Browse Source

Add Management Network For System Administration.

This change adds a system management network to all overcloud
nodes. The purpose of this network is for system administration,
for access to infrastructure services like DNS or NTP, or for
monitoring. This allows the management network to be placed on a
bond for redundancy, or for the system management network to be
an out-of-band network with no routing in or out. The management
network might also be configured as a default route instead of the
provisioning 'ctlplane' network.

This change does not enable the management network by default. An
environment file named network-management.yaml may be included to
enable the network and ports for each role. The included NIC config
templates have been updated with a block that may be uncommented
when the management network is enabled.

This change also contains some minor cleanup to the NIC templates,
particularly the multiple nic templates.

Change-Id: I0813a13f60a4f797be04b34258a2cffa9ea7e84f
changes/57/226057/26
Dan Sneddon 7 years ago committed by Ben Nemec
parent
commit
15bb67261a
  1. 10
      environments/network-isolation.yaml
  2. 24
      environments/network-management.yaml
  3. 4
      net-config-bond.yaml
  4. 4
      net-config-bridge.yaml
  5. 4
      net-config-noop.yaml
  6. 26
      network/config/bond-with-vlans/README.md
  7. 16
      network/config/bond-with-vlans/ceph-storage.yaml
  8. 16
      network/config/bond-with-vlans/cinder-storage.yaml
  9. 16
      network/config/bond-with-vlans/compute.yaml
  10. 17
      network/config/bond-with-vlans/controller-no-external.yaml
  11. 18
      network/config/bond-with-vlans/controller.yaml
  12. 16
      network/config/bond-with-vlans/swift-storage.yaml
  13. 18
      network/config/multiple-nics/README.md
  14. 20
      network/config/multiple-nics/ceph-storage.yaml
  15. 20
      network/config/multiple-nics/cinder-storage.yaml
  16. 32
      network/config/multiple-nics/compute.yaml
  17. 23
      network/config/multiple-nics/controller.yaml
  18. 20
      network/config/multiple-nics/swift-storage.yaml
  19. 24
      network/config/single-nic-vlans/README.md
  20. 15
      network/config/single-nic-vlans/ceph-storage.yaml
  21. 15
      network/config/single-nic-vlans/cinder-storage.yaml
  22. 15
      network/config/single-nic-vlans/compute.yaml
  23. 15
      network/config/single-nic-vlans/controller-no-external.yaml
  24. 14
      network/config/single-nic-vlans/controller.yaml
  25. 15
      network/config/single-nic-vlans/swift-storage.yaml
  26. 64
      network/management.yaml
  27. 3
      network/networks.yaml
  28. 42
      network/ports/management.yaml
  29. 4
      network/ports/net_ip_list_map.yaml
  30. 4
      network/ports/net_ip_map.yaml
  31. 4
      network/ports/net_ip_subnet_map.yaml
  32. 6
      overcloud-resource-registry-puppet.yaml
  33. 3
      overcloud.yaml
  34. 11
      puppet/ceph-storage.yaml
  35. 10
      puppet/cinder-storage.yaml
  36. 10
      puppet/compute.yaml
  37. 11
      puppet/controller.yaml
  38. 10
      puppet/swift-storage.yaml

10
environments/network-isolation.yaml

@ -7,6 +7,8 @@ resource_registry:
OS::TripleO::Network::StorageMgmt: ../network/storage_mgmt.yaml
OS::TripleO::Network::Storage: ../network/storage.yaml
OS::TripleO::Network::Tenant: ../network/tenant.yaml
# Management network is optional and disabled by default
OS::TripleO::Network::Management: ../network/noop.yaml
# Port assignments for the VIPs
OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external.yaml
@ -21,22 +23,30 @@ resource_registry:
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant.yaml
OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for the compute role
OS::TripleO::Compute::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::Compute::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::Compute::Ports::TenantPort: ../network/ports/tenant.yaml
OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for the ceph storage role
OS::TripleO::CephStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::CephStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for the swift storage role
OS::TripleO::SwiftStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::SwiftStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for the block storage role
OS::TripleO::BlockStorage::Ports::InternalApiPort: ../network/ports/internal_api.yaml
OS::TripleO::BlockStorage::Ports::StoragePort: ../network/ports/storage.yaml
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: ../network/ports/storage_mgmt.yaml
OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/noop.yaml
# Port assignments for service virtual IPs for the controller role
OS::TripleO::Controller::Ports::RedisVipPort: ../network/ports/vip.yaml

