleo.rst +++ b/doc/source/deploy/quintupleo.rst @@ -176,14 +176,26 @@ OVB as well. cp environments/base.yaml env.yaml vi env.yaml +#. Copy the ``routed-networks.yaml`` sample environment file and edit it to + reflect the host environment:: + + cp environments/routed-networks.yaml env-routed-networks.yaml + vi env-routed-networks.yaml + +#. For each desired role, copy the ``routed-networks-role.yaml`` sample + environment file and edit it to reflect the host environment:: + + cp environments/routed-networks-role.yaml env-leaf1.yaml + vi env-leaf1.yaml + #. Deploy the QuintupleO routed networks environment by running the deploy.py command. For example:: ./bin/deploy.py --env env.yaml \ --quintupleo \ --env environments/all-networks-port-security.yaml \ - --env environments/routed-networks.yaml \ - --role environments/routed-networks-role.yaml + --env env-routed-networks.yaml \ + --role env-leaf1.yaml #. When generateing the ``nodes.json`` file for TripleO undercloud node import the environment ``env-routed.yaml`` should be specified. Also to include From 40db3d983456b8de12b43099d93376c7e6681a2e Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Tue, 23 Oct 2018 16:03:36 +0000 Subject: [PATCH 25/46] Enable masquerading on undercloud The default for this got changed in the move to routed networks, so we need to enable it explicitly now. --- bin/ovb-instack | 2 ++ 1 file changed, 2 insertions(+) diff --git a/bin/ovb-instack b/bin/ovb-instack index 1a68f51..eca86e4 100755 --- a/bin/ovb-instack +++ b/bin/ovb-instack @@ -57,6 +57,8 @@ enable_ui = false enable_validations = false enable_tempest = false local_mtu = 1450 +[ctlplane-subnet] +masquerade = true EOF sudo yum install -y python-tripleoclient From db5c1e4d6960041287d829796ccbc9c17f339995 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Tue, 23 Oct 2018 16:36:30 +0000 Subject: [PATCH 26/46] Correct logic for adding id when processing role Previously the id was always appended, but when the network names were inherited from the parent data they already had it. This change looks for whether the name already ends in -id and if so it skips the id addition. --- openstack_virtual_baremetal/deploy.py | 23 +++++++++++++++---- .../tests/test_deploy.py | 19 +++++++-------- 2 files changed, 28 insertions(+), 14 deletions(-) diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index e5885ba..a99446b 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -351,11 +351,24 @@ def _process_role(role_file, base_envs, stack_name, args): role_env['parameters']['bmc_prefix'] = '%s-%s' % (bmc_prefix, role) # At this time roles are only attached to a single set of networks, so # we use just the primary network parameters. - _add_identifier(role_env, 'provision_net', args.id) - _add_identifier(role_env, 'overcloud_internal_net', args.id) - _add_identifier(role_env, 'overcloud_storage_net', args.id) - _add_identifier(role_env, 'overcloud_storage_mgmt_net', args.id) - _add_identifier(role_env, 'overcloud_tenant_net', args.id) + def maybe_add_id(role_env, name, args): + """Add id only if one is not already present + + When we inherit network names, they will already have the id present. + However, if the user overrides the network name (for example, when + using multiple routed networks) then it should not have the id. + We can detect which is the case by looking at whether the name already + ends with -id. + """ + if (args.id and + not role_env['parameter_defaults'].get(name, '') + .endswith('-' + args.id)): + _add_identifier(role_env, name, args.id) + maybe_add_id(role_env, 'provision_net', args) + maybe_add_id(role_env, 'overcloud_internal_net', args) + maybe_add_id(role_env, 'overcloud_storage_net', args) + maybe_add_id(role_env, 'overcloud_storage_mgmt_net', args) + maybe_add_id(role_env, 'overcloud_tenant_net', args) role_env['parameter_defaults']['networks'] = { 'private': role_env['parameter_defaults']['private_net'], 'provision': role_env['parameter_defaults']['provision_net'], diff --git a/openstack_virtual_baremetal/tests/test_deploy.py b/openstack_virtual_baremetal/tests/test_deploy.py index 9675636..204b8e3 100755 --- a/openstack_virtual_baremetal/tests/test_deploy.py +++ b/openstack_virtual_baremetal/tests/test_deploy.py @@ -192,10 +192,13 @@ class TestIdEnv(unittest.TestCase): # _process_role test data role_base_data = { 'parameter_defaults': { - 'overcloud_storage_mgmt_net': 'storage_mgmt', - 'overcloud_internal_net': 'internal', - 'overcloud_storage_net': 'storage', - 'overcloud_tenant_net': 'tenant', + 'overcloud_storage_mgmt_net': 'storage_mgmt-foo', + 'overcloud_internal_net': 'internal-foo', + 'overcloud_storage_net': 'storage-foo', + 'overcloud_tenant_net': 'tenant-foo', + 'provision_net': 'provision-foo', + 'public_net': 'public-foo', + 'private_net': 'private', 'role': 'control', }, 'parameters': { @@ -205,11 +208,9 @@ role_base_data = { 'bmc_image': 'bmc-base', 'baremetal_flavor': 'baremetal', 'os_auth_url': 'http://1.1.1.1:5000/v2.0', - 'provision_net': 'provision-foo', 'os_password': 'password', 'os_tenant': 'admin', 'bmc_prefix': 'bmc-foo', - 'public_net': 'public-foo', 'undercloud_image': 'centos7-base', 'baremetal_image': 'ipxe-boot', 'external_net': 'external', @@ -228,9 +229,6 @@ role_base_data = { role_specific_data = { 'parameter_defaults': { 'role': 'compute', - 'public_net': 'public', - 'private_net': 'private', - 'provision_net': 'provision', }, 'parameters': { 'key_name': 'default', @@ -249,6 +247,9 @@ role_original_data = { 'parameter_defaults': { 'role': 'control', 'baremetal_prefix': 'baremetal', + 'public_net': 'public', + 'private_net': 'private', + 'provision_net': 'provision', }, 'parameters': { 'os_user': 'admin', From caee7aeaf41581c9ff1e5dbba8562a82f0626ac0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Mon, 22 Oct 2018 17:48:06 +0200 Subject: [PATCH 27/46] Add router on the public network to provide external access TripleO CI currently configures an interface on the undercloud connected to the public network and uses the undercloud as the router for the public network. This deviates from what a non CI deployment would. This change adds an optional undercloud-network-public-router template with a router on the public_net which can provide NAT'ed external access for overcloud nodes that use External network interface as the default route. The undercloud-networks-routed template have the public-router added as well. This removes the need for undercloud to provide masqueraded routing for the external network when these templates are used. --- templates/quintupleo.yaml | 1 + .../undercloud-networks-public-router.yaml | 105 ++++++++++++++++++ templates/undercloud-networks-routed.yaml | 33 ++++++ templates/undercloud-networks.yaml | 6 +- 4 files changed, 143 insertions(+), 2 deletions(-) create mode 100644 templates/undercloud-networks-public-router.yaml diff --git a/templates/quintupleo.yaml b/templates/quintupleo.yaml index b7e665c..340d8ad 100644 --- a/templates/quintupleo.yaml +++ b/templates/quintupleo.yaml @@ -212,3 +212,4 @@ outputs: map_merge: - get_attr: [undercloud_networks, provision_network_routers] - get_attr: [baremetal_env, baremetal_networks_routers_addresses] + - get_attr: [undercloud_networks, public_network_router] diff --git a/templates/undercloud-networks-public-router.yaml b/templates/undercloud-networks-public-router.yaml new file mode 100644 index 0000000..9626bee --- /dev/null +++ b/templates/undercloud-networks-public-router.yaml @@ -0,0 +1,105 @@ +heat_template_version: 2015-04-30 + +parameters: + provision_net: + type: string + default: provision + description: Name of a network that will be used for provisioning traffic + + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.168.24.0/24 + + provision_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + public_net: + type: string + description: Name of the overcloud external network + default: public + + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + + public_net_router_address: + type: string + description: Router address for the public network subnet + default: 10.0.0.254 + + public_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + external_net: + type: string + description: An external network for the networks to route to + +resources: + provision_network: + type: OS::Neutron::Net + properties: + name: {get_param: provision_net} + shared: {get_param: provision_net_shared} + + provision_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: provision_network} + name: {get_param: provision_net} + cidr: {get_param: provision_net_cidr} + gateway_ip: null + enable_dhcp: false + + public_network: + type: OS::Neutron::Net + properties: + name: {get_param: public_net} + shared: {get_param: public_net_shared} + + public_subnet: + type: OS::Neutron::Subnet + properties: + network: {get_resource: public_network} + name: {get_param: public_net} + cidr: {get_param: public_net_cidr} + gateway_ip: null + enable_dhcp: false + + public_router: + type: OS::Neutron::Router + properties: + name: public-router + external_gateway_info: + network: {get_param: external_net} + + public_router_port: + type: OS::Neutron::Port + properties: + network: {get_resource: public_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: public_net_router_address} + + public_router_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: public_router} + port: {get_resource: public_router_port} + +outputs: + networks: + value: + provision: {get_resource: provision_network} + public: {get_resource: public_network} + # The provision_network_routers is here for compatibility only + provision_network_routers: + value: {} + public_network_router: + value: + public_router: {get_attr: [public_router_port, fixed_ips, 0, ip_address]} diff --git a/templates/undercloud-networks-routed.yaml b/templates/undercloud-networks-routed.yaml index b66aecb..fea204e 100644 --- a/templates/undercloud-networks-routed.yaml +++ b/templates/undercloud-networks-routed.yaml @@ -71,11 +71,20 @@ parameters: description: CIDR for external network subnet default: 10.0.0.0/24 + public_net_router_address: + type: string + description: Router address for the public network subnet + default: 10.0.0.254 + public_net_shared: type: boolean description: Whether this network should be shared across all tenants default: false + external_net: + type: string + description: An external network for the networks to route to + resources: provision_router: type: OS::Neutron::Router @@ -184,6 +193,27 @@ resources: gateway_ip: null enable_dhcp: false + public_router: + type: OS::Neutron::Router + properties: + name: public-router + external_gateway_info: + network: {get_param: external_net} + + public_router_port: + type: OS::Neutron::Port + properties: + network: {get_resource: public_network} + port_security_enabled: false + fixed_ips: + - ip_address: {get_param: public_net_router_address} + + public_router_interface: + type: OS::Neutron::RouterInterface + properties: + router: {get_resource: public_router} + port: {get_resource: public_router_port} + outputs: networks: value: @@ -196,3 +226,6 @@ outputs: provision_router: {get_attr: [provision_router_port, fixed_ips, 0, ip_address]} provision2_router: {get_attr: [provision_router_port2, fixed_ips, 0, ip_address]} provision3_router: {get_attr: [provision_router_port3, fixed_ips, 0, ip_address]} + public_network_router: + value: + public_router: {get_attr: [public_router_port, fixed_ips, 0, ip_address]} diff --git a/templates/undercloud-networks.yaml b/templates/undercloud-networks.yaml index 4f9bc34..a25e1a9 100644 --- a/templates/undercloud-networks.yaml +++ b/templates/undercloud-networks.yaml @@ -67,6 +67,8 @@ outputs: value: provision: {get_resource: provision_network} public: {get_resource: public_network} - # The provision_network_routers is here for compatibility only + # The provision and public network routers is here for compatibility only provision_network_routers: - value: {} + value: null + public_network_router: + value: null From 6f5481816ffc4c5560557ec380374945a282afc2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Tue, 23 Oct 2018 10:07:37 +0200 Subject: [PATCH 28/46] Add external interface to routed networks provision router When deploying TripleO overcloud nodes using the ctlplane network as the default gateway need to reach the internet (ntp servers etc.). Previously this was done using the undercloud as a masquerading router, doing so when nodes are not on the same L2 network as the undercloud is not as straight forward. (I.e we would have to set up routes on the provision router in ovb with a default route via the ip-address of the undercloud.) Hooking up the router for the provision networks to the external_net and let the ovb infra router do the NAT'ing makes more sense. --- templates/undercloud-networks-routed.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/templates/undercloud-networks-routed.yaml b/templates/undercloud-networks-routed.yaml index fea204e..b533cb3 100644 --- a/templates/undercloud-networks-routed.yaml +++ b/templates/undercloud-networks-routed.yaml @@ -90,6 +90,8 @@ resources: type: OS::Neutron::Router properties: name: provision-router + external_gateway_info: + network: {get_param: external_net} provision_network: type: OS::Neutron::Net From 96a75821430dd0fb623df8735d8e3a83368bf156 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Fri, 26 Oct 2018 02:15:02 +0200 Subject: [PATCH 29/46] Fixed ip's for dhcp-relay provision interfaces The IP addresses for the dhcp-relay service on the provision networks need to be fixed. If we end up using an address on the dhcp-relay instance that overlaps the address range in the Undercloud's provisioning networks we end up with conflicts. --- templates/dhcp-relay.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/templates/dhcp-relay.yaml b/templates/dhcp-relay.yaml index b54e17f..f4e5acc 100644 --- a/templates/dhcp-relay.yaml +++ b/templates/dhcp-relay.yaml @@ -19,6 +19,21 @@ parameters: The base image for the dhcrelay instance. A CentOS 7 image is currently the only one supported. + dhcp_relay_provision_address: + type: string + description: DHCP relay address on the provision network subnet + default: 192.168.24.253 + + dhcp_relay_provision2_address: + type: string + description: DHCP relay address on the provision2 network subnet + default: 192.168.25.253 + + dhcp_relay_provision3_address: + type: string + description: DHCP relay address on the provision3 network subnet + default: 192.168.26.253 + dhcp_ips: type: json description: | @@ -44,6 +59,8 @@ resources: name: dhcp_relay_port_provision network: {get_param: [networks, provision]} port_security_enabled: False + fixed_ips: + - ip_address: {get_param: dhcp_relay_provision_address} dhcp_relay_port_provision2: type: OS::Neutron::Port @@ -51,6 +68,8 @@ resources: name: dhcp_relay_port_provision2 network: {get_param: [networks, provision2]} port_security_enabled: False + fixed_ips: + - ip_address: {get_param: dhcp_relay_provision2_address} dhcp_relay_port_provision3: type: OS::Neutron::Port @@ -58,6 +77,8 @@ resources: name: dhcp_relay_port_provision3 network: {get_param: [networks, provision3]} port_security_enabled: False + fixed_ips: + - ip_address: {get_param: dhcp_relay_provision3_address} init_networks: type: OS::Heat::CloudConfig From 8ae1dff1b223993ed1ada7478e7531972129bab2 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Thu, 25 Oct 2018 07:54:35 -0500 Subject: [PATCH 30/46] Ignore W504 from flake8 I don't particularly agree with this rule (as evidenced by the fact that I break it repeatedly in this codebase), so I'm not going to enforce it. --- tox.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index 4b215ce..e646477 100644 --- a/tox.ini +++ b/tox.ini @@ -27,6 +27,6 @@ commands = python setup.py test --coverage --coverage-package-name=openstack_vir commands = python bin/environment-generator.py sample-env-generator --index doc/source/deploy/environment-index.rst [flake8] -ignore = H803 +ignore = H803,W504 show-source = True exclude = .tox,dist,doc,*.egg,build From c445db26dd1f9e06444fc8023148f2f5038848e0 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Mon, 29 Oct 2018 20:34:06 +0000 Subject: [PATCH 31/46] Test with local network templates Previously the network templates were always pulled from github, but that means changes involving the templates can't be tested easily. This change copies the local version of the network templates to the undercloud so they will be used for the deployment. --- bin/ovb-instack | 8 ++++++-- bin/test-job-v2 | 2 ++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/bin/ovb-instack b/bin/ovb-instack index eca86e4..871c8db 100755 --- a/bin/ovb-instack +++ b/bin/ovb-instack @@ -33,7 +33,11 @@ git clone https://git.openstack.org/openstack-infra/tripleo-ci git-tripleo-ci echo '#!/bin/bash' > tripleo.sh echo 'git-tripleo-ci/scripts/tripleo.sh $@' >> tripleo.sh chmod +x tripleo.sh -git clone https://github.com/cybertron/openstack-virtual-baremetal +if [ ! -d overcloud-templates ] +then + git clone https://github.com/cybertron/openstack-virtual-baremetal + cp -r openstack-virtual-baremetal/overcloud-templates . +fi export OVERCLOUD_PINGTEST_OLD_HEATCLIENT=0 export TRIPLEOSH=/home/centos/tripleo.sh @@ -102,7 +106,7 @@ timer export OVERCLOUD_DEPLOY_ARGS="--libvirt-type qemu -e /usr/share/openstack-tripleo-heat-templates/environments/disable-telemetry.yaml" if [ ${VERSION:-1} -eq 2 ] then - OVERCLOUD_DEPLOY_ARGS="$OVERCLOUD_DEPLOY_ARGS -e /home/centos/openstack-virtual-baremetal/overcloud-templates/network-templates-v2/network-isolation-absolute.yaml -e /home/centos/openstack-virtual-baremetal/overcloud-templates/network-templates-v2/network-environment.yaml" + OVERCLOUD_DEPLOY_ARGS="$OVERCLOUD_DEPLOY_ARGS -e /home/centos/overcloud-templates/network-templates-v2/network-isolation-absolute.yaml -e /home/centos/overcloud-templates/network-templates-v2/network-environment.yaml" fi openstack overcloud deploy --templates $OVERCLOUD_DEPLOY_ARGS diff --git a/bin/test-job-v2 b/bin/test-job-v2 index 397f3ac..e7fa6e3 100755 --- a/bin/test-job-v2 +++ b/bin/test-job-v2 @@ -34,6 +34,7 @@ cd $TEMPDIR cp -r $BIN_DIR/../templates . cp -r $BIN_DIR/../environments . +cp -r $BIN_DIR/../overcloud-templates . cp environments/base.yaml ./env.yaml sed -i "s/bmc_image: .*/bmc_image: $BMC_IMAGE/" env.yaml sed -i "s/bmc_flavor: .