From d4518312486d9e5ad1399f59c04d972abfed4d82 Mon Sep 17 00:00:00 2001
From: Giulio Fidente <gfidente@redhat.com>
Date: Fri, 12 Jun 2015 16:17:19 +0200
Subject: [PATCH] Remove Redis VirtualIP from params and build it from
 Neutron::Port

The redis_vip should come from a Neutron Port as its cidr depends
on the Neutron Network configuration. This change adds 2 new files
and modifies 1 in the network/ports directory:

- noop.yaml - Passes through the ctlplane Controller IP (modified)
- ctlplane_vip.yaml - Creates a new VIP on the control plane
- vip.yaml - Creates a VIP on the named network (for isolated nets)

Also, changes to overcloud-without-mergepy.yaml create the
Redis Virtual IP. The standard resource registry was modified to
use noop.yaml for the new Redis VIP. The Puppet resource registry
was modified to use ctlplane_vip.yaml by default, but can be made
to use vip.yaml when network isolation is used by using an
environment file. vip.yaml will place the VIP according to the
ServiceNetMap, which can also be overridden.

We use this new VIP port definition to assign a VIP to Redis,
but follow-up patches will assign VIPs to the rest of the
services in a similar fashion.

Co-Authored-By: Dan Sneddon <dsneddon@redhat.com>

Change-Id: I2cb44ea7a057c4064d0e1999702623618ee3390c
---
 network/ports/ctlplane_vip.yaml               | 46 +++++++++++++++++++
 network/ports/noop.yaml                       |  8 ++++
 network/ports/vip.yaml                        | 41 +++++++++++++++++
 overcloud-resource-registry-puppet.yaml       |  3 ++
 overcloud-resource-registry.yaml              |  3 ++
 overcloud-without-mergepy.yaml                | 16 +++++--
 .../overcloud_controller_pacemaker.pp         |  6 ++-
 7 files changed, 116 insertions(+), 7 deletions(-)
 create mode 100644 network/ports/ctlplane_vip.yaml
 create mode 100644 network/ports/vip.yaml

diff --git a/network/ports/ctlplane_vip.yaml b/network/ports/ctlplane_vip.yaml
new file mode 100644
index 0000000000..d5001e435f
--- /dev/null
+++ b/network/ports/ctlplane_vip.yaml
@@ -0,0 +1,46 @@
+heat_template_version: 2015-04-30
+
+description: >
+  Creates a port for a VIP on the undercloud ctlplane network.
+
+parameters:
+  NetworkName:
+    description: # Here for compatibility with isolated networks
+    default: ctlplane
+    type: string
+  PortName:
+    description: Name of the port
+    default: ''
+    type: string
+  ControlPlaneIP: # Here for compatability with noop.yaml
+    description: IP address on the control plane
+    type: string
+  ControlPlaneNetwork:
+    description: The name of the undercloud Neutron control plane
+    default: ctlplane
+    type: string
+
+
+resources:
+
+  VipPort:
+    type: OS::Neutron::Port
+    properties:
+      network: {get_param: ControlPlaneNetwork}
+      name: {get_param: PortName}
+      replacement_policy: AUTO
+
+outputs:
+  ip_address:
+    description: Virtual IP network IP
+    value: {get_attr: [VipPort, fixed_ips, 0, ip_address]}
+  ip_subnet:
+    # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+    description: IP/Subnet CIDR for the internal API network IP
+    value:
+          list_join:
+            - ''
+            - - {get_attr: [VipPort, fixed_ips, 0, ip_address]}
+              - '/'
+              - {get_attr: [VipPort, subnets, 0, cidr, -2]}
+              - {get_attr: [VipPort, subnets, 0, cidr, -1]}
diff --git a/network/ports/noop.yaml b/network/ports/noop.yaml
index 80eccf6eb0..9e1a127695 100644
--- a/network/ports/noop.yaml
+++ b/network/ports/noop.yaml
@@ -7,10 +7,18 @@ parameters:
   ControlPlaneIP:
     description: IP address on the control plane
     type: string
+  ControlPlaneNetwork:
+    description: Name of the control plane network
+    default: ctlplane
+    type: string
   PortName:
     description: Name of the port
     default: ''
     type: string
+  NetworkName:
+    description: # Here for compatability with vip.yaml
+    default: ''
+    type: string
   ControlPlaneSubnetCidr: # Override this via parameter_defaults
     default: '24'
     description: The subnet CIDR of the control plane network.
diff --git a/network/ports/vip.yaml b/network/ports/vip.yaml
new file mode 100644
index 0000000000..b957e13229
--- /dev/null
+++ b/network/ports/vip.yaml
@@ -0,0 +1,41 @@
+heat_template_version: 2015-04-30
+
+description: >
+  Creates a port for a VIP on the isolated network NetworkName.
+
+parameters:
+  NetworkName:
+    description: Name of the network where the VIP will be created
+    default: internal_api
+    type: string
+  PortName:
+    description: Name of the port
+    default: ''
+    type: string
+  ControlPlaneIP: # Here for compatability with noop.yaml
+    description: IP address on the control plane
+    type: string
+
+resources:
+
+  VipPort:
+    type: OS::Neutron::Port
+    properties:
+      network: {get_param: NetworkName}
+      name: {get_param: PortName}
+      replacement_policy: AUTO
+
+outputs:
+  ip_address:
+    description: Virtual IP network IP
+    value: {get_attr: [VipPort, fixed_ips, 0, ip_address]}
+  ip_subnet:
+    # FIXME: this assumes a 2 digit subnet CIDR (need more heat functions?)
+    description: IP/Subnet CIDR for the internal API network IP
+    value:
+          list_join:
+            - ''
+            - - {get_attr: [VipPort, fixed_ips, 0, ip_address]}
+              - '/'
+              - {get_attr: [VipPort, subnets, 0, cidr, -2]}
+              - {get_attr: [VipPort, subnets, 0, cidr, -1]}
diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml
index 6e4230482a..213dfc59e0 100644
--- a/overcloud-resource-registry-puppet.yaml
+++ b/overcloud-resource-registry-puppet.yaml
@@ -68,5 +68,8 @@ resource_registry:
   # Cinder backend config for the controller role
   OS::TripleO::Controller::CinderBackend: extraconfig/controller/noop.yaml
 