24
environments/network-management.yaml

@ -0,0 +1,24 @@
# Enable the creation of a system management network. This
# creates a Neutron network for isolated Overcloud
# system management traffic and configures each role to
# assign a port (related to that role) on that network.
# Note that the basic sample NIC configuration templates
# do not include the management network, see the
# single-nic-vlans-mgmt templates for an example.
resource_registry:
OS::TripleO::Network::Management: ../network/management.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the compute role
OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the ceph storage role
OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the swift storage role
OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml
# Port assignments for the block storage role
OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml

4
net-config-bond.yaml

@ -28,6 +28,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet:
default: ''
description: IP address/subnet on the management network
type: string
resources:
OsNetConfigImpl:

4
net-config-bridge.yaml

@ -28,6 +28,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet:
default: ''
description: IP address/subnet on the management network
type: string
resources:
OsNetConfigImpl:

4
net-config-noop.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet:
default: ''
description: IP address/subnet on the management network
type: string
resources:
OsNetConfigImpl:

26
network/config/bond-with-vlans/README.md

@ -3,10 +3,9 @@ Vlans on a bonded pair of NICs for each Overcloud role.
There are two versions of the controller role template, one with
an external network interface, and another without. If the
external network interface is not configured the ctlplane address
external network interface is not configured, the ctlplane address
ranges will be used for external (public) network traffic.
Configuration
-------------
@ -20,8 +19,31 @@ something like this:
OS::TripleO::ObjectStorage::Net::SoftwareConfig: network/config/bond-with-vlans/swift-storage.yaml
OS::TripleO::CephStorage::Net::SoftwareConfig: network/config/bond-with-vlans/ceph-storage.yaml
Or use this Heat environment file:
environments/net-bond-with-vlans.yaml
Configuration with no External Network
--------------------------------------
Same as above except set the following value for the controller role:
OS::TripleO::Controller::Net::SoftwareConfig: network/config/bond-with-vlans/controller-no-external.yaml
Configuration with System Management Network
--------------------------------------------
To enable the optional System Management network, create a Heat environment
that looks something like this:
resource\_registry:
OS::TripleO::Network::Management: ../network/management.yaml
OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml
Or use this Heat environment file:
environments/network-management.yaml

16
network/config/bond-with-vlans/ceph-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
BondInterfaceOvsOptions:
default: ''
description: The ovs_options string for the bond interface. Set things like
@ -42,6 +46,10 @@ parameters:
default: 40
description: Vlan ID for the storage mgmt network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -114,6 +122,14 @@ resources:
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# device: bond1
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

16
network/config/bond-with-vlans/cinder-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
BondInterfaceOvsOptions:
default: ''
description: The ovs_options string for the bond interface. Set things like
@ -46,6 +50,10 @@ parameters:
default: 40
description: Vlan ID for the storage mgmt network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -125,6 +133,14 @@ resources:
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# device: bond1
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

16
network/config/bond-with-vlans/compute.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
BondInterfaceOvsOptions:
default: ''
description: The ovs_options string for the bond interface. Set things like
@ -46,6 +50,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -125,6 +133,14 @@ resources:
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# device: bond1
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

17
network/config/bond-with-vlans/controller-no-external.yaml

@ -25,6 +25,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
BondInterfaceOvsOptions:
default: ''
description: The ovs_options string for the bond interface. Set things like
@ -50,6 +54,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
@ -66,6 +74,7 @@ resources:
-
type: ovs_bridge
name: {get_input: bridge_name}
use_dhcp: true
members:
-
type: ovs_bond
@ -107,6 +116,14 @@ resources:
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# device: bond1
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

18
network/config/bond-with-vlans/controller.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
BondInterfaceOvsOptions:
default: 'bond_mode=active-backup'
description: The ovs_options string for the bond interface. Set things like
@ -54,6 +58,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
@ -119,7 +127,7 @@ resources:
ip_netmask: {get_param: ExternalIpSubnet}
routes:
-
ip_netmask: 0.0.0.0/0
default: true
next_hop: {get_param: ExternalInterfaceDefaultRoute}
-
type: vlan
@ -149,6 +157,14 @@ resources:
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# device: bond1
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

