From 34fae762aab364559bfcc29510b1c69957dd21f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Fri, 2 Oct 2020 09:18:35 +0200 Subject: [PATCH] Concatenate host_routes and default route in overcloud.yaml Previoously the default route was concatenated with the host_routes in the NetworkConfig. This change moves that concatenation to overcloud.yaml. GroupVars {{network.name_lower}}_host_routes and ctlplane_host_routes will have the default route appended based on role.default_route_networks setting. For heat base NetworkConfig the parameters ControlPlaneStaticRoutes and {{network.name}}InterfaceRoutes will have the default route appropriately appended. Doing the concatenation in overcloud.yaml enable simplified user-facing NetworkConfig templates. For standalone and undercloud define the default_route_networks with an empty list. Cannot leave it undefined as this will default the default route to the ctlplane's gateway. Undercloud and Standalone uses the management interface as the gateway by default, so we should not set a default gateway for these roles. Change-Id: I3a35c4b46536fa2916d9fa387278077884adaf68 --- .../2-linux-bonds-vlans/role.role.j2.yaml | 32 +++---------------- .../controller-no-external.j2.yaml | 6 +--- .../config/bond-with-vlans/role.role.j2.yaml | 24 ++------------ .../multiple-nics-vlans/compute-dvr.j2.yaml | 6 +--- .../multiple-nics-vlans/role.role.j2.yaml | 24 ++------------ .../config/multiple-nics/compute-dvr.j2.yaml | 6 +--- .../config/multiple-nics/role.role.j2.yaml | 24 ++------------ .../role.role.j2.yaml | 16 ++-------- .../controller-no-external.j2.yaml | 4 --- .../config/single-nic-vlans/role.role.j2.yaml | 16 ++-------- overcloud.j2.yaml | 32 ++++++++++++++++--- roles/Standalone.yaml | 4 +++ roles/Undercloud.yaml | 4 +++ roles/UndercloudMinion.yaml | 1 + roles_data_undercloud.yaml | 4 +++ 15 files changed, 61 insertions(+), 142 deletions(-) diff --git a/network/config/2-linux-bonds-vlans/role.role.j2.yaml b/network/config/2-linux-bonds-vlans/role.role.j2.yaml index bd32ad3b33..0208359764 100644 --- a/network/config/2-linux-bonds-vlans/role.role.j2.yaml +++ b/network/config/2-linux-bonds-vlans/role.role.j2.yaml @@ -156,13 +156,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes -{%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %} - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute -{%- endif %} + get_param: ControlPlaneStaticRoutes - type: linux_bond name: bond_api mtu: @@ -195,13 +189,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endfor %} {%- if not role.name.startswith('ComputeOvsDpdk') %} - type: ovs_bridge @@ -236,13 +224,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endfor %} {%- else %} - type: ovs_user_bridge @@ -257,13 +239,7 @@ resources: addresses: - ip_netmask: {get_param: {{network.name}}IpSubnet} routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes - {%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute - {%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endfor %} members: - type: ovs_dpdk_bond diff --git a/network/config/bond-with-vlans/controller-no-external.j2.yaml b/network/config/bond-with-vlans/controller-no-external.j2.yaml index 813eb61b5f..4557f1f5cc 100644 --- a/network/config/bond-with-vlans/controller-no-external.j2.yaml +++ b/network/config/bond-with-vlans/controller-no-external.j2.yaml @@ -105,11 +105,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes - - - default: true # NOTE(hjensas): This is the IPv4 default route - next_hop: - get_param: ControlPlaneDefaultRoute + get_param: ControlPlaneStaticRoutes - type: ovs_bridge name: {get_param: NeutronPhysicalBridge} use_dhcp: true diff --git a/network/config/bond-with-vlans/role.role.j2.yaml b/network/config/bond-with-vlans/role.role.j2.yaml index 06657b4386..ed73379c62 100644 --- a/network/config/bond-with-vlans/role.role.j2.yaml +++ b/network/config/bond-with-vlans/role.role.j2.yaml @@ -136,13 +136,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes -{%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %} - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute -{%- endif %} + get_param: ControlPlaneStaticRoutes {%- if not role.name.startswith('ComputeOvsDpdk') %} - type: ovs_bridge {%- if role.name.startswith('CephStorage') or role.name.startswith('ObjectStorage') or role.name.startswith('BlockStorage') %} @@ -181,13 +175,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endfor %} {%- else %} # Linux bond for non-DPDK traffic required when using DPDK @@ -221,13 +209,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endfor %} # Used as a provider network with external DHCP - type: ovs_user_bridge diff --git a/network/config/multiple-nics-vlans/compute-dvr.j2.yaml b/network/config/multiple-nics-vlans/compute-dvr.j2.yaml index 44f0e2e253..6b417d6be5 100644 --- a/network/config/multiple-nics-vlans/compute-dvr.j2.yaml +++ b/network/config/multiple-nics-vlans/compute-dvr.j2.yaml @@ -103,11 +103,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute + get_param: ControlPlaneStaticRoutes - type: interface name: nic2 mtu: diff --git a/network/config/multiple-nics-vlans/role.role.j2.yaml b/network/config/multiple-nics-vlans/role.role.j2.yaml index 3e33d0e9da..05bbb5d036 100644 --- a/network/config/multiple-nics-vlans/role.role.j2.yaml +++ b/network/config/multiple-nics-vlans/role.role.j2.yaml @@ -126,13 +126,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes -{%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %} - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute -{%- endif %} + get_param: ControlPlaneStaticRoutes {%- set nics_used = [1] %} {%- for network in networks if network.enabled|default(true) and network.name not in role.networks_skip_config|default([]) %} {%- if network.name not in ["External", "Tenant"] %} @@ -152,13 +146,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endif %} {#- We need bridge also for ComputeDVR and Computes with OVN #} {%- elif network.name in role.networks or 'external_bridge' in role.tags %} @@ -190,13 +178,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endif %} {%- endif %} {#- This hack gets around Jinja scope limitations to update nics_used within loop. #} diff --git a/network/config/multiple-nics/compute-dvr.j2.yaml b/network/config/multiple-nics/compute-dvr.j2.yaml index 5b04229531..c924e8af5b 100644 --- a/network/config/multiple-nics/compute-dvr.j2.yaml +++ b/network/config/multiple-nics/compute-dvr.j2.yaml @@ -103,11 +103,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute + get_param: ControlPlaneStaticRoutes - type: interface name: nic2 mtu: diff --git a/network/config/multiple-nics/role.role.j2.yaml b/network/config/multiple-nics/role.role.j2.yaml index 5b012a456f..a0b9a81351 100644 --- a/network/config/multiple-nics/role.role.j2.yaml +++ b/network/config/multiple-nics/role.role.j2.yaml @@ -126,13 +126,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes -{%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %} - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute -{%- endif %} + get_param: ControlPlaneStaticRoutes {%- set nics_used = [1] %} {%- for network in networks if network.enabled|default(true) and network.name not in role.networks_skip_config|default([]) %} {%- if network.name not in ["External", "Tenant"] %} @@ -146,13 +140,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endif %} {#- We need bridge also for ComputeDVR and Computes with OVN #} {%- elif network.name in _role_networks or 'external_bridge' in role.tags %} @@ -172,13 +160,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endif %} members: - type: interface diff --git a/network/config/single-nic-linux-bridge-vlans/role.role.j2.yaml b/network/config/single-nic-linux-bridge-vlans/role.role.j2.yaml index f46d9f7f42..1c131402fd 100644 --- a/network/config/single-nic-linux-bridge-vlans/role.role.j2.yaml +++ b/network/config/single-nic-linux-bridge-vlans/role.role.j2.yaml @@ -136,13 +136,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes -{%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %} - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute -{%- endif %} + get_param: ControlPlaneStaticRoutes members: - type: interface name: {get_param: NeutronPublicInterface} @@ -165,13 +159,7 @@ and network.name not in role.networks_skip_config|default([]) %} - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endfor %} outputs: config: diff --git a/network/config/single-nic-vlans/controller-no-external.j2.yaml b/network/config/single-nic-vlans/controller-no-external.j2.yaml index 5326111abc..c17e74b5fd 100644 --- a/network/config/single-nic-vlans/controller-no-external.j2.yaml +++ b/network/config/single-nic-vlans/controller-no-external.j2.yaml @@ -99,11 +99,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - get_param: ControlPlaneStaticRoutes - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute members: - type: interface name: nic1 diff --git a/network/config/single-nic-vlans/role.role.j2.yaml b/network/config/single-nic-vlans/role.role.j2.yaml index 0cf30685a7..4e99bba3bb 100644 --- a/network/config/single-nic-vlans/role.role.j2.yaml +++ b/network/config/single-nic-vlans/role.role.j2.yaml @@ -132,13 +132,7 @@ resources: - - get_param: ControlPlaneIp - get_param: ControlPlaneSubnetCidr routes: - list_concat_unique: - - get_param: ControlPlaneStaticRoutes -{%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %} - - - default: true - next_hop: - get_param: ControlPlaneDefaultRoute -{%- endif %} + get_param: ControlPlaneStaticRoutes members: - type: interface name: nic1 @@ -156,13 +150,7 @@ resources: - ip_netmask: get_param: {{network.name}}IpSubnet routes: - list_concat_unique: - - get_param: {{network.name}}InterfaceRoutes -{%- if network.name in role.default_route_networks %} - - - default: true - next_hop: - get_param: {{network.name}}InterfaceDefaultRoute -{%- endif %} + get_param: {{network.name}}InterfaceRoutes {%- endfor %} outputs: config: diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index e690260cfa..97759a5aff 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -969,7 +969,13 @@ resources: - {get_param: DnsServers} - {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, dns_nameservers]} ctlplane_subnet_cidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, cidr]}, 1]} - ctlplane_host_routes: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, host_routes]} + ctlplane_host_routes: + list_concat_unique: + - {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, host_routes]} + {%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %} + - - default: true + next_hop: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, gateway_ip]} + {%- endif %} {%- for network in networks if network.enabled|default(true) and network.name in role.networks|default([]) %} {%- if role.networks is mapping %} {%- set _role_net_subnet = role.networks[network.name]['subnet'] %} @@ -978,7 +984,13 @@ resources: {%- endif %} {{network.name_lower}}_mtu: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, network, mtu]} {{network.name_lower}}_gateway_ip: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, gateway_ip]} - {{network.name_lower}}_host_routes: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, host_routes]} + {{network.name_lower}}_host_routes: + list_concat_unique: + - {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, host_routes]} + {%- if network.name in role.default_route_networks %} + - - default: true + next_hop: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, gateway_ip]} + {%- endif %} {{network.name_lower}}_cidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, cidr]}, 1]} {{network.name_lower}}_vlan_id: yaql: @@ -1020,7 +1032,13 @@ resources: ControlPlaneIp: "{{ '{{' }} ctlplane_ip {{ '}}' }}" ControlPlaneSubnetCidr: {str_split: ['/', {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, cidr]}, 1]} ControlPlaneDefaultRoute: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, gateway_ip]} - ControlPlaneStaticRoutes: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, host_routes]} + ControlPlaneStaticRoutes: + list_concat_unique: + - {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, host_routes]} + {%- if role.default_route_networks is not defined or 'ControlPlane' in role.default_route_networks %} + - - default: true + next_hop: {get_attr: [Networks, net_attributes_map, ctlplane, subnets, {get_param: {{role.name}}ControlPlaneSubnet}, gateway_ip]} + {%- endif %} ControlPlaneMtu: {get_attr: [Networks, net_attributes_map, ctlplane, network, mtu]} DnsServers: if: @@ -1034,7 +1052,13 @@ resources: {%- set _role_net_subnet = network.name_lower + '_subnet' %} {%- endif %} {{network.name}}IpSubnet: "{{ '{{' }} {{network.name_lower}}_ip ~ '/' ~ {{network.name_lower}}_cidr {{ '}}' }}" - {{network.name}}InterfaceRoutes: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, host_routes]} + {{network.name}}InterfaceRoutes: + list_concat_unique: + - {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, host_routes]} + {%- if network.name in role.default_route_networks %} + - - default: true + next_hop: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, subnets, {{_role_net_subnet}}, gateway_ip]} + {%- endif %} {{network.name}}Mtu: {get_attr: [Networks, net_attributes_map, {{network.name_lower}}, network, mtu]} {{network.name}}NetworkVlanID: yaql: diff --git a/roles/Standalone.yaml b/roles/Standalone.yaml index dede67ca19..c7730fdb80 100644 --- a/roles/Standalone.yaml +++ b/roles/Standalone.yaml @@ -12,6 +12,10 @@ - primary - controller - standalone + # Define default_route_networks as empty for standalone where management + # interface is used. On single nic systems ControlPlaneStaticRoutes must + # be set in standalone_parameters.yaml. + default_route_networks: [] networks: External: subnet: external_subnet diff --git a/roles/Undercloud.yaml b/roles/Undercloud.yaml index 66a0e74a6c..daa51d9e41 100644 --- a/roles/Undercloud.yaml +++ b/roles/Undercloud.yaml @@ -9,6 +9,10 @@ tags: - primary - controller + # Define default_route_networks as empty for undercloud where management + # interface is used. On single nic a default route must configured in the + # local subnet definition in undercloud.conf + default_route_networks: [] networks: External: subnet: external_subnet diff --git a/roles/UndercloudMinion.yaml b/roles/UndercloudMinion.yaml index f4c86886c8..6980c703e2 100644 --- a/roles/UndercloudMinion.yaml +++ b/roles/UndercloudMinion.yaml @@ -7,6 +7,7 @@ and ironic-conductor via heat using the 'openstack undercloud minion deploy' command. CountDefault: 1 + default_route_networks: [] tags: - primary ServicesDefault: diff --git a/roles_data_undercloud.yaml b/roles_data_undercloud.yaml index beb41b72ba..b56c27ad9c 100644 --- a/roles_data_undercloud.yaml +++ b/roles_data_undercloud.yaml @@ -12,6 +12,10 @@ tags: - primary - controller + # Define default_route_networks as empty for undercloud where management + # interface is used. On single nic a default route must configured in the + # local subnet definition in undercloud.conf + default_route_networks: [] networks: External: subnet: external_subnet