*/bmc_flavor: $BMC_FLAVOR/" env.yaml @@ -59,6 +60,7 @@ SSH_OPTS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLeve until ssh -t -t $SSH_OPTS centos@$UNDERCLOUD_IP ls; do sleep 1; done scp $SSH_OPTS bin/ovb-instack centos@$UNDERCLOUD_IP:/tmp scp $SSH_OPTS nodes.json centos@$UNDERCLOUD_IP:~/instackenv.json +scp $SSH_OPTS -r overcloud-templates centos@$UNDERCLOUD_IP:~ ssh -t -t $SSH_OPTS centos@$UNDERCLOUD_IP LOCAL=$LOCAL VERSION=2 /tmp/ovb-instack heat stack-delete -y $STACK_NAME From e4edf35b6423430454b6fb68e02f0f6e264137ce Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Wed, 31 Oct 2018 20:35:44 +0000 Subject: [PATCH 32/46] Split routed-networks environment This allows the path-specific registry entries to be static and doesn't impose any requirements on where the environment containing parameters lives. The documentation is also updated, which required a newer version of sphinx to allow automatic references to headings. --- bin/environment-generator.py | 2 +- doc/source/conf.py | 2 ++ doc/source/deploy/environment-index.rst | 18 +++++++++++------ doc/source/deploy/quintupleo.rst | 19 +++++++++-------- environments/routed-networks.yaml | 20 ++++++------------ sample-env-generator/environments.yaml | 27 ++++++++++++++++--------- test-requirements.txt | 4 ++-- 7 files changed, 52 insertions(+), 40 deletions(-) diff --git a/bin/environment-generator.py b/bin/environment-generator.py index a9fa784..2baf518 100644 --- a/bin/environment-generator.py +++ b/bin/environment-generator.py @@ -87,7 +87,7 @@ def _generate_environment(input_env, parent_env=None): param_names = [] sample_values = env.get('sample_values', {}) static_names = env.get('static', []) - for template_file, template_data in env['files'].items(): + for template_file, template_data in env.get('files', {}).items(): with open(template_file) as f: f_data = yaml.safe_load(f) f_params = f_data['parameters'] diff --git a/doc/source/conf.py b/doc/source/conf.py index 3d1a592..46676d6 100644 --- a/doc/source/conf.py +++ b/doc/source/conf.py @@ -28,6 +28,7 @@ sys.path.insert(0, os.path.abspath('../../openstack_virtual_baremetal')) extensions = [ 'sphinx.ext.autodoc', 'sphinx.ext.intersphinx', + 'sphinx.ext.autosectionlabel', ] @@ -95,6 +96,7 @@ pygments_style = 'sphinx' # -- Options for HTML output --------------------------------------------------- +html_theme = 'sphinx_rtd_theme' html_static_path = [] # html_style = 'custom.css' templates_path = [] diff --git a/doc/source/deploy/environment-index.rst b/doc/source/deploy/environment-index.rst index 53653db..fc632fd 100644 --- a/doc/source/deploy/environment-index.rst +++ b/doc/source/deploy/environment-index.rst @@ -1,5 +1,3 @@ -.. _env-index: - Sample Environment Index ======================== @@ -138,7 +136,15 @@ Disable the Undercloud in a QuintupleO Stack instance. -.. _env-routed-networks-role: +Configuration for Routed Networks +--------------------------------- + +**File:** environments/routed-networks-configuration.yaml + +**Description:** Contains the available parameters that need to be configured when using +a routed networks environment. Requires the routed-networks.yaml +environment. + Base Role Configuration for Routed Networks ------------------------------------------- @@ -149,8 +155,6 @@ Base Role Configuration for Routed Networks deploying with routed networks. -.. _env-enable-routed-networks: - Enable Routed Networks ---------------------- @@ -159,7 +163,9 @@ Enable Routed Networks **Description:** Enable use of routed networks, where there may be multiple separate networks connected with a router and DHCP relay. Do not pass any other network configuration environments after this one or they may override -the changes made by this environment. +the changes made by this environment. When this environment is in use, +the routed-networks-configuration environment should usually be +included as well. Assign the Undercloud an Existing Floating IP diff --git a/doc/source/deploy/quintupleo.rst b/doc/source/deploy/quintupleo.rst index 4bf550f..b0d6477 100644 --- a/doc/source/deploy/quintupleo.rst +++ b/doc/source/deploy/quintupleo.rst @@ -168,18 +168,20 @@ OVB as well. #. When deploying QuintupleO with routed networks environment files to enable routed networks must be included, as well as one or more role environment - files. See :ref:`env-enable-routed-networks` and - :ref:`env-routed-networks-role` in the :ref:`env-index` for details. + files. See :ref:`Enable Routed Networks`, + :ref:`Configuration for Routed Networks`, and + :ref:`Base Role Configuration for Routed Networks` in the + :doc:`environment-index` for details. #. Copy the example env file and edit it to reflect the host environment:: cp environments/base.yaml env.yaml vi env.yaml -#. Copy the ``routed-networks.yaml`` sample environment file and edit it to - reflect the host environment:: +#. Copy the ``routed-networks-configuration.yaml`` sample environment file and + edit it to reflect the host environment:: - cp environments/routed-networks.yaml env-routed-networks.yaml + cp environments/routed-networks-configuration.yaml env-routed-networks.yaml vi env-routed-networks.yaml #. For each desired role, copy the ``routed-networks-role.yaml`` sample @@ -194,11 +196,12 @@ OVB as well. ./bin/deploy.py --env env.yaml \ --quintupleo \ --env environments/all-networks-port-security.yaml \ + --env environments/routed-networks.yaml \ --env env-routed-networks.yaml \ --role env-leaf1.yaml -#. When generateing the ``nodes.json`` file for TripleO undercloud node import - the environment ``env-routed.yaml`` should be specified. Also to include +#. When generating the ``nodes.json`` file for TripleO undercloud node import, + the environment ``env-routed.yaml`` should be specified. Also, to include physical network attributes of the node ports in ``nodes.json`` specify the ``--physical_network`` option when running ``build-nodes-json``. For example:: @@ -206,7 +209,7 @@ OVB as well. bin/build-nodes-json --physical_network The following is an example node definition produced when using the - ``--physical-network`` options. (Notice that ports are defined with both + ``--physical_network`` options. Notice that ports are defined with both ``address`` and ``physical_network`` attributes. :: diff --git a/environments/routed-networks.yaml b/environments/routed-networks.yaml index 0334433..b88c42e 100644 --- a/environments/routed-networks.yaml +++ b/environments/routed-networks.yaml @@ -9,18 +9,10 @@ # Enable use of routed networks, where there may be multiple separate # networks connected with a router and DHCP relay. Do not pass any other # network configuration environments after this one or they may override -# the changes made by this environment. -parameter_defaults: - # The Nova flavor to use for the dhcrelay instance - # Type: string - dhcp_relay_flavor: m1.small - - # The base image for the dhcrelay instance. A CentOS 7 image is currently - # the only one supported. - # Type: string - dhcp_relay_image: CentOS-7-x86_64-GenericCloud - +# the changes made by this environment. When this environment is in use, +# the routed-networks-configuration environment should usually be +# included as well. resource_registry: - OS::OVB::BaremetalNetworks: templates/baremetal-networks-routed.yaml - OS::OVB::DHCPRelay: templates/dhcp-relay.yaml - OS::OVB::UndercloudNetworks: templates/undercloud-networks-routed.yaml + OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-routed.yaml + OS::OVB::DHCPRelay: ../templates/dhcp-relay.yaml + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-routed.yaml diff --git a/sample-env-generator/environments.yaml b/sample-env-generator/environments.yaml index d20f648..ca5c145 100644 --- a/sample-env-generator/environments.yaml +++ b/sample-env-generator/environments.yaml @@ -222,6 +222,18 @@ environments: - bmc_use_cache sample_values: bmc_use_cache: True + - + name: routed-networks-configuration + title: Configuration for Routed Networks + description: | + Contains the available parameters that need to be configured when using + a routed networks environment. Requires the routed-networks.yaml + environment. + files: + templates/dhcp-relay.yaml: + parameters: + - dhcp_relay_flavor + - dhcp_relay_image - name: routed-networks title: Enable Routed Networks @@ -229,16 +241,13 @@ environments: Enable use of routed networks, where there may be multiple separate networks connected with a router and DHCP relay. Do not pass any other network configuration environments after this one or they may override - the changes made by this environment. - files: - templates/dhcp-relay.yaml: - parameters: - - dhcp_relay_flavor - - dhcp_relay_image + the changes made by this environment. When this environment is in use, + the routed-networks-configuration environment should usually be + included as well. resource_registry: - OS::OVB::UndercloudNetworks: templates/undercloud-networks-routed.yaml - OS::OVB::BaremetalNetworks: templates/baremetal-networks-routed.yaml - OS::OVB::DHCPRelay: templates/dhcp-relay.yaml + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-routed.yaml + OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-routed.yaml + OS::OVB::DHCPRelay: ../templates/dhcp-relay.yaml - name: routed-networks-role title: Base Role Configuration for Routed Networks diff --git a/test-requirements.txt b/test-requirements.txt index fa82139..6455919 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -7,5 +7,5 @@ testtools>=0.9.36,!=1.2.0 mock>=1.0 # docs -sphinx>=1.1.2,!=1.2.0,!=1.3b1,<1.3 -sphinx_rtd_theme==0.1.7 +sphinx>=1.6 +sphinx_rtd_theme From f6fee16b5aa80aeeb16f289d941caec7d0944bde Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Wed, 31 Oct 2018 20:46:29 +0000 Subject: [PATCH 33/46] Add routed-networks-configuration environment file Forgot to add the generated file in the previous commit. --- .../routed-networks-configuration.yaml | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 environments/routed-networks-configuration.yaml diff --git a/environments/routed-networks-configuration.yaml b/environments/routed-networks-configuration.yaml new file mode 100644 index 0000000..2171885 --- /dev/null +++ b/environments/routed-networks-configuration.yaml @@ -0,0 +1,21 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Configuration for Routed Networks +# description: | +# Contains the available parameters that need to be configured when using +# a routed networks environment. Requires the routed-networks.yaml +# environment. +parameter_defaults: + # The Nova flavor to use for the dhcrelay instance + # Type: string + dhcp_relay_flavor: m1.small + + # The base image for the dhcrelay instance. A CentOS 7 image is currently + # the only one supported. + # Type: string + dhcp_relay_image: CentOS-7-x86_64-GenericCloud + From 870a8483491c49152d6cfac5b4661819bcaeff84 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Wed, 31 Oct 2018 20:47:43 +0000 Subject: [PATCH 34/46] Add environment to enable public router Since the router for the public network is disabled by default, we should have an enablement environment so people don't have to manually add it to their env file. --- doc/source/deploy/environment-index.rst | 10 ++++++++++ environments/public-router.yaml | 13 +++++++++++++ sample-env-generator/environments.yaml | 9 +++++++++ 3 files changed, 32 insertions(+) create mode 100644 environments/public-router.yaml diff --git a/doc/source/deploy/environment-index.rst b/doc/source/deploy/environment-index.rst index fc632fd..eca7616 100644 --- a/doc/source/deploy/environment-index.rst +++ b/doc/source/deploy/environment-index.rst @@ -127,6 +127,16 @@ Deploy a Basic OVB Environment Using Neutron port-security allow OVB functionality in clouds with security groups enabled. +Public Network External Router +------------------------------ + +**File:** environments/public-router.yaml + +**Description:** Deploy a router that connects the public and external networks. This +allows the public network to be used as a gateway instead of routing all +traffic through the undercloud. + + Disable the Undercloud in a QuintupleO Stack -------------------------------------------- diff --git a/environments/public-router.yaml b/environments/public-router.yaml new file mode 100644 index 0000000..1879222 --- /dev/null +++ b/environments/public-router.yaml @@ -0,0 +1,13 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Public Network External Router +# description: | +# Deploy a router that connects the public and external networks. This +# allows the public network to be used as a gateway instead of routing all +# traffic through the undercloud. +resource_registry: + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-public-router.yaml diff --git a/sample-env-generator/environments.yaml b/sample-env-generator/environments.yaml index ca5c145..80086f7 100644 --- a/sample-env-generator/environments.yaml +++ b/sample-env-generator/environments.yaml @@ -277,4 +277,13 @@ environments: overcloud_storage_net: overcloud_storage2 overcloud_storage_mgmt_net: overcloud_storage_mgmt2 overcloud_tenant_net: overcloud_tenant2 + - + name: public-router + title: Public Network External Router + description: | + Deploy a router that connects the public and external networks. This + allows the public network to be used as a gateway instead of routing all + traffic through the undercloud. + resource_registry: + OS::OVB::UndercloudNetworks: ../templates/undercloud-networks-public-router.yaml From adef2029f662a03d8c0a4dd1b2474e68436e3e06 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Wed, 12 Dec 2018 20:24:42 +0000 Subject: [PATCH 35/46] Remove support for parameters section It hasn't been recommended to pass settings in via the parameters section for quite a while now, and in 2.0 let's remove it completely. This simplifies a lot of the logic around id and role processing. --- .../build_nodes_json.py | 11 +-- openstack_virtual_baremetal/deploy.py | 58 ++++-------- .../tests/test_build_nodes_json.py | 20 ----- .../tests/test_deploy.py | 89 ++++--------------- 4 files changed, 36 insertions(+), 142 deletions(-) diff --git a/openstack_virtual_baremetal/build_nodes_json.py b/openstack_virtual_baremetal/build_nodes_json.py index 6b7ced8..223798b 100755 --- a/openstack_virtual_baremetal/build_nodes_json.py +++ b/openstack_virtual_baremetal/build_nodes_json.py @@ -71,13 +71,6 @@ def _parse_args(): return args -def _get_from_env(env, name): - try: - return env['parameters'][name] - except KeyError: - return env['parameter_defaults'][name] - - def _get_names(args): if args.env is None: bmc_base = args.bmc_prefix @@ -87,8 +80,8 @@ def _get_names(args): else: with open(args.env) as f: e = yaml.safe_load(f) - bmc_base = _get_from_env(e, 'bmc_prefix') - baremetal_base = _get_from_env(e, 'baremetal_prefix') + bmc_base = e['parameter_defaults']['bmc_prefix'] + baremetal_base = e['parameter_defaults']['baremetal_prefix'] role = e.get('parameter_defaults', {}).get('role') if role and baremetal_base.endswith('-' + role): baremetal_base = baremetal_base[:-len(role) - 1] diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index a99446b..7b2b3fe 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -103,32 +103,16 @@ def _process_args(args): def _add_identifier(env_data, name, identifier, default=None): """Append identifier to the end of parameter name in env_data - Look for ``name`` in either the ``parameters`` or ``parameter_defaults`` - key of ``env_data`` and append '-``identifier``' to it. + Look for ``name`` in the ``parameter_defaults`` key of ``env_data`` and + append '-``identifier``' to it. """ - # We require both sections for id environments - if not env_data.get('parameters'): - env_data['parameters'] = {} - if not env_data.get('parameter_defaults'): - env_data['parameter_defaults'] = {} - parameter = False - try: - value = env_data['parameters'][name] - parameter = True - except KeyError: - value = env_data['parameter_defaults'].get(name) + value = env_data['parameter_defaults'].get(name) if value is None: value = default if value is None: raise RuntimeError('No base value found when adding id') if identifier: value = '%s-%s' % (value, identifier) - - # If it was passed in as a parameter we need to set it in the parameters - # section or it will be overridden by the original value. We can't always - # do that though because some parameters are not exposed at the top-level. - if parameter: - env_data['parameters'][name] = value env_data['parameter_defaults'][name] = value @@ -201,10 +185,7 @@ def _validate_env(args, env_paths): if not args.id: env_data = _build_env_data(env_paths) role = env_data.get('parameter_defaults', {}).get('role') - try: - prefix = env_data['parameters']['baremetal_prefix'] - except KeyError: - prefix = env_data['parameter_defaults']['baremetal_prefix'] + prefix = env_data['parameter_defaults']['baremetal_prefix'] if role and prefix.endswith('-' + role): raise RuntimeError('baremetal_prefix ends with role name. This ' 'will break build-nodes-json. Please choose ' @@ -312,15 +293,15 @@ def _process_role(role_file, base_envs, stack_name, args): allowed_registry_keys = ['OS::OVB::BaremetalPorts', 'OS::OVB::BMCPort', 'OS::OVB::UndercloudNetworks', ] + # NOTE(bnemec): Not sure what purpose this serves. Can probably be removed. role_env = role_data # resource_registry is intentionally omitted as it should not be inherited - for section in ['parameters', 'parameter_defaults']: - role_env.setdefault(section, {}).update({ - k: v for k, v in base_data.get(section, {}).items() - if k in inherited_keys and - (k not in role_env.get(section, {}) or - k not in allowed_parameter_keys) - }) + role_env.setdefault('parameter_defaults', {}).update({ + k: v for k, v in base_data.get('parameter_defaults', {}).items() + if k in inherited_keys and + (k not in role_env.get('parameter_defaults', {}) or + k not in allowed_parameter_keys) + }) # Most of the resource_registry should not be included in role envs. # Only allow specific entries that may be needed. role_env.setdefault('resource_registry', {}) @@ -333,24 +314,20 @@ def _process_role(role_file, base_envs, stack_name, args): if k not in role_reg and k in base_reg: role_reg[k] = base_reg[k] # We need to start with the unmodified prefix - try: - base_prefix = orig_data['parameters']['baremetal_prefix'] - except KeyError: - base_prefix = orig_data['parameter_defaults']['baremetal_prefix'] + base_prefix = orig_data['parameter_defaults']['baremetal_prefix'] # But we do need to add the id if one is in use if args.id: base_prefix += '-%s' % args.id - try: - bmc_prefix = base_data['parameters']['bmc_prefix'] - except KeyError: - bmc_prefix = base_data['parameter_defaults']['bmc_prefix'] + bmc_prefix = base_data['parameter_defaults']['bmc_prefix'] role = role_data['parameter_defaults']['role'] if '_' in role: raise RuntimeError('_ character not allowed in role name "%s".' % role) - role_env['parameters']['baremetal_prefix'] = '%s-%s' % (base_prefix, role) - role_env['parameters']['bmc_prefix'] = '%s-%s' % (bmc_prefix, role) + role_env['parameter_defaults']['baremetal_prefix'] = ('%s-%s' % + (base_prefix, role)) + role_env['parameter_defaults']['bmc_prefix'] = '%s-%s' % (bmc_prefix, role) # At this time roles are only attached to a single set of networks, so # we use just the primary network parameters. + def maybe_add_id(role_env, name, args): """Add id only if one is not already present @@ -364,6 +341,7 @@ def _process_role(role_file, base_envs, stack_name, args): not role_env['parameter_defaults'].get(name, '') .endswith('-' + args.id)): _add_identifier(role_env, name, args.id) + maybe_add_id(role_env, 'provision_net', args) maybe_add_id(role_env, 'overcloud_internal_net', args) maybe_add_id(role_env, 'overcloud_storage_net', args) diff --git a/openstack_virtual_baremetal/tests/test_build_nodes_json.py b/openstack_virtual_baremetal/tests/test_build_nodes_json.py index bcf30b0..7bf636a 100644 --- a/openstack_virtual_baremetal/tests/test_build_nodes_json.py +++ b/openstack_virtual_baremetal/tests/test_build_nodes_json.py @@ -89,26 +89,6 @@ class TestBuildNodesJson(testtools.TestCase): self.assertEqual('baremetal-foo', baremetal_base) self.assertEqual('undercloud', undercloud_name) - @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', - create=True) - @mock.patch('yaml.safe_load') - def test_get_names_old_env(self, mock_load, mock_open): - args = mock.Mock() - args.env = 'foo.yaml' - args.add_undercloud = False - mock_env = { - 'parameters': { - 'bmc_prefix': 'bmc-foo', - 'baremetal_prefix': 'baremetal-foo', - }, - } - mock_load.return_value = mock_env - bmc_base, baremetal_base, undercloud_name = ( - build_nodes_json._get_names(args)) - self.assertEqual('bmc-foo', bmc_base) - self.assertEqual('baremetal-foo', baremetal_base) - self.assertIsNone(undercloud_name) - @mock.patch('openstack_virtual_baremetal.build_nodes_json.open', create=True) @mock.patch('yaml.safe_load') diff --git a/openstack_virtual_baremetal/tests/test_deploy.py b/openstack_virtual_baremetal/tests/test_deploy.py index 204b8e3..56a9cf0 100755 --- a/openstack_virtual_baremetal/tests/test_deploy.py +++ b/openstack_virtual_baremetal/tests/test_deploy.py @@ -89,14 +89,13 @@ class TestProcessArgs(unittest.TestCase): self.assertRaises(ValueError, deploy._process_args, mock_args) -test_env = u"""parameters: +test_env = u"""parameter_defaults: provision_net: provision public_net: public baremetal_prefix: baremetal bmc_prefix: bmc """ -test_env_param_defaults = u""" -parameter_defaults: +test_env_extra = u""" overcloud_internal_net: internalapi role: '' """ @@ -115,21 +114,13 @@ test_env_output = { class TestIdEnv(unittest.TestCase): def test_add_identifier(self): - env_data = {'parameters': {'foo': 'bar'}} - deploy._add_identifier(env_data, 'foo', 'baz') - self.assertEqual('bar-baz', env_data['parameters']['foo']) - self.assertEqual('bar-baz', env_data['parameter_defaults']['foo']) - - def test_add_identifier_defaults(self): env_data = {'parameter_defaults': {'foo': 'bar'}} deploy._add_identifier(env_data, 'foo', 'baz') - self.assertNotIn('foo', env_data['parameters']) self.assertEqual('bar-baz', env_data['parameter_defaults']['foo']) def test_add_identifier_different_section(self): env_data = {'parameter_defaults': {'foo': 'bar'}} deploy._add_identifier(env_data, 'foo', 'baz') - self.assertNotIn('foo', env_data['parameters']) self.assertEqual('bar-baz', env_data['parameter_defaults']['foo']) @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') @@ -138,14 +129,11 @@ class TestIdEnv(unittest.TestCase): mock_args = mock.Mock() mock_args.id = 'foo' mock_args.env = ['foo.yaml'] - env = test_env + 'parameter_defaults:' - mock_bed.return_value = yaml.safe_load(env) + mock_bed.return_value = yaml.safe_load(test_env) path = deploy._generate_id_env(mock_args) self.assertEqual(['foo.yaml', 'env-foo.yaml'], path) dumped_dict = mock_safe_dump.call_args_list[0][0][0] for k, v in test_env_output.items(): - if k in mock_bed.return_value['parameters']: - self.assertEqual(v, dumped_dict['parameters'][k]) self.assertEqual(v, dumped_dict['parameter_defaults'][k]) @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') @@ -154,7 +142,7 @@ class TestIdEnv(unittest.TestCase): mock_args = mock.Mock() mock_args.id = 'foo' mock_args.env = ['foo.yaml'] - env = (test_env + test_env_param_defaults + + env = (test_env + test_env_extra + ' undercloud_name: test-undercloud\n') mock_bed.return_value = yaml.safe_load(env) env_output = dict(test_env_output) @@ -164,8 +152,6 @@ class TestIdEnv(unittest.TestCase): self.assertEqual(['foo.yaml', 'env-foo.yaml'], path) dumped_dict = mock_safe_dump.call_args_list[0][0][0] for k, v in env_output.items(): - if k in mock_bed.return_value['parameters']: - self.assertEqual(v, dumped_dict['parameters'][k]) self.assertEqual(v, dumped_dict['parameter_defaults'][k]) @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') @@ -174,7 +160,7 @@ class TestIdEnv(unittest.TestCase): mock_args = mock.Mock() mock_args.id = 'foo' mock_args.env = ['foo.yaml'] - env = (test_env + test_env_param_defaults) + env = (test_env + test_env_extra) mock_bed.return_value = yaml.safe_load(env) mock_bed.return_value['parameter_defaults']['role'] = 'compute' env_output = dict(test_env_output) @@ -184,8 +170,6 @@ class TestIdEnv(unittest.TestCase): self.assertEqual(['foo.yaml', 'env-foo.yaml'], path) dumped_dict = mock_safe_dump.call_args_list[0][0][0] for k, v in env_output.items(): - if k in mock_bed.return_value['parameters']: - self.assertEqual(v, dumped_dict['parameters'][k]) self.assertEqual(v, dumped_dict['parameter_defaults'][k]) @@ -200,8 +184,6 @@ role_base_data = { 'public_net': 'public-foo', 'private_net': 'private', 'role': 'control', - }, - 'parameters': { 'os_user': 'admin', 'key_name': 'default', 'undercloud_name': 'undercloud-foo', @@ -229,10 +211,9 @@ role_base_data = { role_specific_data = { 'parameter_defaults': { 'role': 'compute', - }, - 'parameters': { 'key_name': 'default', 'baremetal_flavor': 'baremetal', + 'baremetal_image': 'centos', 'bmc_image': 'bmc-base', 'bmc_prefix': 'bmc', 'node_count': 2, @@ -250,8 +231,6 @@ role_original_data = { 'public_net': 'public', 'private_net': 'private', 'provision_net': 'provision', - }, - 'parameters': { 'os_user': 'admin', 'key_name': 'default', 'undercloud_name': 'undercloud', @@ -288,8 +267,8 @@ class TestDeploy(testtools.TestCase): template_files, template ) env_files = {'templates/resource_registry.yaml': {'bar': 'baz'}, - 'env.yaml': {'parameters': {}}} - env = {'parameters': {}} + 'env.yaml': {'parameter_defaults': {}}} + env = {'parameter_defaults': {}} mock_tu.process_multiple_environments_and_files.return_value = ( env_files, env ) @@ -393,11 +372,10 @@ class TestDeploy(testtools.TestCase): output = mock_write.call_args[0][0] # These values are computed in _process_role self.assertEqual('baremetal-foo-compute', - output['parameters']['baremetal_prefix']) + output['parameter_defaults']['baremetal_prefix']) self.assertEqual('bmc-foo-compute', - output['parameters']['bmc_prefix']) + output['parameter_defaults']['bmc_prefix']) # These should be inherited - self.assertEqual('ipxe-boot', output['parameters']['baremetal_image']) self.assertEqual('tenant-' + args.id, output['parameter_defaults']['overcloud_tenant_net']) self.assertEqual('internal-' + args.id, @@ -408,6 +386,9 @@ class TestDeploy(testtools.TestCase): self.assertEqual('storage_mgmt-' + args.id, output['parameter_defaults'][ 'overcloud_storage_mgmt_net']) + # This parameter should be overrideable + self.assertEqual('centos', + output['parameter_defaults']['baremetal_image']) # This should not be present in a role env, even if set in the file self.assertNotIn('OS::OVB::BaremetalNetworks', output['resource_registry']) @@ -419,39 +400,6 @@ class TestDeploy(testtools.TestCase): self.assertEqual('templates/bmc-port-port-security.yaml', output['resource_registry']['OS::OVB::BMCPort']) - @mock.patch('openstack_virtual_baremetal.deploy._write_role_file') - @mock.patch('openstack_virtual_baremetal.deploy._load_role_data') - def test_process_role_param_defaults(self, mock_load, mock_write): - def move_params_to_param_defaults(d): - data = copy.deepcopy(d) - for k, v in data['parameters'].items(): - data['parameter_defaults'][k] = v - data.pop('parameters', None) - return data - - pd_base_data = move_params_to_param_defaults(role_base_data) - pd_specific_data = move_params_to_param_defaults(role_specific_data) - pd_original_data = move_params_to_param_defaults(role_original_data) - pd_specific_data['parameter_defaults']['baremetal_image'] = 'centos' - mock_load.return_value = (pd_base_data, pd_specific_data, - pd_original_data) - args = mock.Mock() - args.id = 'foo' - role_file, role = deploy._process_role('foo-compute.yaml', 'foo.yaml', - 'foo', args) - mock_load.assert_called_once_with('foo.yaml', 'foo-compute.yaml', args) - self.assertEqual('env-foo-compute.yaml', role_file) - self.assertEqual('compute', role) - output = mock_write.call_args[0][0] - # These values are computed in _process_role - self.assertEqual('baremetal-foo-compute', - output['parameters']['baremetal_prefix']) - self.assertEqual('bmc-foo-compute', - output['parameters']['bmc_prefix']) - # This parameter should be inherited (as tested above) but overrideable - self.assertEqual('centos', - output['parameter_defaults']['baremetal_image']) - @mock.patch('openstack_virtual_baremetal.deploy._load_role_data') def test_process_role_invalid_name(self, mock_load): bad_role_specific_data = copy.deepcopy(role_specific_data) @@ -484,10 +432,10 @@ class TestDeploy(testtools.TestCase): deploy._deploy_roles('foo', args, 'foo.yaml') mock_process.assert_not_called() - def _test_validate_env_ends_with_profile(self, mock_id, mock_bed, - section='parameters'): + def _test_validate_env_ends_with_profile(self, mock_id, mock_bed): test_env = dict(role_original_data) - test_env[section]['baremetal_prefix'] = 'baremetal-control' + test_env['parameter_defaults']['baremetal_prefix'] = ( + 'baremetal-control') mock_bed.return_value = test_env args = mock.Mock() args.id = mock_id @@ -501,11 +449,6 @@ class TestDeploy(testtools.TestCase): def test_validate_env_fails(self, mock_bed): self._test_validate_env_ends_with_profile(None, mock_bed) - @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') - def test_validate_env_fails_param_defaults(self, mock_bed): - self._test_validate_env_ends_with_profile(None, mock_bed, - 'parameter_defaults') - @mock.patch('openstack_virtual_baremetal.deploy._build_env_data') def test_validate_env_with_id(self, mock_bed): self._test_validate_env_ends_with_profile('foo', mock_bed) From c655b38624cba0912e5359026af0a39ac658e6d9 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Wed, 12 Dec 2018 20:36:23 +0000 Subject: [PATCH 36/46] Remove deprecated options from openstackbmc These have been deprecated for over a year now and can be safely removed in 2.0. --- openstack_virtual_baremetal/openstackbmc.py | 109 +---------- .../tests/test_openstackbmc.py | 177 +----------------- 2 files changed, 8 insertions(+), 278 deletions(-) diff --git a/openstack_virtual_baremetal/openstackbmc.py b/openstack_virtual_baremetal/openstackbmc.py index 1cbe0e8..4818eab 100755 --- a/openstack_virtual_baremetal/openstackbmc.py +++ b/openstack_virtual_baremetal/openstackbmc.py @@ -31,60 +31,18 @@ import time import novaclient as nc from novaclient import client as novaclient from novaclient import exceptions -try: - import os_client_config -except ImportError: - os_client_config = None +import os_client_config import pyghmi.ipmi.bmc as bmc -NO_OCC_DEPRECATION = ('WARNING: Creating novaclient without os-client-config ' - 'is deprecated. Please install os-client-config on the ' - 'BMC image.') - - class OpenStackBmc(bmc.Bmc): - def __init__(self, authdata, port, address, instance, user, password, - tenant, auth_url, project, user_domain, project_domain, - cache_status, os_cloud): + def __init__(self, authdata, port, address, instance, cache_status, + os_cloud): super(OpenStackBmc, self).__init__(authdata, port=port, address=address) - if os_client_config: - if user: - # NOTE(bnemec): This is deprecated. clouds.yaml is a much - # more robust way to specify auth details. - kwargs = dict(os_username=user, - os_password=password, - os_project_name=tenant, - os_auth_url=auth_url, - os_user_domain=user_domain, - os_project_domain=project_domain) - self.novaclient = os_client_config.make_client('compute', - **kwargs) - else: - self.novaclient = os_client_config.make_client('compute', - cloud=os_cloud) - else: - # NOTE(bnemec): This path was deprecated 2017-7-17 - self.log(NO_OCC_DEPRECATION) - if '/v3' not in auth_url: - # novaclient 7+ is backwards-incompatible :-( - if int(nc.__version__[0]) <= 6: - self.novaclient = novaclient.Client(2, user, password, - tenant, auth_url) - else: - self.novaclient = novaclient.Client(2, user, password, - auth_url=auth_url, - project_name=tenant) - else: - self.novaclient = novaclient.Client( - 2, user, password, - auth_url=auth_url, - project_name=project, - user_domain_name=user_domain, - project_domain_name=project_domain - ) + self.novaclient = os_client_config.make_client('compute', + cloud=os_cloud) self.instance = None self.cache_status = cache_status self.cached_status = None @@ -234,55 +192,6 @@ def main(): required=True, help='The uuid or name of the OpenStack instance ' 'to manage') - parser.add_argument('--os-user', - dest='user', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The user for connecting to OpenStack') - parser.add_argument('--os-password', - dest='password', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The password for connecting to OpenStack') - parser.add_argument('--os-tenant', - dest='tenant', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The tenant for connecting to OpenStack') - parser.add_argument('--os-auth-url', - dest='auth_url', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The OpenStack Keystone auth url') - parser.add_argument('--os-project', - dest='project', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The project for connecting to OpenStack') - parser.add_argument('--os-user-domain', - dest='user_domain', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The user domain for connecting to OpenStack') - parser.add_argument('--os-project-domain', - dest='project_domain', - required=False, - default='', - help='DEPRECATED: Use --os-cloud to specify auth ' - 'details. ' - 'The project domain for connecting to OpenStack') parser.add_argument('--cache-status', dest='cache_status', default=False, @@ -293,7 +202,6 @@ def main(): 'it may become out of sync.') parser.add_argument('--os-cloud', dest='os_cloud', - required=False, default=os.environ.get('OS_CLOUD'), help='Use the specified cloud from clouds.yaml. ' 'Defaults to the OS_CLOUD environment variable.') @@ -306,13 +214,6 @@ def main(): mybmc = OpenStackBmc({'admin': 'password'}, port=args.port, address=addr_format % args.address, instance=args.instance, - user=args.user, - password=args.password, - tenant=args.tenant, - auth_url=args.auth_url, - project=args.project, - user_domain=args.user_domain, - project_domain=args.project_domain, cache_status=args.cache_status, os_cloud=args.os_cloud) mybmc.listen() diff --git a/openstack_virtual_baremetal/tests/test_openstackbmc.py b/openstack_virtual_baremetal/tests/test_openstackbmc.py index 8ca3473..33d1420 100755 --- a/openstack_virtual_baremetal/tests/test_openstackbmc.py +++ b/openstack_virtual_baremetal/tests/test_openstackbmc.py @@ -23,105 +23,6 @@ import testtools from openstack_virtual_baremetal import openstackbmc -@mock.patch('openstack_virtual_baremetal.openstackbmc.OpenStackBmc.' - 'log') -@mock.patch('pyghmi.ipmi.bmc.Bmc.__init__') -@mock.patch('novaclient.client.Client') -@mock.patch('openstack_virtual_baremetal.openstackbmc.OpenStackBmc.' - '_find_instance') -class TestOpenStackBmcInitDeprecated(unittest.TestCase): - def _test_init(self, mock_find_instance, mock_nova, mock_bmc_init, - mock_log, old_nova=True): - mock_client = mock.Mock() - mock_server = mock.Mock() - mock_server.name = 'foo-instance' - mock_client.servers.get.return_value = mock_server - mock_nova.return_value = mock_client - mock_find_instance.return_value = 'abc-123' - bmc = openstackbmc.OpenStackBmc(authdata={'admin': 'password'}, - port=623, - address='::ffff:127.0.0.1', - instance='foo', - user='admin', - password='password', - tenant='admin', - auth_url='http://keystone:5000', - project='', - user_domain='', - project_domain='', - cache_status=False, - os_cloud=None - ) - if old_nova: - mock_nova.assert_called_once_with(2, 'admin', 'password', 'admin', - 'http://keystone:5000') - else: - mock_nova.assert_called_once_with(2, 'admin', 'password', - auth_url='http://keystone:5000', - project_name='admin') - mock_find_instance.assert_called_once_with('foo') - self.assertEqual('abc-123', bmc.instance) - mock_client.servers.get.assert_called_once_with('abc-123') - self.assertEqual([mock.call(openstackbmc.NO_OCC_DEPRECATION), - mock.call('Managing instance: %s UUID: %s' % - ('foo-instance', 'abc-123'))], - mock_log.mock_calls) - - @mock.patch('openstack_virtual_baremetal.openstackbmc.os_client_config', - None) - @mock.patch('openstack_virtual_baremetal.openstackbmc.nc.__version__', - ('6', '0', '0')) - def test_init_6(self, mock_find_instance, mock_nova, mock_bmc_init, - mock_log): - self._test_init(mock_find_instance, mock_nova, mock_bmc_init, mock_log) - - @mock.patch('openstack_virtual_baremetal.openstackbmc.os_client_config', - None) - @mock.patch('openstack_virtual_baremetal.openstackbmc.nc.__version__', - ('7', '0', '0')) - def test_init_7(self, mock_find_instance, mock_nova, mock_bmc_init, - mock_log): - self._test_init(mock_find_instance, mock_nova, mock_bmc_init, mock_log, - old_nova=False) - - @mock.patch('openstack_virtual_baremetal.openstackbmc.os_client_config', - None) - def test_init_v3(self, mock_find_instance, mock_nova, mock_bmc_init, - mock_log, old_nova=True): - mock_client = mock.Mock() - mock_server = mock.Mock() - mock_server.name = 'foo-instance' - mock_client.servers.get.return_value = mock_server - mock_nova.return_value = mock_client - mock_find_instance.return_value = 'abc-123' - bmc = openstackbmc.OpenStackBmc(authdata={'admin': 'password'}, - port=623, - address='::ffff:127.0.0.1', - instance='foo', - user='admin', - password='password', - tenant='', - auth_url='http://keystone:5000/v3', - project='admin', - user_domain='default', - project_domain='default', - cache_status=False, - os_cloud=None - ) - mock_nova.assert_called_once_with(2, 'admin', 'password', - auth_url='http://keystone:5000/v3', - project_name='admin', - user_domain_name='default', - project_domain_name='default') - mock_find_instance.assert_called_once_with('foo') - self.assertEqual('abc-123', bmc.instance) - mock_client.servers.get.assert_called_once_with('abc-123') - self.assertEqual([mock.call(openstackbmc.NO_OCC_DEPRECATION), - mock.call('Managing instance: %s UUID: %s' % - ('foo-instance', 'abc-123'))], - mock_log.mock_calls) - - @mock.patch('openstack_virtual_baremetal.openstackbmc.OpenStackBmc.' 'log') @mock.patch('pyghmi.ipmi.bmc.Bmc.__init__') @@ -129,43 +30,6 @@ class TestOpenStackBmcInitDeprecated(unittest.TestCase): '_find_instance') @mock.patch('os_client_config.make_client') class TestOpenStackBmcInit(testtools.TestCase): - def test_init_os_client_config(self, mock_make_client, mock_find_instance, - mock_bmc_init, mock_log): - mock_client = mock.Mock() - mock_server = mock.Mock() - mock_server.name = 'foo-instance' - mock_client.servers.get.return_value = mock_server - mock_make_client.return_value = mock_client - mock_find_instance.return_value = 'abc-123' - bmc = openstackbmc.OpenStackBmc(authdata={'admin': 'password'}, - port=623, - address='::ffff:127.0.0.1', - instance='foo', - user='admin', - password='password', - tenant='admin', - auth_url='http://keystone:5000', - project='', - user_domain='', - project_domain='', - cache_status=False, - os_cloud=None - ) - - mock_make_client.assert_called_once_with( - 'compute', - os_auth_url='http://keystone:5000', - os_password='password', - os_project_domain='', - os_project_name='admin', - os_user_domain='', - os_username='admin') - mock_find_instance.assert_called_once_with('foo') - self.assertEqual('abc-123', bmc.instance) - mock_client.servers.get.assert_called_once_with('abc-123') - mock_log.assert_called_once_with('Managing instance: %s UUID: %s' % - ('foo-instance', 'abc-123')) - def test_init_os_cloud(self, mock_make_client, mock_find_instance, mock_bmc_init, mock_log): mock_client = mock.Mock() @@ -178,13 +42,6 @@ class TestOpenStackBmcInit(testtools.TestCase): port=623, address='::ffff:127.0.0.1', instance='foo', - user='', - password='', - tenant='', - auth_url='', - project='', - user_domain='', - project_domain='', cache_status=False, os_cloud='bar' ) @@ -210,13 +67,6 @@ class TestOpenStackBmcInit(testtools.TestCase): port=623, address='::ffff:127.0.0.1', instance='foo', - user='', - password='', - tenant='', - auth_url='', - project='', - user_domain='', - project_domain='', cache_status=False, os_cloud='foo' ) @@ -246,15 +96,8 @@ class TestOpenStackBmc(unittest.TestCase): port=623, address='::ffff:127.0.0.1', instance='foo', - user='admin', - password='password', - tenant='admin', - auth_url='http://keystone:5000', - project='', - user_domain='', - project_domain='', cache_status=False, - os_cloud=None + os_cloud='bar' ) self.bmc.novaclient = self.mock_client self.bmc.instance = 'abc-123' @@ -462,13 +305,6 @@ class TestMain(unittest.TestCase): port=111, address='::ffff:1.2.3.4', instance='foobar', - user='', - password='', - tenant='', - auth_url='', - project='', - user_domain='', - project_domain='', cache_status=False, os_cloud='foo' ) @@ -479,21 +315,14 @@ class TestMain(unittest.TestCase): mock_instance = mock.Mock() mock_bmc.return_value = mock_instance mock_argv = ['openstackbmc', '--port', '111', - '--instance', 'foobar'] + '--instance', 'foobar', '--os-cloud', 'bar'] with mock.patch.object(sys, 'argv', mock_argv): openstackbmc.main() mock_bmc.assert_called_once_with({'admin': 'password'}, port=111, address='::', instance='foobar', - user='', - password='', - tenant='', - auth_url='', - project='', - user_domain='', - project_domain='', cache_status=False, - os_cloud=None + os_cloud='bar' ) mock_instance.listen.assert_called_once_with() From 4fd992b155e1b6b67f8e894da4f790c1676133db Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Wed, 12 Dec 2018 21:05:21 +0000 Subject: [PATCH 37/46] Remove old example env file This hasn't been recommended as a deployment method for a while and it won't work in OVB 2.0. --- templates/env.yaml.example | 59 -------------------------------------- 1 file changed, 59 deletions(-) delete mode 100644 templates/env.yaml.example diff --git a/templates/env.yaml.example b/templates/env.yaml.example deleted file mode 100644 index 55c46d2..0000000 --- a/templates/env.yaml.example +++ /dev/null @@ -1,59 +0,0 @@ -# DEPRECATED: This sample environment file has been replaced by the one in -# environments/base.yaml and the other sample environments in that directory. -# This file should not be used for new OVB deployments. - -parameters: - bmc_flavor: bmc - bmc_image: CentOS-7-x86_64-GenericCloud - baremetal_flavor: baremetal - baremetal_image: ipxe-boot - key_name: default - private_net: private - bmc_prefix: bmc - baremetal_prefix: baremetal - node_count: 2 - public_net: public - provision_net: provision - # QuintupleO-specific params ignored by virtual-baremetal.yaml - undercloud_name: undercloud - undercloud_image: CentOS-7-x86_64-GenericCloud - undercloud_flavor: m1.xlarge - external_net: external - public_net_shared: false - provision_net_shared: false - -#parameter_defaults: - # Set a default role for the nodes in this environment. This parameter is - # ignored by Heat, but used by build-nodes-json. - #role: control - -## Uncomment and customize the following to use an existing floating ip -# undercloud_floating_ip_id: 'uuid of floating ip' -# undercloud_floating_ip: 'address of floating ip' - -#resource_registry: -## Uncomment the following to use an existing floating ip -# OS::OVB::UndercloudFloating: templates/undercloud-floating-existing.yaml - -## Uncomment the following to use no floating ip -# OS::OVB::UndercloudFloating: templates/undercloud-floating-none.yaml - -## Uncomment the following to create a private network -# OS::OVB::PrivateNetwork: templates/private-net-create.yaml - -## Uncomment to create all networks required for network-isolation. -## parameter_defaults should be used to override default parameter values -## in baremetal-networks-all.yaml -# OS::OVB::BaremetalNetworks: templates/baremetal-networks-all.yaml -# OS::OVB::BaremetalPorts: templates/baremetal-ports-all.yaml - -## Uncomment to use the neutron port-security extension to allow DHCP from -## the undercloud to overcloud nodes. There are *-port-security.yaml versions -## of all the standard port resource templates. The examples below are to use -## port-security with a minimal deployment (i.e. no network isolation). -# OS::OVB::BaremetalPorts: templates/baremetal-ports-default-port-security.yaml -# OS::OVB::BMCPort: templates/bmc-port-port-security.yaml -# OS::OVB::UndercloudPorts: templates/undercloud-ports-port-security.yaml - -## Uncomment to deploy a quintupleo environment without an undercloud. -# OS::OVB::UndercloudEnvironment: OS::Heat::None From 247c2d02d24b311bbba6c2ae63720cb85be86daf Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Wed, 12 Dec 2018 20:48:06 +0000 Subject: [PATCH 38/46] Remove non-port-security templates OVB 2.0 won't support clouds that lack the port-security extension, so these are no longer needed. --- bin/test-job | 6 +- bin/test-job-v2 | 2 +- doc/source/deploy/baremetal.rst | 3 +- doc/source/deploy/environment-index.rst | 33 ----- doc/source/deploy/quintupleo.rst | 25 +--- doc/source/host-cloud/configuration.rst | 18 +-- doc/source/host-cloud/setup.rst | 3 - doc/source/troubleshooting.rst | 15 +- doc/source/usage/usage.rst | 9 +- environments/all-networks-port-security.yaml | 54 -------- ...ll-networks-public-bond-port-security.yaml | 56 -------- environments/base-extra-node.yaml | 2 +- environments/port-security.yaml | 14 -- .../tests/test_deploy.py | 6 +- sample-env-generator/environments.yaml | 40 +----- .../baremetal-ports-all-port-security.yaml | 115 ---------------- templates/baremetal-ports-all.yaml | 8 +- ...baremetal-ports-default-port-security.yaml | 30 ---- templates/baremetal-ports-default.yaml | 3 +- ...ml => baremetal-ports-extra-node-all.yaml} | 0 ...ml => baremetal-ports-extra-node-fip.yaml} | 0 ...y.yaml => baremetal-ports-extra-node.yaml} | 0 ...metal-ports-public-bond-port-security.yaml | 128 ------------------ templates/baremetal-ports-public-bond.yaml | 9 +- templates/bmc-port-port-security.yaml | 29 ---- templates/bmc-port.yaml | 3 +- templates/undercloud-ports-port-security.yaml | 72 ---------- templates/undercloud-ports.yaml | 4 +- 28 files changed, 49 insertions(+), 638 deletions(-) delete mode 100644 environments/all-networks-port-security.yaml delete mode 100644 environments/all-networks-public-bond-port-security.yaml delete mode 100644 environments/port-security.yaml delete mode 100644 templates/baremetal-ports-all-port-security.yaml delete mode 100644 templates/baremetal-ports-default-port-security.yaml rename templates/{baremetal-ports-extra-node-port-security-all.yaml => baremetal-ports-extra-node-all.yaml} (100%) rename templates/{baremetal-ports-extra-node-fip-port-security.yaml => baremetal-ports-extra-node-fip.yaml} (100%) rename templates/{baremetal-ports-extra-node-port-security.yaml => baremetal-ports-extra-node.yaml} (100%) delete mode 100644 templates/baremetal-ports-public-bond-port-security.yaml delete mode 100644 templates/bmc-port-port-security.yaml delete mode 100644 templates/undercloud-ports-port-security.yaml diff --git a/bin/test-job b/bin/test-job index 840d6ae..aef6216 100755 --- a/bin/test-job +++ b/bin/test-job @@ -49,9 +49,9 @@ then fi echo 'resource_registry:' >> env.yaml echo ' OS::OVB::UndercloudFloating: templates/undercloud-floating.yaml' >> env.yaml -echo ' OS::OVB::BaremetalPorts: templates/baremetal-ports-default-port-security.yaml' >> env.yaml -echo ' OS::OVB::BMCPort: templates/bmc-port-port-security.yaml' >> env.yaml -echo ' OS::OVB::UndercloudPorts: templates/undercloud-ports-port-security.yaml' >> env.yaml +echo ' OS::OVB::BaremetalPorts: templates/baremetal-ports-default.yaml' >> env.yaml +echo ' OS::OVB::BMCPort: templates/bmc-port.yaml' >> env.yaml +echo ' OS::OVB::UndercloudPorts: templates/undercloud-ports.yaml' >> env.yaml echo ' OS::OVB::PrivateNetwork: templates/private-net-create.yaml' >> env.yaml cp -r $BIN_DIR ./bin diff --git a/bin/test-job-v2 b/bin/test-job-v2 index e7fa6e3..0e6d3c9 100755 --- a/bin/test-job-v2 +++ b/bin/test-job-v2 @@ -52,7 +52,7 @@ fi cp -r $BIN_DIR ./bin cp -r $BIN_DIR/../openstack_virtual_baremetal . STACK_NAME=$MY_ID -$BIN_DIR/deploy.py --quintupleo --id $MY_ID --name $STACK_NAME --poll -e env.yaml -e environments/create-private-network.yaml -e environments/all-networks-port-security.yaml +$BIN_DIR/deploy.py --quintupleo --id $MY_ID --name $STACK_NAME --poll -e env.yaml -e environments/create-private-network.yaml -e environments/all-networks.yaml UNDERCLOUD_IP=$(heat output-show $STACK_NAME undercloud_host_floating_ip | sed -e 's/"//g') bin/build-nodes-json --env env-$MY_ID.yaml --driver ipmi SSH_OPTS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=Verbose -o PasswordAuthentication=no -o ConnectionAttempts=32 " diff --git a/doc/source/deploy/baremetal.rst b/doc/source/deploy/baremetal.rst index 0ce9ac7..7c8f0f5 100644 --- a/doc/source/deploy/baremetal.rst +++ b/doc/source/deploy/baremetal.rst @@ -94,8 +94,7 @@ method, which creates most of the resources needed automatically. neutron port-list neutron floatingip-associate [floatingip uuid] [undercloud instance port id] -#. (Optional) If not using the Noop firewall driver, turn off port-security on - the undercloud provisioning port:: +#. Turn off port-security on the undercloud provisioning port:: neutron port-update [UUID of undercloud port on the provision network] --no-security-groups --port-security-enabled=False diff --git a/doc/source/deploy/environment-index.rst b/doc/source/deploy/environment-index.rst index eca7616..99c8c0f 100644 --- a/doc/source/deploy/environment-index.rst +++ b/doc/source/deploy/environment-index.rst @@ -1,30 +1,6 @@ Sample Environment Index ======================== -Deploy with All Networks Enabled --------------------------------- - -**File:** environments/all-networks-port-security.yaml - -**Description:** Deploy an OVB stack that adds interfaces for all the standard TripleO -network isolation networks. This version uses the port-security -Neutron extension to allow OVB to be run on clouds with security -groups enabled. - - -Deploy with All Networks Enabled and Two Public Interfaces ----------------------------------------------------------- - -**File:** environments/all-networks-public-bond-port-security.yaml - -**Description:** Deploy an OVB stack that adds interfaces for all the standard TripleO -network isolation networks. This version will deploy duplicate -public network interfaces on the baremetal instances so that the -public network can be configured as a bond. It will also use the -port-security Neutron extension to allow OVB to be run on clouds with -security groups enabled. - - Deploy with All Networks Enabled and Two Public Interfaces ---------------------------------------------------------- @@ -118,15 +94,6 @@ Create a Private Network existing one. -Deploy a Basic OVB Environment Using Neutron port-security ----------------------------------------------------------- - -**File:** environments/port-security.yaml - -**Description:** Deploy an OVB stack that uses the Neutron port-security extension to -allow OVB functionality in clouds with security groups enabled. - - Public Network External Router ------------------------------ diff --git a/doc/source/deploy/quintupleo.rst b/doc/source/deploy/quintupleo.rst index b0d6477..6994fe0 100644 --- a/doc/source/deploy/quintupleo.rst +++ b/doc/source/deploy/quintupleo.rst @@ -19,7 +19,7 @@ however. with some older clouds. See below for details on customizing an OVB deployment for your particular situation:: - bin/deploy.py --quintupleo -e env.yaml -e environments/all-networks-port-security.yaml -e environments/create-private-network.yaml + bin/deploy.py --quintupleo -e env.yaml -e environments/all-networks.yaml -e environments/create-private-network.yaml .. note:: There is a quintupleo-specific option ``--id`` in deploy.py. It appends the value passed in to the name of all resources @@ -97,10 +97,10 @@ There are also a number of advanced options that can be enabled for a QuintupleO deployment. For each such option there is a sample environment to be passed to the deploy command. -For example, to deploy using the Neutron port-security extension to allow -DHCP and PXE booting, the following command could be used:: +For example, to deploy all networks needed for TripleO network isolation, the +following command could be used:: - bin/deploy.py --quintupleo -e env.yaml -e environments/port-security.yaml + bin/deploy.py --quintupleo -e env.yaml -e environments/all-networks.yaml .. important:: When deploying with multiple environment files, ``env.yaml`` *must* be explicitly passed to the deploy command. @@ -110,7 +110,7 @@ DHCP and PXE booting, the following command could be used:: Some options may have additional configuration parameters. These parameters will be listed in the environment file. -A full list of the option environments available can be found at +A full list of the environments available can be found at :doc:`environment-index`. Network Isolation @@ -144,19 +144,6 @@ Three primary networking layouts are included: OVB environment. The ``bond-*`` overcloud templates must be used with this type of environment. -Each of the networking layouts has two variations: with and without the use of -Neutron's port-security extension. The reason for this is that older releases -of OpenStack did not support port-security, so those templates cannot be used. -However, use of the port-security extension allows OVB to work on a much larger -number of clouds because it does not require insecure Neutron settings. - -While the port-security extension existed as far back as the Liberty release, -it has only been successfully tested with OVB on Newton and above. - -The port-security environments can be recognized by the presence of -`port-security` somewhere in the filename. Network environments without that -substring are the standard ones that require the noop Neutron firewall driver. - QuintupleO and routed networks ------------------------------ @@ -195,7 +182,7 @@ OVB as well. ./bin/deploy.py --env env.yaml \ --quintupleo \ - --env environments/all-networks-port-security.yaml \ + --env environments/all-networks.yaml \ --env environments/routed-networks.yaml \ --env env-routed-networks.yaml \ --role env-leaf1.yaml diff --git a/doc/source/host-cloud/configuration.rst b/doc/source/host-cloud/configuration.rst index 4d461cb..d51c763 100644 --- a/doc/source/host-cloud/configuration.rst +++ b/doc/source/host-cloud/configuration.rst @@ -7,19 +7,8 @@ all of it will provide the optimal experience. The changes described in this document apply to compute nodes in the host cloud. -#. Neutron must be configured to use the NoopFirewallDriver. Edit - ``/etc/neutron/plugins/ml2/ml2_conf.ini`` and set the option - ``firewall_driver`` in the ``[securitygroup]`` section as follows:: - - firewall_driver = neutron.agent.firewall.NoopFirewallDriver - -#. In Liberty and later versions, arp spoofing must be disabled. Edit - ``/etc/neutron/plugins/ml2/ml2_conf.ini`` and set the option - ``prevent_arp_spoofing`` in the ``[agent]`` section as follows:: - - prevent_arp_spoofing = False - -#. The Nova option ``force_config_drive`` must _not_ be set. +#. The Nova option ``force_config_drive`` must _not_ be set. If you have to + change this option, restart ``nova-compute`` to apply it. #. Ideally, jumbo frames should be enabled on the host cloud. This avoids MTU problems when deploying to instances over tunneled @@ -33,6 +22,3 @@ host cloud. such a change on the host cloud), it will likely be necessary to configure a smaller MTU on the deployed virtual instances. Details on doing so can be found on the :doc:`../usage/usage` page. - -#. Restart ``nova-compute`` and ``neutron-openvswitch-agent`` to apply the - changes above. diff --git a/doc/source/host-cloud/setup.rst b/doc/source/host-cloud/setup.rst index 4a6fad7..df4a009 100644 --- a/doc/source/host-cloud/setup.rst +++ b/doc/source/host-cloud/setup.rst @@ -6,9 +6,6 @@ Instructions for setting up the host cloud[1]. 1: The host cloud is any OpenStack cloud providing the necessary functionality to run OVB. The host cloud must be running on real baremetal. -.. warning:: This process requires patches and configuration settings that - may not be appropriate for production clouds. - .. toctree:: patches diff --git a/doc/source/troubleshooting.rst b/doc/source/troubleshooting.rst index d110789..0b45bc4 100644 --- a/doc/source/troubleshooting.rst +++ b/doc/source/troubleshooting.rst @@ -49,10 +49,8 @@ VM, but responses never get to the baremetal instances. **Cause**: Neutron port security blocking DHCP from the undercloud. -**Solution**: Neutron either needs to be configured to use the Noop firewall -driver, or the port-security extension must be used to disable -port-security on the appropriate ports. As of this writing that -requires use of the port-security branch of OVB. +**Solution**: Ensure that the Neutron port-security extension is present in +the host cloud. It is required for OVB to function properly. The BMC does not respond to IPMI requests ----------------------------------------- @@ -62,11 +60,10 @@ on arbitrary addresses. The BMC deployment may have failed for some reason. **Solution**: Neutron must be configured to allow the BMC to listen on -arbitrary addresses. This requires use of the Noop firewall driver -or port-security extension as in the previous solution. If this -is already configured correctly, then the BMC may have failed to -deploy properly. This can usually be determined by looking at the -nova console-log of the BMC instance. A correctly working BMC will +arbitrary addresses. This requires the port-security extension as in the +previous solution. If this is already configured correctly, then the BMC may +have failed to deploy properly. This can usually be determined by looking at +the nova console-log of the BMC instance. A correctly working BMC will display 'Managing instance [uuid]' for each baremetal node in the environment. If those messages are not found, then the BMC has failed to start properly. The relevant error messages should be diff --git a/doc/source/usage/usage.rst b/doc/source/usage/usage.rst index eee475a..4ff5788 100644 --- a/doc/source/usage/usage.rst +++ b/doc/source/usage/usage.rst @@ -43,15 +43,12 @@ After an OVB environment has been deployed, there are a few things to know. this is a brief explanation of each: - **network-templates:** IPv4 multi-nic. Usable with the network layout - deployed by the ``all-networks.yaml`` and - ``all-networks-port-security.yaml`` environments. + deployed by the ``all-networks.yaml`` environment. - **ipv6-network-templates:** IPv6 multi-nic. Usable with the network layout - deployed by the ``all-networks.yaml`` and - ``all-networks-port-security.yaml`` environments. + deployed by the ``all-networks.yaml`` environment. - **bond-network-templates:** IPv4 multi-nic, with duplicate `public` interfaces for testing bonded nics. Usable with the network layout - deployed by the ``all-networks-public-bond.yaml`` and - ``all-networks-public-bond-port-security.yaml`` environments. + deployed by the ``all-networks-public-bond.yaml`` environment. The undercloud's ``public`` interface should be configured with the address of the default route from the templates in use. Firewall rules for diff --git a/environments/all-networks-port-security.yaml b/environments/all-networks-port-security.yaml deleted file mode 100644 index babf777..0000000 --- a/environments/all-networks-port-security.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# ******************************************************************* -# This file was created automatically by the sample environment -# generator. Developers should use `tox -e genconfig` to update it. -# Users are recommended to make changes to a copy of the file instead -# of the original, if any customizations are needed. -# ******************************************************************* -# title: Deploy with All Networks Enabled -# description: | -# Deploy an OVB stack that adds interfaces for all the standard TripleO -# network isolation networks. This version uses the port-security -# Neutron extension to allow OVB to be run on clouds with security -# groups enabled. -parameter_defaults: - # Name of internal API network - # Type: string - overcloud_internal_net: overcloud_internal - - # CIDR for internal API network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_internal_net_cidr: 172.17.0.0/24 - - # Name of storage management network - # Type: string - overcloud_storage_mgmt_net: overcloud_storage_mgmt - - # CIDR for storage management network subnet. This is typically irrelevant - # and does not need to be changed. - # Type: string - overcloud_storage_mgmt_net_cidr: 172.19.0.0/24 - - # Name of storage network - # Type: string - overcloud_storage_net: overcloud_storage - - # CIDR for storage network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_storage_net_cidr: 172.18.0.0/24 - - # Name of tenant network - # Type: string - overcloud_tenant_net: overcloud_tenant - - # CIDR for tenant network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_tenant_net_cidr: 172.16.0.0/24 - -resource_registry: - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-all-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml diff --git a/environments/all-networks-public-bond-port-security.yaml b/environments/all-networks-public-bond-port-security.yaml deleted file mode 100644 index 1118b4b..0000000 --- a/environments/all-networks-public-bond-port-security.yaml +++ /dev/null @@ -1,56 +0,0 @@ -# ******************************************************************* -# This file was created automatically by the sample environment -# generator. Developers should use `tox -e genconfig` to update it. -# Users are recommended to make changes to a copy of the file instead -# of the original, if any customizations are needed. -# ******************************************************************* -# title: Deploy with All Networks Enabled and Two Public Interfaces -# description: | -# Deploy an OVB stack that adds interfaces for all the standard TripleO -# network isolation networks. This version will deploy duplicate -# public network interfaces on the baremetal instances so that the -# public network can be configured as a bond. It will also use the -# port-security Neutron extension to allow OVB to be run on clouds with -# security groups enabled. -parameter_defaults: - # Name of internal API network - # Type: string - overcloud_internal_net: overcloud_internal - - # CIDR for internal API network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_internal_net_cidr: 172.17.0.0/24 - - # Name of storage management network - # Type: string - overcloud_storage_mgmt_net: overcloud_storage_mgmt - - # CIDR for storage management network subnet. This is typically irrelevant - # and does not need to be changed. - # Type: string - overcloud_storage_mgmt_net_cidr: 172.19.0.0/24 - - # Name of storage network - # Type: string - overcloud_storage_net: overcloud_storage - - # CIDR for storage network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_storage_net_cidr: 172.18.0.0/24 - - # Name of tenant network - # Type: string - overcloud_tenant_net: overcloud_tenant - - # CIDR for tenant network subnet. This is typically irrelevant and - # does not need to be changed. - # Type: string - overcloud_tenant_net_cidr: 172.16.0.0/24 - -resource_registry: - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-public-bond-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml diff --git a/environments/base-extra-node.yaml b/environments/base-extra-node.yaml index d71b91d..928584e 100644 --- a/environments/base-extra-node.yaml +++ b/environments/base-extra-node.yaml @@ -33,4 +33,4 @@ parameter_defaults: role: extra resource_registry: - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-extra-node-port-security.yaml + OS::OVB::BaremetalPorts: ../templates/baremetal-ports-extra-node.yaml diff --git a/environments/port-security.yaml b/environments/port-security.yaml deleted file mode 100644 index 5b019d6..0000000 --- a/environments/port-security.