16
network/config/bond-with-vlans/swift-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
BondInterfaceOvsOptions:
default: ''
description: The ovs_options string for the bond interface. Set things like
@ -46,6 +50,10 @@ parameters:
default: 40
description: Vlan ID for the storage mgmt network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -125,6 +133,14 @@ resources:
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# device: bond1
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

18
network/config/multiple-nics/README.md

@ -19,3 +19,21 @@ something like this:
Or use this Heat environment file:
environments/net-multiple-nics.yaml
Configuration with System Management Network
--------------------------------------------
To enable the optional System Management network, create a Heat environment
that looks something like this:
resource\_registry:
OS::TripleO::Network::Management: ../network/management.yaml
OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml
Or use this Heat environment file:
environments/network-management.yaml

20
network/config/multiple-nics/ceph-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
ExternalNetworkVlanID:
default: 10
description: Vlan ID for the external network traffic.
@ -49,6 +53,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
@ -58,12 +66,12 @@ parameters:
description: The subnet CIDR of the control plane network.
type: string
ControlPlaneDefaultRoute: # Override this via parameter_defaults
description: The subnet CIDR of the control plane network.
description: The default route of the control plane network.
type: string
DnsServers: # Override this via parameter_defaults
default: []
description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
type: json
type: comma_delimited_list
EC2MetadataIp: # Override this via parameter_defaults
description: The IP address of the EC2 metadata server.
type: string
@ -109,6 +117,14 @@ resources:
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: interface
# name: nic7
# use_dhcp: false
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

20
network/config/multiple-nics/cinder-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
ExternalNetworkVlanID:
default: 10
description: Vlan ID for the external network traffic.
@ -49,6 +53,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
@ -58,12 +66,12 @@ parameters:
description: The subnet CIDR of the control plane network.
type: string
ControlPlaneDefaultRoute: # Override this via parameter_defaults
description: The subnet CIDR of the control plane network.
description: The default route of the control plane network.
type: string
DnsServers: # Override this via parameter_defaults
default: []
description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
type: json
type: comma_delimited_list
EC2MetadataIp: # Override this via parameter_defaults
description: The IP address of the EC2 metadata server.
type: string
@ -116,6 +124,14 @@ resources:
addresses:
-
ip_netmask: {get_param: InternalApiIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: interface
# name: nic7
# use_dhcp: false
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

32
network/config/multiple-nics/compute.yaml

@ -29,6 +29,14 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
ExternalNetworkVlanID:
default: 10
description: Vlan ID for the external network traffic.
type: number
InternalApiNetworkVlanID:
default: 20
description: Vlan ID for the internal_api network traffic.
@ -37,21 +45,33 @@ parameters:
default: 30
description: Vlan ID for the storage network traffic.
type: number
StorageMgmtNetworkVlanID:
default: 40
description: Vlan ID for the storage mgmt network traffic.
type: number
TenantNetworkVlanID:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
type: string
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
type: string
ControlPlaneDefaultRoute: # Override this via parameter_defaults
description: The subnet CIDR of the control plane network.
description: The default route of the control plane network.
type: string
DnsServers: # Override this via parameter_defaults
default: []
description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
type: json
type: comma_delimited_list
EC2MetadataIp: # Override this via parameter_defaults
description: The IP address of the EC2 metadata server.
type: string
@ -112,6 +132,14 @@ resources:
use_dhcp: false
# force the MAC address of the bridge to this interface
primary: true
# Uncomment when including environments/network-management.yaml
#-
# type: interface
# name: nic7
# use_dhcp: false
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

