Merge "Configure http/https on OVN Metadata service to talk to Nova"

This commit is contained in:
Zuul 2018-10-03 19:30:17 +00:00 committed by Gerrit Code Review
commit 5c3ed37336

View File

@ -30,6 +30,9 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry. via parameter_defaults in the resource registry.
type: json type: json
EnableInternalTLS:
type: boolean
default: false
NeutronMetadataProxySharedSecret: NeutronMetadataProxySharedSecret:
description: Shared secret to prevent spoofing description: Shared secret to prevent spoofing
type: string type: string
@ -79,6 +82,7 @@ parameters:
conditions: conditions:
neutron_workers_unset: {equals : [{get_param: NeutronWorkers}, '']} neutron_workers_unset: {equals : [{get_param: NeutronWorkers}, '']}
service_debug_unset: {equals: [{get_param: OvnMetadataAgentDebug}, '']} service_debug_unset: {equals: [{get_param: OvnMetadataAgentDebug}, '']}
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
resources: resources:
@ -107,6 +111,12 @@ outputs:
neutron::agents::ovn_metadata::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] } neutron::agents::ovn_metadata::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
neutron::agents::ovn_metadata::auth_tenant: 'service' neutron::agents::ovn_metadata::auth_tenant: 'service'
neutron::agents::ovn_metadata::metadata_ip: "%{hiera('nova_metadata_vip')}" neutron::agents::ovn_metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
neutron::agents::ovn_metadata::metadata_host:
str_replace:
template:
"%{hiera('cloud_name_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, NovaMetadataNetwork]}
neutron::agents::ovn_metadata::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout} neutron::agents::ovn_metadata::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
ovn::southbound::port: {get_param: OVNSouthboundServerPort} ovn::southbound::port: {get_param: OVNSouthboundServerPort}
neutron::agents::ovn_metadata::debug: neutron::agents::ovn_metadata::debug:
@ -114,6 +124,11 @@ outputs:
- service_debug_unset - service_debug_unset
- {get_param: Debug} - {get_param: Debug}
- {get_param: OvnMetadataAgentDebug} - {get_param: OvnMetadataAgentDebug}
neutron::agents::ovn_metadata::metadata_protocol:
if:
- internal_tls_enabled
- 'https'
- 'http'
- -
if: if:
- neutron_workers_unset - neutron_workers_unset