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# ******************************************************************* -# This file was created automatically by the sample environment -# generator. Developers should use `tox -e genconfig` to update it. -# Users are recommended to make changes to a copy of the file instead -# of the original, if any customizations are needed. -# ******************************************************************* -# title: Deploy a Basic OVB Environment Using Neutron port-security -# description: | -# Deploy an OVB stack that uses the Neutron port-security extension to -# allow OVB functionality in clouds with security groups enabled. -resource_registry: - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-default-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml diff --git a/openstack_virtual_baremetal/tests/test_deploy.py b/openstack_virtual_baremetal/tests/test_deploy.py index 56a9cf0..5695175 100755 --- a/openstack_virtual_baremetal/tests/test_deploy.py +++ b/openstack_virtual_baremetal/tests/test_deploy.py @@ -205,7 +205,7 @@ role_base_data = { 'OS::OVB::BaremetalNetworks': 'templates/baremetal-networks-all.yaml', 'OS::OVB::BaremetalPorts': 'templates/baremetal-ports-public-bond.yaml', - 'OS::OVB::BMCPort': 'templates/bmc-port-port-security.yaml' + 'OS::OVB::BMCPort': 'templates/bmc-port.yaml' } } role_specific_data = { @@ -251,7 +251,7 @@ role_original_data = { 'OS::OVB::BaremetalNetworks': 'templates/baremetal-networks-all.yaml', 'OS::OVB::BaremetalPorts': 'templates/baremetal-ports-public-bond.yaml', - 'OS::OVB::BMCPort': 'templates/bmc-port-port-security.yaml' + 'OS::OVB::BMCPort': 'templates/bmc-port.yaml' } } # end _process_role test data @@ -397,7 +397,7 @@ class TestDeploy(testtools.TestCase): 'templates/baremetal-ports-all.yaml', output['resource_registry']['OS::OVB::BaremetalPorts']) # This should be inherited from the base env - self.assertEqual('templates/bmc-port-port-security.yaml', + self.assertEqual('templates/bmc-port.yaml', output['resource_registry']['OS::OVB::BMCPort']) @mock.patch('openstack_virtual_baremetal.deploy._load_role_data') diff --git a/sample-env-generator/environments.yaml b/sample-env-generator/environments.yaml index 80086f7..085263f 100644 --- a/sample-env-generator/environments.yaml +++ b/sample-env-generator/environments.yaml @@ -63,7 +63,7 @@ environments: baremetal_image: CentOS-7-x86_64-GenericCloud node_count: 1 resource_registry: - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-extra-node-port-security.yaml + OS::OVB::BaremetalPorts: ../templates/baremetal-ports-extra-node.yaml - name: all-networks title: Deploy with All Networks Enabled @@ -77,18 +77,6 @@ environments: OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml OS::OVB::BaremetalPorts: ../templates/baremetal-ports-all.yaml children: - - - name: all-networks-port-security - description: | - Deploy an OVB stack that adds interfaces for all the standard TripleO - network isolation networks. This version uses the port-security - Neutron extension to allow OVB to be run on clouds with security - groups enabled. - resource_registry: - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-all-port-security.yaml - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml - name: all-networks-public-bond title: Deploy with All Networks Enabled and Two Public Interfaces @@ -100,32 +88,6 @@ environments: resource_registry: OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml OS::OVB::BaremetalPorts: ../templates/baremetal-ports-public-bond.yaml - - - name: all-networks-public-bond-port-security - title: Deploy with All Networks Enabled and Two Public Interfaces - description: | - Deploy an OVB stack that adds interfaces for all the standard TripleO - network isolation networks. This version will deploy duplicate - public network interfaces on the baremetal instances so that the - public network can be configured as a bond. It will also use the - port-security Neutron extension to allow OVB to be run on clouds with - security groups enabled. - resource_registry: - OS::OVB::BaremetalNetworks: ../templates/baremetal-networks-all.yaml - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-public-bond-port-security.yaml - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml - - - name: port-security - title: Deploy a Basic OVB Environment Using Neutron port-security - description: | - Deploy an OVB stack that uses the Neutron port-security extension to - allow OVB functionality in clouds with security groups enabled. - files: {} - resource_registry: - OS::OVB::BaremetalPorts: ../templates/baremetal-ports-default-port-security.yaml - OS::OVB::BMCPort: ../templates/bmc-port-port-security.yaml - OS::OVB::UndercloudPorts: ../templates/undercloud-ports-port-security.yaml - name: create-private-network title: Create a Private Network diff --git a/templates/baremetal-ports-all-port-security.yaml b/templates/baremetal-ports-all-port-security.yaml deleted file mode 100644 index 3ea7cef..0000000 --- a/templates/baremetal-ports-all-port-security.yaml +++ /dev/null @@ -1,115 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - baremetal_prefix: - type: string - - networks: - type: json - - suffix: - type: string - - overcloud_internal_net: - type: string - description: Name of internal API network - default: overcloud_internal - - overcloud_storage_net: - type: string - description: Name of storage network - default: overcloud_storage - - overcloud_storage_mgmt_net: - type: string - description: Name of storage management network - default: overcloud_storage_mgmt - - overcloud_tenant_net: - type: string - description: Name of tenant network - default: overcloud_tenant - -resources: - - provision_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: [networks, provision]} - port_security_enabled: False - - internal_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - internal_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_internal_net} - port_security_enabled: False - - storage_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - storage_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_storage_net} - port_security_enabled: False - - storage_mgmt_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - storage_mgmt_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_storage_mgmt_net} - port_security_enabled: False - - tenant_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - tenant_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_tenant_net} - port_security_enabled: False - - public_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - public_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: [networks, public]} - port_security_enabled: False - -outputs: - ports: - value: - - {port: {get_resource: provision_port}} - - {port: {get_resource: public_port}} - - {port: {get_resource: internal_port}} - - {port: {get_resource: storage_port}} - - {port: {get_resource: storage_mgmt_port}} - - {port: {get_resource: tenant_port}} diff --git a/templates/baremetal-ports-all.yaml b/templates/baremetal-ports-all.yaml index 5f9736e..3ea7cef 100644 --- a/templates/baremetal-ports-all.yaml +++ b/templates/baremetal-ports-all.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: @@ -42,6 +42,7 @@ resources: - - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: [networks, provision]} + port_security_enabled: False internal_port: type: OS::Neutron::Port @@ -53,6 +54,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_internal_net} + port_security_enabled: False storage_port: type: OS::Neutron::Port @@ -64,6 +66,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_storage_net} + port_security_enabled: False storage_mgmt_port: type: OS::Neutron::Port @@ -75,6 +78,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_storage_mgmt_net} + port_security_enabled: False tenant_port: type: OS::Neutron::Port @@ -86,6 +90,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_tenant_net} + port_security_enabled: False public_port: type: OS::Neutron::Port @@ -97,6 +102,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: [networks, public]} + port_security_enabled: False outputs: ports: diff --git a/templates/baremetal-ports-default-port-security.yaml b/templates/baremetal-ports-default-port-security.yaml deleted file mode 100644 index c9d19a0..0000000 --- a/templates/baremetal-ports-default-port-security.yaml +++ /dev/null @@ -1,30 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - baremetal_prefix: - type: string - - networks: - type: json - - suffix: - type: string - -resources: - - provision_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: [networks, provision]} - port_security_enabled: False - -outputs: - ports: - value: - - {port: {get_resource: provision_port}} diff --git a/templates/baremetal-ports-default.yaml b/templates/baremetal-ports-default.yaml index 3e7fbc7..c9d19a0 100644 --- a/templates/baremetal-ports-default.yaml +++ b/templates/baremetal-ports-default.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: @@ -22,6 +22,7 @@ resources: - - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: [networks, provision]} + port_security_enabled: False outputs: ports: diff --git a/templates/baremetal-ports-extra-node-port-security-all.yaml b/templates/baremetal-ports-extra-node-all.yaml similarity index 100% rename from templates/baremetal-ports-extra-node-port-security-all.yaml rename to templates/baremetal-ports-extra-node-all.yaml diff --git a/templates/baremetal-ports-extra-node-fip-port-security.yaml b/templates/baremetal-ports-extra-node-fip.yaml similarity index 100% rename from templates/baremetal-ports-extra-node-fip-port-security.yaml rename to templates/baremetal-ports-extra-node-fip.yaml diff --git a/templates/baremetal-ports-extra-node-port-security.yaml b/templates/baremetal-ports-extra-node.yaml similarity index 100% rename from templates/baremetal-ports-extra-node-port-security.yaml rename to templates/baremetal-ports-extra-node.yaml diff --git a/templates/baremetal-ports-public-bond-port-security.yaml b/templates/baremetal-ports-public-bond-port-security.yaml deleted file mode 100644 index 8e59a45..0000000 --- a/templates/baremetal-ports-public-bond-port-security.yaml +++ /dev/null @@ -1,128 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - baremetal_prefix: - type: string - - networks: - type: json - - suffix: - type: string - - overcloud_internal_net: - type: string - description: Name of internal API network - default: overcloud_internal - - overcloud_storage_net: - type: string - description: Name of storage network - default: overcloud_storage - - overcloud_storage_mgmt_net: - type: string - description: Name of storage management network - default: overcloud_storage_mgmt - - overcloud_tenant_net: - type: string - description: Name of tenant network - default: overcloud_tenant - -resources: - - provision_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: [networks, provision]} - port_security_enabled: False - - internal_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - internal_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_internal_net} - port_security_enabled: False - - storage_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - storage_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_storage_net} - port_security_enabled: False - - storage_mgmt_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - storage_mgmt_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_storage_mgmt_net} - port_security_enabled: False - - tenant_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - tenant_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: overcloud_tenant_net} - port_security_enabled: False - - public_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - public_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: [networks, public]} - port_security_enabled: False - - public_bond_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '' - - - public_ - - {get_param: baremetal_prefix} - - {get_param: suffix} - network: {get_param: [networks, public]} - port_security_enabled: False - -outputs: - ports: - value: - - {port: {get_resource: provision_port}} - - {port: {get_resource: public_port}} - - {port: {get_resource: public_bond_port}} - - {port: {get_resource: internal_port}} - - {port: {get_resource: storage_port}} - - {port: {get_resource: storage_mgmt_port}} - - {port: {get_resource: tenant_port}} diff --git a/templates/baremetal-ports-public-bond.yaml b/templates/baremetal-ports-public-bond.yaml index b93009a..8e59a45 100644 --- a/templates/baremetal-ports-public-bond.yaml +++ b/templates/baremetal-ports-public-bond.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: @@ -42,6 +42,7 @@ resources: - - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: [networks, provision]} + port_security_enabled: False internal_port: type: OS::Neutron::Port @@ -53,6 +54,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_internal_net} + port_security_enabled: False storage_port: type: OS::Neutron::Port @@ -64,6 +66,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_storage_net} + port_security_enabled: False storage_mgmt_port: type: OS::Neutron::Port @@ -75,6 +78,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_storage_mgmt_net} + port_security_enabled: False tenant_port: type: OS::Neutron::Port @@ -86,6 +90,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: overcloud_tenant_net} + port_security_enabled: False public_port: type: OS::Neutron::Port @@ -97,6 +102,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: [networks, public]} + port_security_enabled: False public_bond_port: type: OS::Neutron::Port @@ -108,6 +114,7 @@ resources: - {get_param: baremetal_prefix} - {get_param: suffix} network: {get_param: [networks, public]} + port_security_enabled: False outputs: ports: diff --git a/templates/bmc-port-port-security.yaml b/templates/bmc-port-port-security.yaml deleted file mode 100644 index dc9361e..0000000 --- a/templates/bmc-port-port-security.yaml +++ /dev/null @@ -1,29 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - bmc_prefix: - type: string - - private_net: - type: string - -resources: - - private_bmc_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '_' - - - 'utility' - - {get_param: bmc_prefix} - network: {get_param: private_net} - port_security_enabled: False - -outputs: - port: - value: - - {port: {get_resource: private_bmc_port}} - ip_address: - value: {get_attr: [private_bmc_port, fixed_ips, 0, ip_address]} diff --git a/templates/bmc-port.yaml b/templates/bmc-port.yaml index 402ea94..dc9361e 100644 --- a/templates/bmc-port.yaml +++ b/templates/bmc-port.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: @@ -19,6 +19,7 @@ resources: - - 'utility' - {get_param: bmc_prefix} network: {get_param: private_net} + port_security_enabled: False outputs: port: diff --git a/templates/undercloud-ports-port-security.yaml b/templates/undercloud-ports-port-security.yaml deleted file mode 100644 index 1cac893..0000000 --- a/templates/undercloud-ports-port-security.yaml +++ /dev/null @@ -1,72 +0,0 @@ -heat_template_version: 2015-10-15 - -parameters: - - undercloud_name: - type: string - - private_net: - type: string - - networks: - type: json - -resources: - undercloud_sg: - type: OS::Neutron::SecurityGroup - properties: - name: - list_join: - - '_' - - - {get_param: undercloud_name} - - 'sg' - description: Ping, SSH, and TripleO UI - rules: - - protocol: icmp - - protocol: tcp - port_range_min: 22 - port_range_max: 22 - - protocol: tcp - port_range_min: 3000 - port_range_max: 3000 - - private_undercloud_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '_' - - - {get_param: undercloud_name} - - 'private' - network: {get_param: private_net} - security_groups: - - {get_resource: undercloud_sg} - - provision_undercloud_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '_' - - - {get_param: undercloud_name} - - 'provision' - network: {get_param: [networks, provision]} - port_security_enabled: False - - public_undercloud_port: - type: OS::Neutron::Port - properties: - name: - list_join: - - '_' - - - {get_param: undercloud_name} - - 'public' - network: {get_param: [networks, public]} - port_security_enabled: False - -outputs: - ports: - value: - - {port: {get_resource: private_undercloud_port}} - - {port: {get_resource: provision_undercloud_port}} - - {port: {get_resource: public_undercloud_port}} diff --git a/templates/undercloud-ports.yaml b/templates/undercloud-ports.yaml index dc3f1ce..1cac893 100644 --- a/templates/undercloud-ports.yaml +++ b/templates/undercloud-ports.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-10-15 parameters: @@ -51,6 +51,7 @@ resources: - - {get_param: undercloud_name} - 'provision' network: {get_param: [networks, provision]} + port_security_enabled: False public_undercloud_port: type: OS::Neutron::Port @@ -61,6 +62,7 @@ resources: - - {get_param: undercloud_name} - 'public' network: {get_param: [networks, public]} + port_security_enabled: False outputs: ports: From 09ece3f1221162a318426845731ea4130ca3be2e Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Thu, 13 Dec 2018 10:03:45 -0600 Subject: [PATCH 39/46] Add ControlPlaneStaticRoutes to nic-configs TripleO just added another mandatory parameter so this is needed to use the templates with master. --- .../nic-configs/ceph-storage.yaml | 8 ++++++++ .../nic-configs/cinder-storage.yaml | 8 ++++++++ .../bond-network-templates-v2/nic-configs/compute.yaml | 8 ++++++++ .../bond-network-templates-v2/nic-configs/controller.yaml | 8 ++++++++ .../nic-configs/swift-storage.yaml | 8 ++++++++ .../nic-configs/ceph-storage.yaml | 8 ++++++++ .../nic-configs/cinder-storage.yaml | 8 ++++++++ .../ipv6-network-templates-v2/nic-configs/compute.yaml | 8 ++++++++ .../ipv6-network-templates-v2/nic-configs/controller.yaml | 8 ++++++++ .../nic-configs/swift-storage.yaml | 8 ++++++++ .../network-templates-v2/nic-configs/ceph-storage.yaml | 8 ++++++++ .../network-templates-v2/nic-configs/cinder-storage.yaml | 8 ++++++++ .../network-templates-v2/nic-configs/compute.yaml | 8 ++++++++ .../network-templates-v2/nic-configs/controller.yaml | 8 ++++++++ .../network-templates-v2/nic-configs/swift-storage.yaml | 8 ++++++++ 15 files changed, 120 insertions(+) diff --git a/overcloud-templates/bond-network-templates-v2/nic-configs/ceph-storage.yaml b/overcloud-templates/bond-network-templates-v2/nic-configs/ceph-storage.yaml index aec2f54..74153b3 100644 --- a/overcloud-templates/bond-network-templates-v2/nic-configs/ceph-storage.yaml +++ b/overcloud-templates/bond-network-templates-v2/nic-configs/ceph-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/bond-network-templates-v2/nic-configs/cinder-storage.yaml b/overcloud-templates/bond-network-templates-v2/nic-configs/cinder-storage.yaml index 30390bf..0ef1414 100644 --- a/overcloud-templates/bond-network-templates-v2/nic-configs/cinder-storage.yaml +++ b/overcloud-templates/bond-network-templates-v2/nic-configs/cinder-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/bond-network-templates-v2/nic-configs/compute.yaml b/overcloud-templates/bond-network-templates-v2/nic-configs/compute.yaml index f5363af..df5fb2b 100644 --- a/overcloud-templates/bond-network-templates-v2/nic-configs/compute.yaml +++ b/overcloud-templates/bond-network-templates-v2/nic-configs/compute.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/bond-network-templates-v2/nic-configs/controller.yaml b/overcloud-templates/bond-network-templates-v2/nic-configs/controller.yaml index ac964aa..a00413e 100644 --- a/overcloud-templates/bond-network-templates-v2/nic-configs/controller.yaml +++ b/overcloud-templates/bond-network-templates-v2/nic-configs/controller.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/bond-network-templates-v2/nic-configs/swift-storage.yaml b/overcloud-templates/bond-network-templates-v2/nic-configs/swift-storage.yaml index 30390bf..0ef1414 100644 --- a/overcloud-templates/bond-network-templates-v2/nic-configs/swift-storage.yaml +++ b/overcloud-templates/bond-network-templates-v2/nic-configs/swift-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/ipv6-network-templates-v2/nic-configs/ceph-storage.yaml b/overcloud-templates/ipv6-network-templates-v2/nic-configs/ceph-storage.yaml index 0de80d4..fe66405 100644 --- a/overcloud-templates/ipv6-network-templates-v2/nic-configs/ceph-storage.yaml +++ b/overcloud-templates/ipv6-network-templates-v2/nic-configs/ceph-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/ipv6-network-templates-v2/nic-configs/cinder-storage.yaml b/overcloud-templates/ipv6-network-templates-v2/nic-configs/cinder-storage.yaml index 30390bf..0ef1414 100644 --- a/overcloud-templates/ipv6-network-templates-v2/nic-configs/cinder-storage.yaml +++ b/overcloud-templates/ipv6-network-templates-v2/nic-configs/cinder-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/ipv6-network-templates-v2/nic-configs/compute.yaml b/overcloud-templates/ipv6-network-templates-v2/nic-configs/compute.yaml index 45fb468..0b2974c 100644 --- a/overcloud-templates/ipv6-network-templates-v2/nic-configs/compute.yaml +++ b/overcloud-templates/ipv6-network-templates-v2/nic-configs/compute.