23
network/config/multiple-nics/controller.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
ExternalNetworkVlanID:
default: 10
description: Vlan ID for the external network traffic.
@ -49,6 +53,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
@ -58,12 +66,12 @@ parameters:
description: The subnet CIDR of the control plane network.
type: string
ControlPlaneDefaultRoute: # Override this via parameter_defaults
description: The subnet CIDR of the control plane network.
description: The default route of the control plane network.
type: string
DnsServers: # Override this via parameter_defaults
default: []
description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
type: json
type: comma_delimited_list
EC2MetadataIp: # Override this via parameter_defaults
description: The IP address of the EC2 metadata server.
type: string
@ -131,13 +139,14 @@ resources:
-
type: ovs_bridge
name: {get_input: bridge_name}
dns_servers: {get_param: DnsServers}
use_dhcp: false
addresses:
-
ip_netmask: {get_param: ExternalIpSubnet}
routes:
-
ip_netmask: 0.0.0.0/0
default: true
next_hop: {get_param: ExternalInterfaceDefaultRoute}
members:
-
@ -145,6 +154,14 @@ resources:
name: nic6
# force the MAC address of the bridge to this interface
primary: true
# Uncomment when including environments/network-management.yaml
#-
# type: interface
# name: nic7
# use_dhcp: false
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

20
network/config/multiple-nics/swift-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
ExternalNetworkVlanID:
default: 10
description: Vlan ID for the external network traffic.
@ -49,6 +53,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
@ -58,12 +66,12 @@ parameters:
description: The subnet CIDR of the control plane network.
type: string
ControlPlaneDefaultRoute: # Override this via parameter_defaults
description: The subnet CIDR of the control plane network.
description: The default route of the control plane network.
type: string
DnsServers: # Override this via parameter_defaults
default: []
description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
type: json
type: comma_delimited_list
EC2MetadataIp: # Override this via parameter_defaults
description: The IP address of the EC2 metadata server.
type: string
@ -116,6 +124,14 @@ resources:
addresses:
-
ip_netmask: {get_param: InternalApiIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: interface
# name: nic7
# use_dhcp: false
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

24
network/config/single-nic-vlans/README.md

@ -1,9 +1,9 @@
This directory contains Heat templates to help configure
Vlans on a single NICs for each Overcloud role.
Vlans on a single NIC for each Overcloud role.
There are two versions of the controller role template, one with
an external network interface, and another without. If the
external network interface is not configured the ctlplane address
external network interface is not configured, the ctlplane address
ranges will be used for external (public) network traffic.
Configuration
@ -23,9 +23,27 @@ Or use this Heat environment file:
environments/net-single-nic-with-vlans.yaml
Configuration with no External Network
--------------------------------------
Same as above except set the following value for the controller role:
OS::TripleO::Controller::Net::SoftwareConfig: network/config/single-nic-vlans/controller-no-external.yaml
Configuration with System Management Network
--------------------------------------------
To enable the optional System Management network, create a Heat environment
that looks something like this:
resource\_registry:
OS::TripleO::Network::Management: ../network/management.yaml
OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::Compute::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::CephStorage::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::SwiftStorage::Ports::ManagementPort: ../network/ports/management.yaml
OS::TripleO::BlockStorage::Ports::ManagementPort: ../network/ports/management.yaml
Or use this Heat environment file:
environments/network-management.yaml

15
network/config/single-nic-vlans/ceph-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
StorageNetworkVlanID:
default: 30
description: Vlan ID for the storage network traffic.
@ -37,6 +41,10 @@ parameters:
default: 40
description: Vlan ID for the storage mgmt network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -97,6 +105,13 @@ resources:
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

15
network/config/single-nic-vlans/cinder-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
InternalApiNetworkVlanID:
default: 20
description: Vlan ID for the internal_api network traffic.
@ -41,6 +45,10 @@ parameters:
default: 40
description: Vlan ID for the storage mgmt network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -107,6 +115,13 @@ resources:
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

15
network/config/single-nic-vlans/compute.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
InternalApiNetworkVlanID:
default: 20
description: Vlan ID for the internal_api network traffic.
@ -41,6 +45,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -107,6 +115,13 @@ resources:
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

15
network/config/single-nic-vlans/controller-no-external.yaml

@ -25,6 +25,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
ExternalNetworkVlanID:
default: 10
description: Vlan ID for the external network traffic.
@ -45,6 +49,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
@ -92,6 +100,13 @@ resources:
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

14
network/config/single-nic-vlans/controller.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
ExternalNetworkVlanID:
default: 10
description: Vlan ID for the external network traffic.
@ -49,6 +53,10 @@ parameters:
default: 50
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: '10.0.0.1'
description: default route for the external network
@ -129,6 +137,12 @@ resources:
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
#- # Uncomment when including environments/network-management.yaml
# type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

