openstack/tripleo-heat-templates
Code Issues Proposed changes

Merge "Implement MasqueradeNetworks services"

Browse Source
This commit is contained in:
Zuul 2018-03-29 02:58:18 +00:00 committed by Gerrit Code Review
commit 5f830340b1
6 changed files with 79 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
environments/services/masquerade-networks.yaml Normal file
View File

@ -0,0 +1,7 @@
# A Heat environment file that can be used to configure masquerade networks
resource_registry:
OS::TripleO::Services::MasqueradeNetworks: ../../puppet/services/masquerade-networks.yaml
parameter_defaults:
MasqueradeNetworks: {'192.168.24.0/24': ['192.168.24.0/24']}

1
overcloud-resource-registry-puppet.j2.yaml
View File

@ -240,6 +240,7 @@ resource_registry:
OS::TripleO::Services::Fluentd: OS::Heat::None
OS::TripleO::Services::Ipsec: OS::Heat::None
OS::TripleO::Services::Rhsm: OS::Heat::None
OS::TripleO::Services::MasqueradeNetworks: OS::Heat::None
OS::TripleO::Services::Collectd: OS::Heat::None
OS::TripleO::LoggingConfiguration: puppet/services/logging/fluentd-config.yaml
OS::TripleO::Services::ManilaApi: OS::Heat::None

68
puppet/services/masquerade-networks.yaml Normal file
View File

@ -0,0 +1,68 @@
heat_template_version: queens
description: >
Configure TripleO Masquerade networks with Puppet.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MasqueradeNetworks:
default: {'192.168.24.0/24': ['192.168.24.0/24', '192.168.25.0/24']}
description: Hash of masquerade networks to manage.
type: json
outputs:
role_data:
description: Role data for the TripleO Masquerade Networks service.
value:
service_name: masquerade_networks
config_settings:
tripleo.masquerade_networks.firewall_rules:
repeat:
for_each:
NETWORK: {get_param: MasqueradeNetworks}
INDEX:
yaql:
expression: range(len($.data)).select(str($))
data: {get_param: MasqueradeNetworks}
DESTINATIONS:
yaql:
expression: $.data.values().select(' - ' + $.join('\n - '))
data: {get_param: MasqueradeNetworks}
template: >
'137 routed_network return_INDEX':
table: 'nat'
source: 'NETWORK'
destination:
DESTINATIONS
jump: 'RETURN'
'138 routed_network masquerade_INDEX':
table: 'nat'
source: 'NETWORK'
jump: 'MASQUERADE'
step_config: ''
upgrade_tasks: []

1
roles/Undercloud.yaml
View File

@ -50,6 +50,7 @@
- OS::TripleO::Services::ContainersLogrotateCrond
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::Rhsm
- OS::TripleO::Services::MasqueradeNetworks
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage

1
roles/UndercloudLight.yaml
View File

@ -31,6 +31,7 @@
- OS::TripleO::Services::NeutronDhcpAgent
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::Rhsm
- OS::TripleO::Services::MasqueradeNetworks
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage

1
roles_data_undercloud.yaml
View File

@ -53,6 +53,7 @@
- OS::TripleO::Services::ContainersLogrotateCrond
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::Rhsm
- OS::TripleO::Services::MasqueradeNetworks
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftRingBuilder
- OS::TripleO::Services::SwiftStorage