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/ipv6-network-templates-v2/nic-configs/controller.yaml b/overcloud-templates/ipv6-network-templates-v2/nic-configs/controller.yaml index 903565a..5c790b7 100644 --- a/overcloud-templates/ipv6-network-templates-v2/nic-configs/controller.yaml +++ b/overcloud-templates/ipv6-network-templates-v2/nic-configs/controller.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/ipv6-network-templates-v2/nic-configs/swift-storage.yaml b/overcloud-templates/ipv6-network-templates-v2/nic-configs/swift-storage.yaml index 30390bf..0ef1414 100644 --- a/overcloud-templates/ipv6-network-templates-v2/nic-configs/swift-storage.yaml +++ b/overcloud-templates/ipv6-network-templates-v2/nic-configs/swift-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/network-templates-v2/nic-configs/ceph-storage.yaml b/overcloud-templates/network-templates-v2/nic-configs/ceph-storage.yaml index 8fb0f3d..de56eb5 100644 --- a/overcloud-templates/network-templates-v2/nic-configs/ceph-storage.yaml +++ b/overcloud-templates/network-templates-v2/nic-configs/ceph-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/network-templates-v2/nic-configs/cinder-storage.yaml b/overcloud-templates/network-templates-v2/nic-configs/cinder-storage.yaml index 30390bf..0ef1414 100644 --- a/overcloud-templates/network-templates-v2/nic-configs/cinder-storage.yaml +++ b/overcloud-templates/network-templates-v2/nic-configs/cinder-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/network-templates-v2/nic-configs/compute.yaml b/overcloud-templates/network-templates-v2/nic-configs/compute.yaml index eb5dbee..05cf854 100644 --- a/overcloud-templates/network-templates-v2/nic-configs/compute.yaml +++ b/overcloud-templates/network-templates-v2/nic-configs/compute.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/network-templates-v2/nic-configs/controller.yaml b/overcloud-templates/network-templates-v2/nic-configs/controller.yaml index 2fb77c2..80143f7 100644 --- a/overcloud-templates/network-templates-v2/nic-configs/controller.yaml +++ b/overcloud-templates/network-templates-v2/nic-configs/controller.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. diff --git a/overcloud-templates/network-templates-v2/nic-configs/swift-storage.yaml b/overcloud-templates/network-templates-v2/nic-configs/swift-storage.yaml index 30390bf..0ef1414 100644 --- a/overcloud-templates/network-templates-v2/nic-configs/swift-storage.yaml +++ b/overcloud-templates/network-templates-v2/nic-configs/swift-storage.yaml @@ -117,6 +117,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ControlPlaneStaticRoutes: + default: [] + description: > + Routes for the ctlplane network traffic. + JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}] + Unless the default is changed, the parameter is automatically resolved + from the subnet host_routes attribute. + type: json DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. From 6581fcf01acde1acde35a9178dce9af13ed2aaeb Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Thu, 13 Dec 2018 16:07:37 +0000 Subject: [PATCH 40/46] Use openstackclient for bmc configuration Openstackclient can do everything we need and should allow us to clean up some of the cruft from incompatible versions of neutronclient. --- bin/install_openstackbmc.sh | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/bin/install_openstackbmc.sh b/bin/install_openstackbmc.sh index 4d69a73..0163e95 100644 --- a/bin/install_openstackbmc.sh +++ b/bin/install_openstackbmc.sh @@ -5,7 +5,7 @@ set -x # install python2-crypto from EPEL # python-[nova|neutron]client are in a similar situation. They were renamed # in RDO to python2-* -required_packages="python-pip os-net-config git jq python2-os-client-config" +required_packages="python-pip os-net-config git jq python2-os-client-config python2-openstackclient" function have_packages() { for i in $required_packages; do @@ -59,12 +59,9 @@ print(yaml.safe_dump(clouds, default_flow_style=False))' > ~/.config/openstack/c rm -f /tmp/bmc-cloud-data export OS_CLOUD=host_cloud -# At some point neutronclient started returning a python list repr from this -# command instead of just the value. This sed will strip off the bits we -# don't care about without messing up the output from older clients. -private_subnet=$(neutron net-show -f value -c subnets $private_net | sed "s/\[u'\(.*\)'\]/\1/") -default_gw=$(neutron subnet-show $private_subnet -f value -c gateway_ip) -prefix_len=$(neutron subnet-show -f value -c cidr $private_subnet | awk -F / '{print $2}') +private_subnet=$(openstack network show -f value -c subnets $private_net) +default_gw=$(openstack subnet show -f value -c gateway_ip $private_subnet) +prefix_len=$(openstack subnet show -f value -c cidr $private_subnet | awk -F / '{print $2}') cache_status= if [ "$bmc_use_cache" != "False" ]; then cache_status="--cache-status" @@ -103,14 +100,9 @@ EOF for i in $(seq 1 $bm_node_count) do bm_port="$bm_prefix_$(($i-1))" - bm_instance=$(neutron port-show $bm_port -c device_id -f value) + bm_instance=$(openstack port show -c device_id -f value $bm_port) bmc_port="$bmc_prefix_$(($i-1))" - bmc_ip=$(neutron port-show $bmc_port -c fixed_ips -f value | jq -r .ip_address) - # Newer neutronclient requires explicit json output and a slightly - # different jq query - if [ -z "$bmc_ip" ]; then - bmc_ip=$(neutron port-show $bmc_port -c fixed_ips -f json | jq -r .fixed_ips[0].ip_address) - fi + bmc_ip=$(openstack port show -c fixed_ips -f value $bmc_port | awk -F \' '{print $2}') unit="openstack-bmc-$bm_port.service" cat </usr/lib/systemd/system/$unit From a36b6b722f657f35f8b9148be6b1889804b5c9d7 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Thu, 13 Dec 2018 20:13:15 +0000 Subject: [PATCH 41/46] Signal after bmc configuration Instead of having Heat fire-and-forget the bmc deployment, have the bmc explicitly signal back to Heat. This way bmc failures can be caught at env deployment time instead of the first time the undercloud tries to make an IPMI call. --- bin/install_openstackbmc.sh | 17 ++++++++++++++++- templates/virtual-baremetal.yaml | 10 ++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/bin/install_openstackbmc.sh b/bin/install_openstackbmc.sh index 0163e95..a1f10c1 100644 --- a/bin/install_openstackbmc.sh +++ b/bin/install_openstackbmc.sh @@ -136,6 +136,21 @@ do unit="openstack-bmc-$bm_port.service" systemctl enable $unit systemctl start $unit - systemctl status $unit done +sleep 5 + +for i in $(seq 1 $bm_node_count) +do + bm_port="$bm_prefix_$(($i-1))" + unit="openstack-bmc-$bm_port.service" + if ! systemctl status $unit + then + $signal_command --data-binary '{"status": "FAILURE"}' + echo "********** $unit failed to start **********" + exit 1 + fi +done + +$signal_command --data-binary '{"status": "SUCCESS"}' + diff --git a/templates/virtual-baremetal.yaml b/templates/virtual-baremetal.yaml index 84fad04..0bf1a60 100644 --- a/templates/virtual-baremetal.yaml +++ b/templates/virtual-baremetal.yaml @@ -163,6 +163,15 @@ resources: - _%index% network: {get_param: private_net} + bmc_handle: + type: OS::Heat::WaitConditionHandle + + bmc_wait_condition: + type: OS::Heat::WaitCondition + properties: + handle: {get_resource: bmc_handle} + timeout: 600 + bmc_server: type: OS::Nova::Server depends_on: [openstack_baremetal_servers, bmc_other_ports, bmc_port] @@ -191,6 +200,7 @@ resources: $private_net: {get_param: private_net} $openstackbmc_script: {get_file: ../bin/openstackbmc} $cloud_data: {get_param: cloud_data} + $signal_command: {get_attr: [bmc_handle, curl_cli]} template: {get_file: ../bin/install_openstackbmc.sh} baremetal_networks: From a52aa22125f5300e2f26c7764ffa87d0ee3a3d98 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Thu, 13 Dec 2018 21:27:36 +0000 Subject: [PATCH 42/46] Add more necessary firewall rules to ovb-instack Apparently the undercloud firewall configuration changed and no longer works without explicit accept rules for the public network. --- bin/ovb-instack | 2 ++ 1 file changed, 2 insertions(+) diff --git a/bin/ovb-instack b/bin/ovb-instack index 871c8db..68fdff4 100755 --- a/bin/ovb-instack +++ b/bin/ovb-instack @@ -82,6 +82,8 @@ network_config: EOF_CAT sudo os-net-config -c /tmp/eth2.cfg -v sudo iptables -A POSTROUTING -s 10.0.0.0/24 ! -d 10.0.0.0/24 -j MASQUERADE -t nat +sudo iptables -I FORWARD -s 10.0.0.0/24 -j ACCEPT +sudo iptables -I FORWARD -d 10.0.0.0/24 -j ACCEPT timer 'undercloud install' timer From 3a73a83fb15f6106c5df6c95b7d1fd8d5830a0f5 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Fri, 14 Dec 2018 16:51:29 +0000 Subject: [PATCH 43/46] Add symlinks for old port-security environments For ease of migration to OVB 2.0, let's provide a compatibility interface from the old names. A deprecation warning is also added to deploy.py to notify users that they are using outdated environments and should switch. port-security.yaml is not symlinked because there's no analog in OVB 2.0. port-security.yaml is just the default now. I suppose that could be an empty file, but I'm not sure anyone is using it anyway so for the moment I'm omitting it. That decision can be revisited if necessary. --- environments/all-networks-port-security.yaml | 1 + environments/all-networks-public-bond-port-security.yaml | 1 + openstack_virtual_baremetal/deploy.py | 8 ++++++++ 3 files changed, 10 insertions(+) create mode 120000 environments/all-networks-port-security.yaml create mode 120000 environments/all-networks-public-bond-port-security.yaml diff --git a/environments/all-networks-port-security.yaml b/environments/all-networks-port-security.yaml new file mode 120000 index 0000000..55e2faf --- /dev/null +++ b/environments/all-networks-port-security.yaml @@ -0,0 +1 @@ +all-networks.yaml \ No newline at end of file diff --git a/environments/all-networks-public-bond-port-security.yaml b/environments/all-networks-public-bond-port-security.yaml new file mode 120000 index 0000000..3a632ae --- /dev/null +++ b/environments/all-networks-public-bond-port-security.yaml @@ -0,0 +1 @@ +all-networks-public-bond.yaml \ No newline at end of file diff --git a/openstack_virtual_baremetal/deploy.py b/openstack_virtual_baremetal/deploy.py index 7b2b3fe..ea8912d 100755 --- a/openstack_virtual_baremetal/deploy.py +++ b/openstack_virtual_baremetal/deploy.py @@ -190,6 +190,14 @@ def _validate_env(args, env_paths): raise RuntimeError('baremetal_prefix ends with role name. This ' 'will break build-nodes-json. Please choose ' 'a different baremetal_prefix or role name.') + for path in env_paths: + if 'port-security.yaml' in path: + print('WARNING: port-security environment file detected. ' + 'port-security is now the default. The existing ' + 'port-security environment files are deprecated and may be ' + 'removed in the future. Please use the environment files ' + 'without "port-security" in their filename instead.' + ) def _get_heat_client(): From f68d52abab109bb2a3ee8c82d792730422d2c919 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Fri, 14 Dec 2018 17:01:55 +0000 Subject: [PATCH 44/46] Add undercloud-networks-existing template This file was missed in the original commit to add undercloud network configuration templates. It's essentially a noop for adding a second undercloud-like vm to the existing networks. --- templates/undercloud-networks-existing.yaml | 44 +++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 templates/undercloud-networks-existing.yaml diff --git a/templates/undercloud-networks-existing.yaml b/templates/undercloud-networks-existing.yaml new file mode 100644 index 0000000..a8c28ea --- /dev/null +++ b/templates/undercloud-networks-existing.yaml @@ -0,0 +1,44 @@ +heat_template_version: 2015-04-30 + +parameters: + provision_net: + type: string + default: provision + description: Name of a network that will be used for provisioning traffic + + provision_net_cidr: + type: string + description: CIDR for provision network subnet + default: 192.0.2.0/24 + + provision_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + public_net: + type: string + description: Name of the overcloud external network + default: public + + public_net_cidr: + type: string + description: CIDR for external network subnet + default: 10.0.0.0/24 + + public_net_shared: + type: boolean + description: Whether this network should be shared across all tenants + default: false + + +outputs: + networks: + value: + provision: {get_param: provision_net} + public: {get_param: public_net} + # The provision and public network routers is here for compatibility only + provision_network_routers: + value: null + public_network_router: + value: null From 16f1fa30df18f01a45e2c7182fb3e635e73b524a Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Fri, 14 Dec 2018 17:31:05 +0000 Subject: [PATCH 45/46] Remove unused imports I failed to run pep8 after removing the legacy code that used these. --- openstack_virtual_baremetal/openstackbmc.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/openstack_virtual_baremetal/openstackbmc.py b/openstack_virtual_baremetal/openstackbmc.py index 4818eab..c8881d7 100755 --- a/openstack_virtual_baremetal/openstackbmc.py +++ b/openstack_virtual_baremetal/openstackbmc.py @@ -28,8 +28,6 @@ import os import sys import time -import novaclient as nc -from novaclient import client as novaclient from novaclient import exceptions import os_client_config import pyghmi.ipmi.bmc as bmc From 572bce6c965311001157e79bff10bf7f53f9b572 Mon Sep 17 00:00:00 2001 From: Ben Nemec Date: Mon, 17 Dec 2018 12:07:20 -0600 Subject: [PATCH 46/46] Remove deprecated overcloud network templates These were deprecated over a year ago in d67f0cf65b5df8fa7b434c9ffd238fbb7e3e0a67. For 2.0, let's get rid of them completely. Duplicate copies are present in the overcloud-templates directory. --- bond-network-templates/DEPRECATED | 3 - bond-network-templates/README | 23 - .../network-environment.yaml | 26 - .../network-isolation-absolute.yaml | 28 - bond-network-templates/network-isolation.yaml | 28 - .../nic-configs/ceph-storage.yaml | 119 --- .../nic-configs/cinder-storage.yaml | 92 --- .../nic-configs/compute.yaml | 130 ---- .../nic-configs/controller.yaml | 156 ---- .../nic-configs/swift-storage.yaml | 92 --- bond-network-templates/ui-settings.pickle | 699 ----------------- ipv6-network-templates/DEPRECATED | 3 - ipv6-network-templates/README | 23 - .../network-environment.yaml | 25 - .../network-isolation-absolute.yaml | 35 - ipv6-network-templates/network-isolation.yaml | 35 - .../nic-configs/ceph-storage.yaml | 120 --- .../nic-configs/cinder-storage.yaml | 92 --- .../nic-configs/compute.yaml | 131 ---- .../nic-configs/controller.yaml | 152 ---- .../nic-configs/swift-storage.yaml | 92 --- ipv6-network-templates/ui-settings.pickle | 729 ------------------ network-templates/DEPRECATED | 3 - network-templates/README | 23 - network-templates/network-environment.yaml | 25 - .../network-isolation-absolute.yaml | 28 - network-templates/network-isolation.yaml | 28 - .../nic-configs/ceph-storage.yaml | 119 --- .../nic-configs/cinder-storage.yaml | 92 --- network-templates/nic-configs/compute.yaml | 130 ---- network-templates/nic-configs/controller.yaml | 148 ---- .../nic-configs/swift-storage.yaml | 92 --- network-templates/ui-settings.pickle | 641 --------------- 33 files changed, 4162 deletions(-) delete mode 100644 bond-network-templates/DEPRECATED delete mode 100644 bond-network-templates/README delete mode 100644 bond-network-templates/network-environment.yaml delete mode 100644 bond-network-templates/network-isolation-absolute.yaml delete mode 100644 bond-network-templates/network-isolation.yaml delete mode 100644 bond-network-templates/nic-configs/ceph-storage.yaml delete mode 100644 bond-network-templates/nic-configs/cinder-storage.yaml delete mode 100644 bond-network-templates/nic-configs/compute.yaml delete mode 100644 bond-network-templates/nic-configs/controller.yaml delete mode 100644 bond-network-templates/nic-configs/swift-storage.yaml delete mode 100644 bond-network-templates/ui-settings.pickle delete mode 100644 ipv6-network-templates/DEPRECATED delete mode 100644 ipv6-network-templates/README delete mode 100644 ipv6-network-templates/network-environment.yaml delete mode 100644 ipv6-network-templates/network-isolation-absolute.yaml delete mode 100644 ipv6-network-templates/network-isolation.yaml delete mode 100644 ipv6-network-templates/nic-configs/ceph-storage.yaml delete mode 100644 ipv6-network-templates/nic-configs/cinder-storage.yaml delete mode 100644 ipv6-network-templates/nic-configs/compute.yaml delete mode 100644 ipv6-network-templates/nic-configs/controller.yaml delete mode 100644 ipv6-network-templates/nic-configs/swift-storage.yaml delete mode 100644 ipv6-network-templates/ui-settings.pickle delete mode 100644 network-templates/DEPRECATED delete mode 100644 network-templates/README delete mode 100644 network-templates/network-environment.yaml delete mode 100644 network-templates/network-isolation-absolute.yaml delete mode 100644 network-templates/network-isolation.yaml delete mode 100644 network-templates/nic-configs/ceph-storage.yaml delete mode 100644 network-templates/nic-configs/cinder-storage.yaml delete mode 100644 network-templates/nic-configs/compute.yaml delete mode 100644 network-templates/nic-configs/controller.yaml delete mode 100644 network-templates/nic-configs/swift-storage.yaml delete mode 100644 network-templates/ui-settings.pickle diff --git a/bond-network-templates/DEPRECATED b/bond-network-templates/DEPRECATED deleted file mode 100644 index f10f688..0000000 --- a/bond-network-templates/DEPRECATED +++ /dev/null @@ -1,3 +0,0 @@ -WARNING: This directory is deprecated and may be removed in the future. -A duplicate copy of these network templates can be found in the -overcloud-templates directory in a sub-directory with the same name as this one. diff --git a/bond-network-templates/README b/bond-network-templates/README deleted file mode 100644 index 189bfb5..0000000 --- a/bond-network-templates/README +++ /dev/null @@ -1,23 +0,0 @@ -Generated Network Isolation Templates -------------------------------------- -These templates were generated by the UI tool at -https://github.com/cybertron/tripleo-scripts#net-iso-genpy - -ui-settings.pickle is specific to the tool. TripleO will not use it when -doing deployments with these templates, but it is needed to be able to -load the templates into the UI again. Note that the UI only reads this file, -so any changes made by hand to the templates will not be reflected in the UI. - -The network-isolation.yaml file needs to reference the port files shipped with -tripleo-heat-templates, so by default the tool generates the paths assuming -network-isolation.yaml will be copied into the environments/ directory of -tripleo-heat-templates. - -If the standard tripleo-heat-templates are in use, then the -network-isolation-absolute.yaml file can be used instead. It has hard-coded -references to the port files in /usr/share/openstack-tripleo-heat-templates. - -If the generated network isolation templates are at ~/generated-templates, an -example deployment command would look like: - -openstack overcloud deploy --templates -e ~/generated-templates/network-isolation-absolute.yaml -e ~/generated-templates/network-environment.yaml diff --git a/bond-network-templates/network-environment.yaml b/bond-network-templates/network-environment.yaml deleted file mode 100644 index a4f4a1f..0000000 --- a/bond-network-templates/network-environment.yaml +++ /dev/null @@ -1,26 +0,0 @@ - -resource_registry: - OS::TripleO::BlockStorage::Net::SoftwareConfig: nic-configs/cinder-storage.yaml - OS::TripleO::Compute::Net::SoftwareConfig: nic-configs/compute.yaml - OS::TripleO::Controller::Net::SoftwareConfig: nic-configs/controller.yaml - OS::TripleO::ObjectStorage::Net::SoftwareConfig: nic-configs/swift-storage.yaml - OS::TripleO::CephStorage::Net::SoftwareConfig: nic-configs/ceph-storage.yaml - -parameter_defaults: - ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.168.24.1 - EC2MetadataIp: 192.168.24.1 - ExternalNetCidr: 10.0.0.0/24 - ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] - ExternalInterfaceDefaultRoute: 10.0.0.1 - NeutronExternalNetworkBridge: "''" - InternalApiNetCidr: 172.17.0.0/24 - InternalApiAllocationPools: [{"start": "172.17.0.10", "end": "172.17.0.250"}] - StorageNetCidr: 172.18.0.0/24 - StorageAllocationPools: [{"start": "172.18.0.10", "end": "172.18.0.250"}] - StorageMgmtNetCidr: 172.19.0.0/24 - StorageMgmtAllocationPools: [{"start": "172.19.0.10", "end": "172.19.0.250"}] - TenantNetCidr: 172.16.0.0/24 - TenantAllocationPools: [{"start": "172.16.0.10", "end": "172.16.0.250"}] - DnsServers: ["8.8.8.8", "8.8.4.4"] - BondInterfaceOvsOptions: bond_mode=balance-slb diff --git a/bond-network-templates/network-isolation-absolute.yaml b/bond-network-templates/network-isolation-absolute.yaml deleted file mode 100644 index 7fede9d..0000000 --- a/bond-network-templates/network-isolation-absolute.yaml +++ /dev/null @@ -1,28 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/vip.yaml - # External - OS::TripleO::Network::External: /usr/share/openstack-tripleo-heat-templates/network/external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml - OS::TripleO::Controller::Ports::ExternalPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml - # InternalApi - OS::TripleO::Network::InternalApi: /usr/share/openstack-tripleo-heat-templates/network/internal_api.