15
network/config/single-nic-vlans/swift-storage.yaml

@ -29,6 +29,10 @@ parameters:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
InternalApiNetworkVlanID:
default: 20
description: Vlan ID for the internal_api network traffic.
@ -41,6 +45,10 @@ parameters:
default: 40
description: Vlan ID for the storage mgmt network traffic.
type: number
ManagementNetworkVlanID:
default: 60
description: Vlan ID for the management network traffic.
type: number
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -107,6 +115,13 @@ resources:
addresses:
-
ip_netmask: {get_param: StorageMgmtIpSubnet}
# Uncomment when including environments/network-management.yaml
#-
# type: vlan
# vlan_id: {get_param: ManagementNetworkVlanID}
# addresses:
# -
# ip_netmask: {get_param: ManagementIpSubnet}
outputs:
OS::stack_id:

64
network/management.yaml

@ -0,0 +1,64 @@
heat_template_version: 2015-04-30
description: >
Management network. System administration, SSH, DNS, NTP, etc. This network
would usually be the default gateway for the non-controller nodes.
parameters:
# the defaults here work for static IP assignment (IPAM) only
ManagementNetCidr:
default: '10.0.1.0/24'
description: Cidr for the management network.
type: string
ManagementNetValueSpecs:
default: {'provider:physical_network': 'management', 'provider:network_type': 'flat'}
description: Value specs for the management network.
type: string
ManagementNetAdminStateUp:
default: false
description: This admin state of of the network.
type: boolean
ManagementNetEnableDHCP:
default: false
description: Whether to enable DHCP on the associated subnet.
type: boolean
ManagementNetShared:
default: false
description: Whether this network is shared across all tenants.
type: boolean
ManagementNetName:
default: management
description: The name of the management network.
type: string
ManagementSubnetName:
default: management_subnet
description: The name of the management subnet in Neutron.
type: string
ManagementAllocationPools:
default: [{'start': '10.0.1.4', 'end': '10.0.1.250'}]
description: Ip allocation pool range for the management network.
type: json
resources:
ManagementNetwork:
type: OS::Neutron::Net
properties:
admin_state_up: {get_param: ManagementNetAdminStateUp}
name: {get_param: ManagementNetName}
shared: {get_param: ManagementNetShared}
value_specs: {get_param: ManagementNetValueSpecs}
ManagementSubnet:
type: OS::Neutron::Subnet
properties:
cidr: {get_param: ManagementNetCidr}
enable_dhcp: {get_param: ManagementNetEnableDHCP}
name: {get_param: ManagementSubnetName}
network: {get_resource: ManagementNetwork}
allocation_pools: {get_param: ManagementAllocationPools}
outputs:
OS::stack_id:
description: Neutron management network
value: {get_resource: ManagementNetwork}

3
network/networks.yaml

@ -18,3 +18,6 @@ resources:
TenantNetwork:
type: OS::TripleO::Network::Tenant
ManagementNetwork:
type: OS::TripleO::Network::Management

42
network/ports/management.yaml

@ -0,0 +1,42 @@
heat_template_version: 2015-04-30
description: >
Creates a port on the management network. The IP address will be chosen
automatically if FixedIPs is empty.
parameters:
ManagementNetName:
description: Name of the management neutron network
default: management
type: string
PortName:
description: Name of the port
default: ''
type: string
ControlPlaneIP: # Here for compatibility with noop.yaml
description: IP address on the control plane
type: string
resources:
ManagementPort:
type: OS::Neutron::Port
properties:
network: {get_param: ManagementNetName}
name: {get_param: PortName}
replacement_policy: AUTO
outputs:
ip_address:
description: management network IP
value: {get_attr: [ManagementPort, fixed_ips, 0, ip_address]}
ip_subnet:
# FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
description: IP/Subnet CIDR for the management network IP
value:
list_join:
- ''
- - {get_attr: [ManagementPort, fixed_ips, 0, ip_address]}
- '/'
- {get_attr: [ManagementPort, subnets, 0, cidr, -2]}
- {get_attr: [ManagementPort, subnets, 0, cidr, -1]}

4
network/ports/net_ip_list_map.yaml

@ -19,6 +19,9 @@ parameters:
TenantIpList:
default: []
type: comma_delimited_list
ManagementIpList:
default: []
type: comma_delimited_list
outputs:
net_ip_map:
@ -32,3 +35,4 @@ outputs:
storage: {get_param: StorageIpList}
storage_mgmt: {get_param: StorageMgmtIpList}
tenant: {get_param: TenantIpList}
management: {get_param: ManagementIpList}