+  # Port assignments for service virtual IPs for the controller role
+  OS::TripleO::Controller::Ports::RedisVipPort: network/ports/ctlplane_vip.yaml
+
 parameter_defaults:
   EnablePackageInstall: false
diff --git a/overcloud-resource-registry.yaml b/overcloud-resource-registry.yaml
index 7be199da95..78607b517e 100644
--- a/overcloud-resource-registry.yaml
+++ b/overcloud-resource-registry.yaml
@@ -61,3 +61,6 @@ resource_registry:
   OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml
   OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml
   OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
+
+  # Port assignments for service virtual IPs for the controller role
+  OS::TripleO::Controller::Ports::RedisVipPort: network/ports/noop.yaml
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index 661497ceab..89bc97e5d0 100644
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -399,9 +399,6 @@ parameters:
         Specifies the interface where the public-facing virtual ip will be assigned.
         This should be int_public when a VLAN is being used.
     type: string
-  RedisVirtualIP:
-    type: string
-    default: ''  # Has to be here because of the ignored empty value bug
   SSLCertificate:
     default: ''
     description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
@@ -666,7 +663,7 @@ resources:
           RabbitClientPort: {get_param: RabbitClientPort}
           SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
           SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
-          RedisVirtualIP: {get_param: RedisVirtualIP}
+          RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
           SSLCertificate: {get_param: SSLCertificate}
           SSLKey: {get_param: SSLKey}
           SSLCACertificate: {get_param: SSLCACertificate}
@@ -869,6 +866,15 @@ resources:
       fixed_ips: {get_param: ControlFixedIPs}
       replacement_policy: AUTO
 
+  RedisVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Controller::Ports::RedisVipPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
+      PortName: redis_virtual_ip
+      NetworkName: {get_param: [ServiceNetMap, RedisNetwork]}
+
   # same as external
   PublicVirtualIP:
     type: OS::Neutron::Port
@@ -931,7 +937,7 @@ resources:
         ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
         heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
         horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
-        redis_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+        redis_vip: {get_attr: [RedisVirtualIP, ip_address]}
         mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
         rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
         # direct configuration of Virtual IPs for each network
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 1f915830e1..b5bed6dced 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -254,8 +254,10 @@ if hiera('step') >= 2 {
       require         => Class['::redis'],
     }
     $redis_vip = hiera('redis_vip')
-    pacemaker::resource::ip { 'vip-redis':
-      ip_address => $redis_vip,
+    if $redis_vip and $redis_vip != $control_vip {
+        pacemaker::resource::ip { 'vip-redis':
+          ip_address => $redis_vip,
+        }
     }
     pacemaker::constraint::base { 'redis-master-then-vip-redis':
       constraint_type => 'order',