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - OS::TripleO::Controller::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - OS::TripleO::Compute::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - # Storage - OS::TripleO::Network::Storage: /usr/share/openstack-tripleo-heat-templates/network/storage.yaml - OS::TripleO::Network::Ports::StorageVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::Controller::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::Compute::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::CephStorage::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: /usr/share/openstack-tripleo-heat-templates/network/storage_mgmt.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - # Tenant - OS::TripleO::Network::Tenant: /usr/share/openstack-tripleo-heat-templates/network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml diff --git a/bond-network-templates/network-isolation.yaml b/bond-network-templates/network-isolation.yaml deleted file mode 100644 index 2c18f2f..0000000 --- a/bond-network-templates/network-isolation.yaml +++ /dev/null @@ -1,28 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml - # External - OS::TripleO::Network::External: ../network/external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml - OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml - # InternalApi - OS::TripleO::Network::InternalApi: ../network/internal_api.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml - OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml - OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml - # Storage - OS::TripleO::Network::Storage: ../network/storage.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml - OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml - OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml - OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - # Tenant - OS::TripleO::Network::Tenant: ../network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: ../network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml diff --git a/bond-network-templates/nic-configs/ceph-storage.yaml b/bond-network-templates/nic-configs/ceph-storage.yaml deleted file mode 100644 index 5500ebc..0000000 --- a/bond-network-templates/nic-configs/ceph-storage.yaml +++ /dev/null @@ -1,119 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic6 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/nic-configs/cinder-storage.yaml b/bond-network-templates/nic-configs/cinder-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/bond-network-templates/nic-configs/cinder-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/nic-configs/compute.yaml b/bond-network-templates/nic-configs/compute.yaml deleted file mode 100644 index 3edec60..0000000 --- a/bond-network-templates/nic-configs/compute.yaml +++ /dev/null @@ -1,130 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic7 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/nic-configs/controller.yaml b/bond-network-templates/nic-configs/controller.yaml deleted file mode 100644 index b817058..0000000 --- a/bond-network-templates/nic-configs/controller.yaml +++ /dev/null @@ -1,156 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: ovs_bridge - name: br-ex - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ExternalInterfaceDefaultRoute} - members: - - type: ovs_bond - name: bond1 - ovs_options: {get_param: BondInterfaceOvsOptions} - members: - - type: interface - name: nic2 - mtu: 1350 - primary: true - - type: interface - name: nic3 - mtu: 1350 - primary: false - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic6 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic7 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/nic-configs/swift-storage.yaml b/bond-network-templates/nic-configs/swift-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/bond-network-templates/nic-configs/swift-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/bond-network-templates/ui-settings.pickle b/bond-network-templates/ui-settings.pickle deleted file mode 100644 index 22bfce2..0000000 --- a/bond-network-templates/ui-settings.pickle +++ /dev/null @@ -1,699 +0,0 @@ -(dp0 -S'global_data' -p1 -(dp2 -S'control' -p3 -(dp4 -S'route' -p5 -V192.168.24.1 -p6 -sS'mask' -p7 -I24 -sS'ec2' -p8 -V192.168.24.1 -p9 -ssS'major' -p10 -I1 -sS'management' -p11 -(dp12 -S'start' -p13 -V172.20.0.10 -p14 -sS'cidr' -p15 -V172.20.0.0/24 -p16 -sS'vlan' -p17 -I6 -sS'end' -p18 -V172.20.0.250 -p19 -ssS'dns2' -p20 -V8.8.4.4 -p21 -sS'dns1' -p22 -V8.8.8.8 -p23 -sS'storage' -p24 -(dp25 -g13 -V172.18.0.10 -p26 -sg15 -V172.18.0.0/24 -p27 -sg17 -I3 -sg18 -V172.18.0.250 -p28 -ssS'auto_routes' -p29 -I01 -sS'bond_options' -p30 -Vbond_mode=balance-slb -p31 -sS'version' -p32 -I1 -sS'external' -p33 -(dp34 -S'bridge' -p35 -V'' -p36 -sg18 -V10.0.0.50 -p37 -sg17 -I1 -sg13 -V10.0.0.10 -p38 -sg15 -V10.0.0.0/24 -p39 -sS'gateway' -p40 -V10.0.0.1 -p41 -ssS'internal_api' -p42 -(dp43 -g13 -V172.17.0.10 -p44 -sg15 -V172.17.0.0/24 -p45 -sg17 -I2 -sg18 -V172.17.0.250 -p46 -ssS'ipv6' -p47 -I00 -sS'storage_mgmt' -p48 -(dp49 -g13 -V172.19.0.10 -p50 -sg15 -V172.19.0.0/24 -p51 -sg17 -I4 -sg18 -V172.19.0.250 -p52 -ssS'minor' -p53 -I2 -sS'tenant' -p54 -(dp55 -g13 -V172.16.0.10 -p56 -sg15 -V172.16.0.0/24 -p57 -sg17 -I5 -sg18 -V172.16.0.250 -p58 -sssS'data' -p59 -(dp60 -S'cinder-storage.yaml' -p61 -(lp62 -sS'ceph-storage.yaml' -p63 -(lp64 -(dp65 -Vaddresses -p66 -(lp67 -sVnetwork -p68 -VControlPlane -p69 -sVprimary -p70 -I01 -sVmtu -p71 -I1350 -sS'members' -p72 -(lp73 -sVroutes -p74 -(lp75 -sVuse_dhcp -p76 -I00 -sVtype -p77 -Vinterface -p78 -sVname -p79 -Vnic1 -p80 -sa(dp81 -Vaddresses -p82 -(lp83 -sVnetwork -p84 -VStorage -p85 -sVprimary -p86 -I01 -sVmtu -p87 -I1350 -sg72 -(lp88 -sVroutes -p89 -(lp90 -sVuse_dhcp -p91 -I00 -sVtype -p92 -Vinterface -p93 -sVname -p94 -Vnic5 -p95 -sa(dp96 -Vaddresses -p97 -(lp98 -sVnetwork -p99 -VStorageMgmt -p100 -sVprimary -p101 -I01 -sVmtu -p102 -I1350 -sg72 -(lp103 -sVroutes -p104 -(lp105 -sVuse_dhcp -p106 -I00 -sVtype -p107 -Vinterface -p108 -sVname -p109 -Vnic6 -p110 -sasS'controller.yaml' -p111 -(lp112 -(dp113 -Vaddresses -p114 -(lp115 -sVnetwork -p116 -VControlPlane -p117 -sVprimary -p118 -I01 -sVmtu -p119 -I1350 -sg72 -(lp120 -sVroutes -p121 -(lp122 -sVuse_dhcp -p123 -I00 -sVtype -p124 -Vinterface -p125 -sVname -p126 -Vnic1 -p127 -sa(dp128 -Vdns_servers -p129 -V{get_param: DnsServers} -p130 -sVaddresses -p131 -(lp132 -sVnetwork -p133 -VExternal -p134 -sVmtu -p135 -I-1 -sg72 -(lp136 -(dp137 -Vnetwork -p138 -VNone -p139 -sVbond_type -p140 -Vovs -p141 -sVovs_options -p142 -V{get_param: BondInterfaceOvsOptions} -p143 -sVmtu -p144 -I-1 -sg72 -(lp145 -(dp146 -Vaddresses -p147 -(lp148 -sVnetwork -p149 -VNone -p150 -sVprimary -p151 -I01 -sVmtu -p152 -I1350 -sVroutes -p153 -(lp154 -sVuse_dhcp -p155 -I00 -sVtype -p156 -Vinterface -p157 -sVname -p158 -Vnic2 -p159 -sa(dp160 -Vaddresses -p161 -(lp162 -sVnetwork -p163 -VNone -p164 -sVprimary -p165 -I00 -sVmtu -p166 -I1350 -sVroutes -p167 -(lp168 -sVuse_dhcp -p169 -I00 -sVtype -p170 -Vinterface -p171 -sVname -p172 -Vnic3 -p173 -sasVroutes -p174 -(lp175 -sVtype -p176 -Vovs_bond -p177 -sVname -p178 -Vbond1 -p179 -sasVroutes -p180 -(lp181 -sVuse_dhcp -p182 -I00 -sVtype -p183 -Vovs_bridge -p184 -sVname -p185 -Vbr-ex -p186 -sa(dp187 -Vaddresses -p188 -(lp189 -sVnetwork -p190 -VInternalApi -p191 -sVprimary -p192 -I01 -sVmtu -p193 -I1350 -sg72 -(lp194 -sVroutes -p195 -(lp196 -sVuse_dhcp -p197 -I00 -sVtype -p198 -Vinterface -p199 -sVname -p200 -Vnic4 -p201 -sa(dp202 -Vaddresses -p203 -(lp204 -sVnetwork -p205 -VStorage -p206 -sVprimary -p207 -I01 -sVmtu -p208 -I1350 -sg72 -(lp209 -sVroutes -p210 -(lp211 -sVuse_dhcp -p212 -I00 -sVtype -p213 -Vinterface -p214 -sVname -p215 -Vnic5 -p216 -sa(dp217 -Vaddresses -p218 -(lp219 -sVnetwork -p220 -VStorageMgmt -p221 -sVprimary -p222 -I01 -sVmtu -p223 -I1350 -sg72 -(lp224 -sVroutes -p225 -(lp226 -sVuse_dhcp -p227 -I00 -sVtype -p228 -Vinterface -p229 -sVname -p230 -Vnic6 -p231 -sa(dp232 -Vdns_servers -p233 -V{get_param: DnsServers} -p234 -sVaddresses -p235 -(lp236 -sVnetwork -p237 -VTenant -p238 -sVmtu -p239 -I-1 -sg72 -(lp240 -(dp241 -Vaddresses -p242 -(lp243 -sVnetwork -p244 -VNone -p245 -sVprimary -p246 -I01 -sVmtu -p247 -I1350 -sg72 -(lp248 -sVroutes -p249 -(lp250 -sVuse_dhcp -p251 -I00 -sVtype -p252 -Vinterface -p253 -sVname -p254 -Vnic7 -p255 -sasVroutes -p256 -(lp257 -sVuse_dhcp -p258 -I00 -sVtype -p259 -Vovs_bridge -p260 -sVname -p261 -Vbr-tenant -p262 -sasS'swift-storage.yaml' -p263 -(lp264 -sS'compute.yaml' -p265 -(lp266 -(dp267 -Vaddresses -p268 -(lp269 -sVnetwork -p270 -VControlPlane -p271 -sVprimary -p272 -I01 -sVmtu -p273 -I1350 -sg72 -(lp274 -sVroutes -p275 -(lp276 -sVuse_dhcp -p277 -I00 -sVtype -p278 -Vinterface -p279 -sVname -p280 -Vnic1 -p281 -sa(dp282 -Vaddresses -p283 -(lp284 -sVnetwork -p285 -VInternalApi -p286 -sVprimary -p287 -I01 -sVmtu -p288 -I1350 -sg72 -(lp289 -sVroutes -p290 -(lp291 -sVuse_dhcp -p292 -I00 -sVtype -p293 -Vinterface -p294 -sVname -p295 -Vnic4 -p296 -sa(dp297 -Vaddresses -p298 -(lp299 -sVnetwork -p300 -VStorage -p301 -sVprimary -p302 -I01 -sVmtu -p303 -I1350 -sg72 -(lp304 -sVroutes -p305 -(lp306 -sVuse_dhcp -p307 -I00 -sVtype -p308 -Vinterface -p309 -sVname -p310 -Vnic5 -p311 -sa(dp312 -Vdns_servers -p313 -V{get_param: DnsServers} -p314 -sVaddresses -p315 -(lp316 -sVnetwork -p317 -VTenant -p318 -sVmtu -p319 -I-1 -sg72 -(lp320 -(dp321 -Vaddresses -p322 -(lp323 -sVnetwork -p324 -VNone -p325 -sVprimary -p326 -I01 -sVmtu -p327 -I1350 -sg72 -(lp328 -sVroutes -p329 -(lp330 -sVuse_dhcp -p331 -I00 -sVtype -p332 -Vinterface -p333 -sVname -p334 -Vnic7 -p335 -sasVroutes -p336 -(lp337 -sVuse_dhcp -p338 -I00 -sVtype -p339 -Vovs_bridge -p340 -sVname -p341 -Vbr-tenant -p342 -sass. \ No newline at end of file diff --git a/ipv6-network-templates/DEPRECATED b/ipv6-network-templates/DEPRECATED deleted file mode 100644 index f10f688..0000000 --- a/ipv6-network-templates/DEPRECATED +++ /dev/null @@ -1,3 +0,0 @@ -WARNING: This directory is deprecated and may be removed in the future. -A duplicate copy of these network templates can be found in the -overcloud-templates directory in a sub-directory with the same name as this one. diff --git a/ipv6-network-templates/README b/ipv6-network-templates/README deleted file mode 100644 index 189bfb5..0000000 --- a/ipv6-network-templates/README +++ /dev/null @@ -1,23 +0,0 @@ -Generated Network Isolation Templates -------------------------------------- -These templates were generated by the UI tool at -https://github.com/cybertron/tripleo-scripts#net-iso-genpy - -ui-settings.pickle is specific to the tool. TripleO will not use it when -doing deployments with these templates, but it is needed to be able to -load the templates into the UI again. Note that the UI only reads this file, -so any changes made by hand to the templates will not be reflected in the UI. - -The network-isolation.yaml file needs to reference the port files shipped with -tripleo-heat-templates, so by default the tool generates the paths assuming -network-isolation.yaml will be copied into the environments/ directory of -tripleo-heat-templates. - -If the standard tripleo-heat-templates are in use, then the -network-isolation-absolute.yaml file can be used instead. It has hard-coded -references to the port files in /usr/share/openstack-tripleo-heat-templates. - -If the generated network isolation templates are at ~/generated-templates, an -example deployment command would look like: - -openstack overcloud deploy --templates -e ~/generated-templates/network-isolation-absolute.yaml -e ~/generated-templates/network-environment.yaml diff --git a/ipv6-network-templates/network-environment.yaml b/ipv6-network-templates/network-environment.yaml deleted file mode 100644 index d845650..0000000 --- a/ipv6-network-templates/network-environment.yaml +++ /dev/null @@ -1,25 +0,0 @@ - -resource_registry: - OS::TripleO::BlockStorage::Net::SoftwareConfig: nic-configs/cinder-storage.yaml - OS::TripleO::Compute::Net::SoftwareConfig: nic-configs/compute.yaml - OS::TripleO::Controller::Net::SoftwareConfig: nic-configs/controller.yaml - OS::TripleO::ObjectStorage::Net::SoftwareConfig: nic-configs/swift-storage.yaml - OS::TripleO::CephStorage::Net::SoftwareConfig: nic-configs/ceph-storage.yaml - -parameter_defaults: - ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.168.24.1 - EC2MetadataIp: 192.168.24.1 - ExternalNetCidr: 2001:db8:fd00:1000::/64 - ExternalAllocationPools: [{"start": "2001:db8:fd00:1000::10", "end": "2001:db8:fd00:1000:ffff:ffff:ffff:fffe"}] - ExternalInterfaceDefaultRoute: 2001:db8:fd00:1000::1 - NeutronExternalNetworkBridge: "''" - InternalApiNetCidr: fd00:fd00:fd00:2000::/64 - InternalApiAllocationPools: [{"start": "fd00:fd00:fd00:2000::10", "end": "fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe"}] - StorageNetCidr: fd00:fd00:fd00:3000::/64 - StorageAllocationPools: [{"start": "fd00:fd00:fd00:3000::10", "end": "fd00:fd00:fd00:3000:ffff:ffff:ffff:fffe"}] - StorageMgmtNetCidr: fd00:fd00:fd00:4000::/64 - StorageMgmtAllocationPools: [{"start": "fd00:fd00:fd00:4000::10", "end": "fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe"}] - TenantNetCidr: 172.16.0.0/24 - TenantAllocationPools: [{"start": "172.16.0.10", "end": "172.16.0.250"}] - DnsServers: ["8.8.8.8", "8.8.4.4"] diff --git a/ipv6-network-templates/network-isolation-absolute.yaml b/ipv6-network-templates/network-isolation-absolute.yaml deleted file mode 100644 index e5c8ccf..0000000 --- a/ipv6-network-templates/network-isolation-absolute.yaml +++ /dev/null @@ -1,35 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/vip_v6.yaml - # External - OS::TripleO::Network::External: /usr/share/openstack-tripleo-heat-templates/network/external_v6.yaml - OS::TripleO::Network::Ports::ExternalVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external_v6.yaml - OS::TripleO::Controller::Ports::ExternalPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external_v6.yaml - # InternalApi - OS::TripleO::Network::InternalApi: /usr/share/openstack-tripleo-heat-templates/network/internal_api_v6.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api_v6.yaml - OS::TripleO::Controller::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api_v6.yaml - OS::TripleO::Compute::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api_v6.yaml - # Storage - OS::TripleO::Network::Storage: /usr/share/openstack-tripleo-heat-templates/network/storage_v6.yaml - OS::TripleO::Network::Ports::StorageVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_v6.yaml - OS::TripleO::Controller::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_v6.yaml - OS::TripleO::Compute::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_v6.yaml - OS::TripleO::CephStorage::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_v6.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: /usr/share/openstack-tripleo-heat-templates/network/storage_mgmt_v6.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt_v6.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt_v6.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt_v6.yaml - # Tenant - OS::TripleO::Network::Tenant: /usr/share/openstack-tripleo-heat-templates/network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml -parameter_defaults: - CephIPv6: True - CorosyncIPv6: True - MongoDbIPv6: True - NovaIPv6: True - RabbitIPv6: True - MemcachedIPv6: True diff --git a/ipv6-network-templates/network-isolation.yaml b/ipv6-network-templates/network-isolation.yaml deleted file mode 100644 index 08c7685..0000000 --- a/ipv6-network-templates/network-isolation.yaml +++ /dev/null @@ -1,35 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml - # External - OS::TripleO::Network::External: ../network/external_v6.yaml - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml - OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_v6.yaml - # InternalApi - OS::TripleO::Network::InternalApi: ../network/internal_api_v6.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api_v6.yaml - # Storage - OS::TripleO::Network::Storage: ../network/storage_v6.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml - OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage_v6.yaml - OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage_v6.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt_v6.