4
network/ports/net_ip_map.yaml

@ -19,6 +19,9 @@ parameters:
TenantIp:
default: ''
type: string
ManagementIp:
default: ''
type: string
outputs:
net_ip_map:
@ -32,3 +35,4 @@ outputs:
storage: {get_param: StorageIp}
storage_mgmt: {get_param: StorageMgmtIp}
tenant: {get_param: TenantIp}
management: {get_param: ManagementIp}

4
network/ports/net_ip_subnet_map.yaml

@ -19,6 +19,9 @@ parameters:
TenantIpSubnet:
default: ''
type: string
ManagementIpSubnet:
default: ''
type: string
ControlPlaneSubnetCidr: # Override this via parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
@ -41,3 +44,4 @@ outputs:
storage: {get_param: StorageIpSubnet}
storage_mgmt: {get_param: StorageMgmtIpSubnet}
tenant: {get_param: TenantIpSubnet}
management: {get_param: ManagementIpSubnet}

6
overcloud-resource-registry-puppet.yaml

@ -61,6 +61,7 @@ resource_registry:
OS::TripleO::Network::StorageMgmt: network/noop.yaml
OS::TripleO::Network::Storage: network/noop.yaml
OS::TripleO::Network::Tenant: network/noop.yaml
OS::TripleO::Network::Management: network/noop.yaml
OS::TripleO::Network::Ports::NetVipMap: network/ports/net_ip_map.yaml
OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml
@ -80,25 +81,30 @@ resource_registry:
OS::TripleO::Controller::Ports::StoragePort: network/ports/noop.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: network/ports/noop.yaml
OS::TripleO::Controller::Ports::TenantPort: network/ports/noop.yaml
OS::TripleO::Controller::Ports::ManagementPort: network/ports/noop.yaml
# Port assignments for the compute role
OS::TripleO::Compute::Ports::InternalApiPort: network/ports/noop.yaml
OS::TripleO::Compute::Ports::StoragePort: network/ports/noop.yaml
OS::TripleO::Compute::Ports::TenantPort: network/ports/noop.yaml
OS::TripleO::Compute::Ports::ManagementPort: network/ports/noop.yaml
# Port assignments for the ceph storage role
OS::TripleO::CephStorage::Ports::StoragePort: network/ports/noop.yaml
OS::TripleO::CephStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
OS::TripleO::CephStorage::Ports::ManagementPort: network/ports/noop.yaml
# Port assignments for the swift storage role
OS::TripleO::SwiftStorage::Ports::InternalApiPort: network/ports/noop.yaml
OS::TripleO::SwiftStorage::Ports::StoragePort: network/ports/noop.yaml
OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
OS::TripleO::SwiftStorage::Ports::ManagementPort: network/ports/noop.yaml
# Port assignments for the block storage role
OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
OS::TripleO::BlockStorage::Ports::ManagementPort: network/ports/noop.yaml
# Service Endpoint Mappings
OS::TripleO::Endpoint: network/endpoints/endpoint.yaml

3
overcloud.yaml

@ -1139,6 +1139,7 @@ resources:
StorageIpList: {get_attr: [Controller, storage_ip_address]}
StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
TenantIpList: {get_attr: [Controller, tenant_ip_address]}
ManagementIpList: {get_attr: [Controller, management_ip_address]}
allNodesConfig:
type: OS::TripleO::AllNodes::SoftwareConfig
@ -1248,7 +1249,7 @@ resources:
InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
# No tenant VIP required
# No tenant or management VIP required
VipConfig:
type: OS::TripleO::VipConfig

11
puppet/ceph-storage.yaml

@ -122,12 +122,18 @@ resources:
properties:
ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
ManagementPort:
type: OS::TripleO::CephStorage::Ports::ManagementPort
properties:
ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
NetworkConfig:
type: OS::TripleO::CephStorage::Net::SoftwareConfig
properties:
ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]}
StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
NetIpMap:
type: OS::TripleO::Network::Ports::NetIpMap
@ -135,6 +141,7 @@ resources:
ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]}
StorageIp: {get_attr: [StoragePort, ip_address]}