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_v6.yaml - # Tenant - OS::TripleO::Network::Tenant: ../network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: ../network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml -parameter_defaults: - CephIPv6: True - CorosyncIPv6: True - MongoDbIPv6: True - NovaIPv6: True - RabbitIPv6: True - MemcachedIPv6: True diff --git a/ipv6-network-templates/nic-configs/ceph-storage.yaml b/ipv6-network-templates/nic-configs/ceph-storage.yaml deleted file mode 100644 index 593533b..0000000 --- a/ipv6-network-templates/nic-configs/ceph-storage.yaml +++ /dev/null @@ -1,120 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - default: true - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ControlPlaneDefaultRoute} - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/nic-configs/cinder-storage.yaml b/ipv6-network-templates/nic-configs/cinder-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/ipv6-network-templates/nic-configs/cinder-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/nic-configs/compute.yaml b/ipv6-network-templates/nic-configs/compute.yaml deleted file mode 100644 index ebe9f69..0000000 --- a/ipv6-network-templates/nic-configs/compute.yaml +++ /dev/null @@ -1,131 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - default: true - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ControlPlaneDefaultRoute} - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: interface - name: nic3 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic6 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/nic-configs/controller.yaml b/ipv6-network-templates/nic-configs/controller.yaml deleted file mode 100644 index 500fbbd..0000000 --- a/ipv6-network-templates/nic-configs/controller.yaml +++ /dev/null @@ -1,152 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - default: true - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ControlPlaneDefaultRoute} - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: ovs_bridge - name: br-ex - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - default: true - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ExternalInterfaceDefaultRoute} - members: - - type: interface - name: nic2 - mtu: 1350 - primary: true - - type: interface - name: nic3 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic6 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/nic-configs/swift-storage.yaml b/ipv6-network-templates/nic-configs/swift-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/ipv6-network-templates/nic-configs/swift-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/ipv6-network-templates/ui-settings.pickle b/ipv6-network-templates/ui-settings.pickle deleted file mode 100644 index 725c716..0000000 --- a/ipv6-network-templates/ui-settings.pickle +++ /dev/null @@ -1,729 +0,0 @@ -(dp0 -S'global_data' -p1 -(dp2 -S'control' -p3 -(dp4 -S'route' -p5 -V192.168.24.1 -p6 -sS'mask' -p7 -I24 -sS'ec2' -p8 -V192.168.24.1 -p9 -ssS'major' -p10 -I1 -sS'management' -p11 -(dp12 -S'start' -p13 -V172.20.0.10 -p14 -sS'cidr' -p15 -V172.20.0.0/24 -p16 -sS'vlan' -p17 -I6 -sS'end' -p18 -V172.20.0.250 -p19 -ssS'dns2' -p20 -V8.8.4.4 -p21 -sS'dns1' -p22 -V8.8.8.8 -p23 -sS'storage' -p24 -(dp25 -g13 -Vfd00:fd00:fd00:3000::10 -p26 -sg15 -Vfd00:fd00:fd00:3000::/64 -p27 -sg17 -I3 -sg18 -Vfd00:fd00:fd00:3000:ffff:ffff:ffff:fffe -p28 -ssS'auto_routes' -p29 -I00 -sS'bond_options' -p30 -V -p31 -sS'external' -p32 -(dp33 -S'bridge' -p34 -V'' -p35 -sg18 -V2001:db8:fd00:1000:ffff:ffff:ffff:fffe -p36 -sg17 -I1 -sg13 -V2001:db8:fd00:1000::10 -p37 -sg15 -V2001:db8:fd00:1000::/64 -p38 -sS'gateway' -p39 -V2001:db8:fd00:1000::1 -p40 -ssS'internal_api' -p41 -(dp42 -g13 -Vfd00:fd00:fd00:2000::10 -p43 -sg15 -Vfd00:fd00:fd00:2000::/64 -p44 -sg17 -I2 -sg18 -Vfd00:fd00:fd00:2000:ffff:ffff:ffff:fffe -p45 -ssS'ipv6' -p46 -I01 -sS'storage_mgmt' -p47 -(dp48 -g13 -Vfd00:fd00:fd00:4000::10 -p49 -sg15 -Vfd00:fd00:fd00:4000::/64 -p50 -sg17 -I4 -sg18 -Vfd00:fd00:fd00:4000:ffff:ffff:ffff:fffe -p51 -ssS'minor' -p52 -I2 -sS'tenant' -p53 -(dp54 -g13 -V172.16.0.10 -p55 -sg15 -V172.16.0.0/24 -p56 -sg17 -I5 -sg18 -V172.16.0.250 -p57 -sssS'data' -p58 -(dp59 -S'cinder-storage.yaml' -p60 -(lp61 -sS'ceph-storage.yaml' -p62 -(lp63 -(dp64 -Vaddresses -p65 -(lp66 -sVnetwork -p67 -VControlPlane -p68 -sVprimary -p69 -I01 -sVmtu -p70 -I1350 -sS'members' -p71 -(lp72 -(dp73 -Vip_netmask -p74 -V0.0.0.0/0 -p75 -sVname -p76 -VRoute -p77 -sVdefault -p78 -I01 -sVnext_hop -p79 -V{get_param: ControlPlaneDefaultRoute} -p80 -sg71 -(lp81 -sVtype -p82 -Vroute -p83 -sasVroutes -p84 -(lp85 -sVuse_dhcp -p86 -I00 -sVtype -p87 -Vinterface -p88 -sVname -p89 -Vnic1 -p90 -sa(dp91 -Vaddresses -p92 -(lp93 -sVnetwork -p94 -VStorage -p95 -sVprimary -p96 -I01 -sVmtu -p97 -I1350 -sg71 -(lp98 -sVroutes -p99 -(lp100 -sVuse_dhcp -p101 -I00 -sVtype -p102 -Vinterface -p103 -sVname -p104 -Vnic4 -p105 -sa(dp106 -Vaddresses -p107 -(lp108 -sVnetwork -p109 -VStorageMgmt -p110 -sVprimary -p111 -I01 -sVmtu -p112 -I1350 -sg71 -(lp113 -sVroutes -p114 -(lp115 -sVuse_dhcp -p116 -I00 -sVtype -p117 -Vinterface -p118 -sVname -p119 -Vnic5 -p120 -sasS'controller.yaml' -p121 -(lp122 -(dp123 -Vaddresses -p124 -(lp125 -sVnetwork -p126 -VControlPlane -p127 -sVprimary -p128 -I01 -sVmtu -p129 -I1350 -sg71 -(lp130 -(dp131 -Vip_netmask -p132 -V0.0.0.0/0 -p133 -sVname -p134 -VRoute -p135 -sVdefault -p136 -I01 -sVnext_hop -p137 -V{get_param: ControlPlaneDefaultRoute} -p138 -sg71 -(lp139 -sVtype -p140 -Vroute -p141 -sasVroutes -p142 -(lp143 -sVuse_dhcp -p144 -I00 -sVtype -p145 -Vinterface -p146 -sVname -p147 -Vnic1 -p148 -sa(dp149 -Vdns_servers -p150 -V{get_param: DnsServers} -p151 -sVaddresses -p152 -(lp153 -sVnetwork -p154 -VExternal -p155 -sVmtu -p156 -I-1 -sg71 -(lp157 -(dp158 -Vaddresses -p159 -(lp160 -sVnetwork -p161 -VNone -p162 -sVprimary -p163 -I01 -sVmtu -p164 -I1350 -sg71 -(lp165 -sVroutes -p166 -(lp167 -sVuse_dhcp -p168 -I00 -sVtype -p169 -Vinterface -p170 -sVname -p171 -Vnic2 -p172 -sa(dp173 -Vip_netmask -p174 -V0.0.0.0/0 -p175 -sVname -p176 -VRoute -p177 -sVdefault -p178 -I01 -sVnext_hop -p179 -V{get_param: ExternalInterfaceDefaultRoute} -p180 -sg71 -(lp181 -sVtype -p182 -Vroute -p183 -sasVroutes -p184 -(lp185 -sVuse_dhcp -p186 -I00 -sVtype -p187 -Vovs_bridge -p188 -sVname -p189 -Vbr-ex -p190 -sa(dp191 -Vaddresses -p192 -(lp193 -sVnetwork -p194 -VInternalApi -p195 -sVprimary -p196 -I01 -sVmtu -p197 -I1350 -sg71 -(lp198 -sVroutes -p199 -(lp200 -sVuse_dhcp -p201 -I00 -sVtype -p202 -Vinterface -p203 -sVname -p204 -Vnic3 -p205 -sa(dp206 -Vaddresses -p207 -(lp208 -sVnetwork -p209 -VStorage -p210 -sVprimary -p211 -I01 -sVmtu -p212 -I1350 -sg71 -(lp213 -sVroutes -p214 -(lp215 -sVuse_dhcp -p216 -I00 -sVtype -p217 -Vinterface -p218 -sVname -p219 -Vnic4 -p220 -sa(dp221 -Vaddresses -p222 -(lp223 -sVnetwork -p224 -VStorageMgmt -p225 -sVprimary -p226 -I01 -sVmtu -p227 -I1350 -sg71 -(lp228 -sVroutes -p229 -(lp230 -sVuse_dhcp -p231 -I00 -sVtype -p232 -Vinterface -p233 -sVname -p234 -Vnic5 -p235 -sa(dp236 -Vdns_servers -p237 -V{get_param: DnsServers} -p238 -sVaddresses -p239 -(lp240 -sVnetwork -p241 -VTenant -p242 -sVmtu -p243 -I-1 -sg71 -(lp244 -(dp245 -Vaddresses -p246 -(lp247 -sVnetwork -p248 -VNone -p249 -sVprimary -p250 -I01 -sVmtu -p251 -I1350 -sg71 -(lp252 -sVroutes -p253 -(lp254 -sVuse_dhcp -p255 -I00 -sVtype -p256 -Vinterface -p257 -sVname -p258 -Vnic6 -p259 -sasVroutes -p260 -(lp261 -sVuse_dhcp -p262 -I00 -sVtype -p263 -Vovs_bridge -p264 -sVname -p265 -Vbr-tenant -p266 -sasS'swift-storage.yaml' -p267 -(lp268 -sS'compute.yaml' -p269 -(lp270 -(dp271 -Vaddresses -p272 -(lp273 -sVnetwork -p274 -VControlPlane -p275 -sVprimary -p276 -I01 -sVmtu -p277 -I1350 -sg71 -(lp278 -(dp279 -Vip_netmask -p280 -V0.0.0.0/0 -p281 -sVname -p282 -VRoute -p283 -sVdefault -p284 -I01 -sVnext_hop -p285 -V{get_param: ControlPlaneDefaultRoute} -p286 -sg71 -(lp287 -sVtype -p288 -Vroute -p289 -sasVroutes -p290 -(lp291 -sVuse_dhcp -p292 -I00 -sVtype -p293 -Vinterface -p294 -sVname -p295 -Vnic1 -p296 -sa(dp297 -Vaddresses -p298 -(lp299 -sVnetwork -p300 -VInternalApi -p301 -sVprimary -p302 -I01 -sVmtu -p303 -I1350 -sg71 -(lp304 -sVroutes -p305 -(lp306 -sVuse_dhcp -p307 -I00 -sVtype -p308 -Vinterface -p309 -sVname -p310 -Vnic3 -p311 -sa(dp312 -Vaddresses -p313 -(lp314 -sVnetwork -p315 -VStorage -p316 -sVprimary -p317 -I01 -sVmtu -p318 -I1350 -sg71 -(lp319 -sVroutes -p320 -(lp321 -sVuse_dhcp -p322 -I00 -sVtype -p323 -Vinterface -p324 -sVname -p325 -Vnic4 -p326 -sa(dp327 -Vdns_servers -p328 -V{get_param: DnsServers} -p329 -sVaddresses -p330 -(lp331 -sVnetwork -p332 -VTenant -p333 -sVmtu -p334 -I-1 -sg71 -(lp335 -(dp336 -Vaddresses -p337 -(lp338 -sVnetwork -p339 -VNone -p340 -sVprimary -p341 -I01 -sVmtu -p342 -I1350 -sg71 -(lp343 -sVroutes -p344 -(lp345 -sVuse_dhcp -p346 -I00 -sVtype -p347 -Vinterface -p348 -sVname -p349 -Vnic6 -p350 -sasVroutes -p351 -(lp352 -sVuse_dhcp -p353 -I00 -sVtype -p354 -Vovs_bridge -p355 -sVname -p356 -Vbr-tenant -p357 -sass. \ No newline at end of file diff --git a/network-templates/DEPRECATED b/network-templates/DEPRECATED deleted file mode 100644 index f10f688..0000000 --- a/network-templates/DEPRECATED +++ /dev/null @@ -1,3 +0,0 @@ -WARNING: This directory is deprecated and may be removed in the future. -A duplicate copy of these network templates can be found in the -overcloud-templates directory in a sub-directory with the same name as this one. diff --git a/network-templates/README b/network-templates/README deleted file mode 100644 index 189bfb5..0000000 --- a/network-templates/README +++ /dev/null @@ -1,23 +0,0 @@ -Generated Network Isolation Templates -------------------------------------- -These templates were generated by the UI tool at -https://github.com/cybertron/tripleo-scripts#net-iso-genpy - -ui-settings.pickle is specific to the tool. TripleO will not use it when -doing deployments with these templates, but it is needed to be able to -load the templates into the UI again. Note that the UI only reads this file, -so any changes made by hand to the templates will not be reflected in the UI. - -The network-isolation.yaml file needs to reference the port files shipped with -tripleo-heat-templates, so by default the tool generates the paths assuming -network-isolation.yaml will be copied into the environments/ directory of -tripleo-heat-templates. - -If the standard tripleo-heat-templates are in use, then the -network-isolation-absolute.yaml file can be used instead. It has hard-coded -references to the port files in /usr/share/openstack-tripleo-heat-templates. - -If the generated network isolation templates are at ~/generated-templates, an -example deployment command would look like: - -openstack overcloud deploy --templates -e ~/generated-templates/network-isolation-absolute.yaml -e ~/generated-templates/network-environment.yaml diff --git a/network-templates/network-environment.yaml b/network-templates/network-environment.yaml deleted file mode 100644 index 466aa80..0000000 --- a/network-templates/network-environment.yaml +++ /dev/null @@ -1,25 +0,0 @@ - -resource_registry: - OS::TripleO::BlockStorage::Net::SoftwareConfig: nic-configs/cinder-storage.yaml - OS::TripleO::Compute::Net::SoftwareConfig: nic-configs/compute.yaml - OS::TripleO::Controller::Net::SoftwareConfig: nic-configs/controller.yaml - OS::TripleO::ObjectStorage::Net::SoftwareConfig: nic-configs/swift-storage.yaml - OS::TripleO::CephStorage::Net::SoftwareConfig: nic-configs/ceph-storage.yaml - -parameter_defaults: - ControlPlaneSubnetCidr: '24' - ControlPlaneDefaultRoute: 192.168.24.1 - EC2MetadataIp: 192.168.24.1 - ExternalNetCidr: 10.0.0.0/24 - ExternalAllocationPools: [{"start": "10.0.0.10", "end": "10.0.0.50"}] - ExternalInterfaceDefaultRoute: 10.0.0.1 - NeutronExternalNetworkBridge: "''" - InternalApiNetCidr: 172.17.0.0/24 - InternalApiAllocationPools: [{"start": "172.17.0.10", "end": "172.17.0.250"}] - StorageNetCidr: 172.18.0.0/24 - StorageAllocationPools: [{"start": "172.18.0.10", "end": "172.18.0.250"}] - StorageMgmtNetCidr: 172.19.0.0/24 - StorageMgmtAllocationPools: [{"start": "172.19.0.10", "end": "172.19.0.250"}] - TenantNetCidr: 172.16.0.0/24 - TenantAllocationPools: [{"start": "172.16.0.10", "end": "172.16.0.250"}] - DnsServers: ["8.8.8.8", "8.8.4.4"] diff --git a/network-templates/network-isolation-absolute.yaml b/network-templates/network-isolation-absolute.yaml deleted file mode 100644 index 7fede9d..0000000 --- a/network-templates/network-isolation-absolute.yaml +++ /dev/null @@ -1,28 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/vip.yaml - # External - OS::TripleO::Network::External: /usr/share/openstack-tripleo-heat-templates/network/external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml - OS::TripleO::Controller::Ports::ExternalPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml - # InternalApi - OS::TripleO::Network::InternalApi: /usr/share/openstack-tripleo-heat-templates/network/internal_api.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - OS::TripleO::Controller::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - OS::TripleO::Compute::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml - # Storage - OS::TripleO::Network::Storage: /usr/share/openstack-tripleo-heat-templates/network/storage.yaml - OS::TripleO::Network::Ports::StorageVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::Controller::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::Compute::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - OS::TripleO::CephStorage::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: /usr/share/openstack-tripleo-heat-templates/network/storage_mgmt.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/storage_mgmt.yaml - # Tenant - OS::TripleO::Network::Tenant: /usr/share/openstack-tripleo-heat-templates/network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml diff --git a/network-templates/network-isolation.yaml b/network-templates/network-isolation.yaml deleted file mode 100644 index 2c18f2f..0000000 --- a/network-templates/network-isolation.yaml +++ /dev/null @@ -1,28 +0,0 @@ -resource_registry: - # Redis - OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip.yaml - # External - OS::TripleO::Network::External: ../network/external.yaml - OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml - OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external.yaml - # InternalApi - OS::TripleO::Network::InternalApi: ../network/internal_api.yaml - OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api.yaml - OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api.yaml - OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml - # Storage - OS::TripleO::Network::Storage: ../network/storage.yaml - OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage.yaml - OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml - OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml - OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml - # StorageMgmt - OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml - OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt.yaml - OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml - # Tenant - OS::TripleO::Network::Tenant: ../network/tenant.yaml - OS::TripleO::Network::Ports::TenantVipPort: ../network/ports/tenant.yaml - OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml - OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml diff --git a/network-templates/nic-configs/ceph-storage.yaml b/network-templates/nic-configs/ceph-storage.yaml deleted file mode 100644 index a71f40a..0000000 --- a/network-templates/nic-configs/ceph-storage.yaml +++ /dev/null @@ -1,119 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/nic-configs/cinder-storage.yaml b/network-templates/nic-configs/cinder-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/network-templates/nic-configs/cinder-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/nic-configs/compute.yaml b/network-templates/nic-configs/compute.yaml deleted file mode 100644 index fa2d33f..0000000 --- a/network-templates/nic-configs/compute.yaml +++ /dev/null @@ -1,130 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - - type: interface - name: nic3 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic6 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/nic-configs/controller.yaml b/network-templates/nic-configs/controller.yaml deleted file mode 100644 index d56270d..0000000 --- a/network-templates/nic-configs/controller.yaml +++ /dev/null @@ -1,148 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: - - type: interface - name: nic1 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: - list_join: - - / - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - type: ovs_bridge - name: br-ex - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ExternalInterfaceDefaultRoute} - members: - - type: interface - name: nic2 - mtu: 1350 - primary: true - - type: interface - name: nic3 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: InternalApiIpSubnet} - - type: interface - name: nic4 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageIpSubnet} - - type: interface - name: nic5 - mtu: 1350 - use_dhcp: false - addresses: - - ip_netmask: {get_param: StorageMgmtIpSubnet} - - type: ovs_bridge - name: br-tenant - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - ip_netmask: {get_param: TenantIpSubnet} - members: - - type: interface - name: nic6 - mtu: 1350 - primary: true - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/nic-configs/swift-storage.yaml b/network-templates/nic-configs/swift-storage.yaml deleted file mode 100644 index f16920d..0000000 --- a/network-templates/nic-configs/swift-storage.yaml +++ /dev/null @@ -1,92 +0,0 @@ -heat_template_version: 2015-04-30 - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - BondInterfaceOvsOptions: - default: 'bond_mode=active-backup' - description: The ovs_options string for the bond interface. Set things like - lacp=active and/or bond_mode=balance-slb using this option. - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - properties: - config: - os_net_config: - network_config: [] - group: os-apply-config - type: OS::Heat::StructuredConfig - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/network-templates/ui-settings.pickle b/network-templates/ui-settings.pickle deleted file mode 100644 index 195eabc..0000000 --- a/network-templates/ui-settings.pickle +++ /dev/null @@ -1,641 +0,0 @@ -(dp0 -S'global_data' -p1 -(dp2 -S'control' -p3 -(dp4 -S'route' -p5 -V192.168.24.1 -p6 -sS'mask' -p7 -I24 -sS'ec2' -p8 -V192.168.24.1 -p9 -ssS'major' -p10 -I1 -sS'management' -p11 -(dp12 -S'start' -p13 -V172.20.0.10 -p14 -sS'cidr' -p15 -V172.20.0.0/24 -p16 -sS'vlan' -p17 -I6 -sS'end' -p18 -V172.20.0.250 -p19 -ssS'dns2' -p20 -V8.8.4.4 -p21 -sS'dns1' -p22 -V8.8.8.8 -p23 -sS'storage' -p24 -(dp25 -g13 -V172.18.0.10 -p26 -sg15 -V172.18.0.0/24 -p27 -sg17 -I3 -sg18 -V172.18.0.250 -p28 -ssS'auto_routes' -p29 -I01 -sS'bond_options' -p30 -V -p31 -sS'external' -p32 -(dp33 -S'bridge' -p34 -V'' -p35 -sg18 -V10.0.0.50 -p36 -sg17 -I1 -sg13 -V10.0.0.10 -p37 -sg15 -V10.0.0.0/24 -p38 -sS'gateway' -p39 -V10.0.0.1 -p40 -ssS'internal_api' -p41 -(dp42 -g13 -V172.17.0.10 -p43 -sg15 -V172.17.0.0/24 -p44 -sg17 -I2 -sg18 -V172.17.0.250 -p45 -ssS'ipv6' -p46 -I00 -sS'storage_mgmt' -p47 -(dp48 -g13 -V172.19.0.10 -p49 -sg15 -V172.19.0.0/24 -p50 -sg17 -I4 -sg18 -V172.19.0.250 -p51 -ssS'minor' -p52 -I2 -sS'tenant' -p53 -(dp54 -g13 -V172.16.0.10 -p55 -sg15 -V172.16.0.0/24 -p56 -sg17 -I5 -sg18 -V172.16.0.250 -p57 -sssS'data' -p58 -(dp59 -S'cinder-storage.yaml' -p60 -(lp61 -sS'ceph-storage.yaml' -p62 -(lp63 -(dp64 -Vaddresses -p65 -(lp66 -sVnetwork -p67 -VControlPlane -p68 -sVprimary -p69 -I01 -sVmtu -p70 -I1350 -sS'members' -p71 -(lp72 -sVroutes -p73 -(lp74 -sVuse_dhcp -p75 -I00 -sVtype -p76 -Vinterface -p77 -sVname -p78 -Vnic1 -p79 -sa(dp80 -Vaddresses -p81 -(lp82 -sVnetwork -p83 -VStorage -p84 -sVprimary -p85 -I01 -sVmtu -p86 -I1350 -sg71 -(lp87 -sVroutes -p88 -(lp89 -sVuse_dhcp -p90 -I00 -sVtype -p91 -Vinterface -p92 -sVname -p93 -Vnic4 -p94 -sa(dp95 -Vaddresses -p96 -(lp97 -sVnetwork -p98 -VStorageMgmt -p99 -sVprimary -p100 -I01 -sVmtu -p101 -I1350 -sg71 -(lp102 -sVroutes -p103 -(lp104 -sVuse_dhcp -p105 -I00 -sVtype -p106 -Vinterface -p107 -sVname -p108 -Vnic5 -p109 -sasS'controller.yaml' -p110 -(lp111 -(dp112 -Vaddresses -p113 -(lp114 -sVnetwork -p115 -VControlPlane -p116 -sVprimary -p117 -I01 -sVmtu -p118 -I1350 -sg71 -(lp119 -sVroutes -p120 -(lp121 -sVuse_dhcp -p122 -I00 -sVtype -p123 -Vinterface -p124 -sVname -p125 -Vnic1 -p126 -sa(dp127 -Vdns_servers -p128 -V{get_param: DnsServers} -p129 -sVaddresses -p130 -(lp131 -sVnetwork -p132 -VExternal -p133 -sVmtu -p134 -I-1 -sg71 -(lp135 -(dp136 -Vaddresses -p137 -(lp138 -sVnetwork -p139 -VNone -p140 -sVprimary -p141 -I01 -sVmtu -p142 -I1350 -sg71 -(lp143 -sVroutes -p144 -(lp145 -sVuse_dhcp -p146 -I00 -sVtype -p147 -Vinterface -p148 -sVname -p149 -Vnic2 -p150 -sasVroutes -p151 -(lp152 -sVuse_dhcp -p153 -I00 -sVtype -p154 -Vovs_bridge -p155 -sVname -p156 -Vbr-ex -p157 -sa(dp158 -Vaddresses -p159 -(lp160 -sVnetwork -p161 -VInternalApi -p162 -sVprimary -p163 -I01 -sVmtu -p164 -I1350 -sg71 -(lp165 -sVroutes -p166 -(lp167 -sVuse_dhcp -p168 -I00 -sVtype -p169 -Vinterface -p170 -sVname -p171 -Vnic3 -p172 -sa(dp173 -Vaddresses -p174 -(lp175 -sVnetwork -p176 -VStorage -p177 -sVprimary -p178 -I01 -sVmtu -p179 -I1350 -sg71 -(lp180 -sVroutes -p181 -(lp182 -sVuse_dhcp -p183 -I00 -sVtype -p184 -Vinterface -p185 -sVname -p186 -Vnic4 -p187 -sa(dp188 -Vaddresses -p189 -(lp190 -sVnetwork -p191 -VStorageMgmt -p192 -sVprimary -p193 -I01 -sVmtu -p194 -I1350 -sg71 -(lp195 -sVroutes -p196 -(lp197 -sVuse_dhcp -p198 -I00 -sVtype -p199 -Vinterface -p200 -sVname -p201 -Vnic5 -p202 -sa(dp203 -Vdns_servers -p204 -V{get_param: DnsServers} -p205 -sVaddresses -p206 -(lp207 -sVnetwork -p208 -VTenant -p209 -sVmtu -p210 -I-1 -sg71 -(lp211 -(dp212 -Vaddresses -p213 -(lp214 -sVnetwork -p215 -VNone -p216 -sVprimary -p217 -I01 -sVmtu -p218 -I1350 -sg71 -(lp219 -sVroutes -p220 -(lp221 -sVuse_dhcp -p222 -I00 -sVtype -p223 -Vinterface -p224 -sVname -p225 -Vnic6 -p226 -sasVroutes -p227 -(lp228 -sVuse_dhcp -p229 -I00 -sVtype -p230 -Vovs_bridge -p231 -sVname -p232 -Vbr-tenant -p233 -sasS'swift-storage.yaml' -p234 -(lp235 -sS'compute.yaml' -p236 -(lp237 -(dp238 -Vaddresses -p239 -(lp240 -sVnetwork -p241 -VControlPlane -p242 -sVprimary -p243 -I01 -sVmtu -p244 -I1350 -sg71 -(lp245 -sVroutes -p246 -(lp247 -sVuse_dhcp -p248 -I00 -sVtype -p249 -Vinterface -p250 -sVname -p251 -Vnic1 -p252 -sa(dp253 -Vaddresses -p254 -(lp255 -sVnetwork -p256 -VInternalApi -p257 -sVprimary -p258 -I01 -sVmtu -p259 -I1350 -sg71 -(lp260 -sVroutes -p261 -(lp262 -sVuse_dhcp -p263 -I00 -sVtype -p264 -Vinterface -p265 -sVname -p266 -Vnic3 -p267 -sa(dp268 -Vaddresses -p269 -(lp270 -sVnetwork -p271 -VStorage -p272 -sVprimary -p273 -I01 -sVmtu -p274 -I1350 -sg71 -(lp275 -sVroutes -p276 -(lp277 -sVuse_dhcp -p278 -I00 -sVtype -p279 -Vinterface -p280 -sVname -p281 -Vnic4 -p282 -sa(dp283 -Vdns_servers -p284 -V{get_param: DnsServers} -p285 -sVaddresses -p286 -(lp287 -sVnetwork -p288 -VTenant -p289 -sVmtu -p290 -I-1 -sg71 -(lp291 -(dp292 -Vaddresses -p293 -(lp294 -sVnetwork -p295 -VNone -p296 -sVprimary -p297 -I01 -sVmtu -p298 -I1350 -sg71 -(lp299 -sVroutes -p300 -(lp301 -sVuse_dhcp -p302 -I00 -sVtype -p303 -Vinterface -p304 -sVname -p305 -Vnic6 -p306 -sasVroutes -p307 -(lp308 -sVuse_dhcp -p309 -I00 -sVtype -p310 -Vovs_bridge -p311 -sVname -p312 -Vbr-tenant -p313 -sass. \ No newline at end of file