Merge "Make it possible to override ServiceNetMap per-role" into stable/victoria
This commit is contained in:
Zuul
Gerrit Code Review
commit
75c35a7c71
|
|
@ -326,6 +326,17 @@ parameters:
|
||||||
description: |
|
description: |
|
||||||
Name of the subnet on ctlplane network for this role.
|
Name of the subnet on ctlplane network for this role.
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
|
{{role.name}}ServiceNetMap:
|
||||||
|
default: {}
|
||||||
|
description: |
|
||||||
|
Role specific ServiceNetMap overrides, the map provided will be merged
|
||||||
|
with the global ServiceNetMap when passing the ServiceNetMap to the
|
||||||
|
{{role.name}}ServiceChain resource and the {{role.name}} resource group.
|
||||||
|
For example:
|
||||||
|
{{role.name}}ServiceNetMap:
|
||||||
|
NovaLibvirtNetwork: internal_api_leaf2
|
||||||
|
type: json
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
# Identifiers to trigger tasks on nodes
|
# Identifiers to trigger tasks on nodes
|
||||||
|
|
@ -647,7 +658,10 @@ resources:
|
||||||
properties:
|
properties:
|
||||||
Services:
|
Services:
|
||||||
get_param: {{role.name}}Services
|
get_param: {{role.name}}Services
|
||||||
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
|
ServiceNetMap:
|
||||||
|
map_merge:
|
||||||
|
- {get_attr: [ServiceNetMap, service_net_map]}
|
||||||
|
- {get_param: {{role.name}}ServiceNetMap}
|
||||||
ServiceData:
|
ServiceData:
|
||||||
net_cidr_map: {get_attr: [NetCidrMapValue, value]}
|
net_cidr_map: {get_attr: [NetCidrMapValue, value]}
|
||||||
net_vip_map: {get_attr: [VipMap, net_ip_map]}
|
net_vip_map: {get_attr: [VipMap, net_ip_map]}
|
||||||
|
|
@ -828,7 +842,10 @@ resources:
|
||||||
type: OS::TripleO::{{role.name}}
|
type: OS::TripleO::{{role.name}}
|
||||||
properties:
|
properties:
|
||||||
CloudDomain: {get_param: CloudDomain}
|
CloudDomain: {get_param: CloudDomain}
|
||||||
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
|
ServiceNetMap:
|
||||||
|
map_merge:
|
||||||
|
- {get_attr: [ServiceNetMap, service_net_map]}
|
||||||
|
- {get_param: {{role.name}}ServiceNetMap}
|
||||||
EndpointMap: {get_attr: [EndpointMapData, value]}
|
EndpointMap: {get_attr: [EndpointMapData, value]}
|
||||||
Hostname:
|
Hostname:
|
||||||
str_replace:
|
str_replace:
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,21 @@
|
||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
When deploying a spine-and-leaf (L3 routed architecture) with TLS enabled
|
||||||
|
for internal endpoints the deployment would fail because some roles are
|
||||||
|
not connected to the network mapped to the service in ServiceNetMap. To
|
||||||
|
fix this issue a role specific parameter ``{{role.name}}ServiceNetMap`` is
|
||||||
|
introduced (defaults to: ``{}``). The role specific ServiceNetMap parameter
|
||||||
|
allow the operator to override one or more service network mappings
|
||||||
|
per-role. For example::
|
||||||
|
|
||||||
|
ComputeLeaf2ServiceNetMap:
|
||||||
|
NovaLibvirtNetwork: internal_api_leaf2
|
||||||
|
|
||||||
|
The role specific ``{{role.name}}ServiceNetMap`` override is merged with
|
||||||
|
the global ``ServiceNetMap`` when it's passed as a value to the
|
||||||
|
``{{role.name}}ServiceChain`` resources, and the ``{{role.name}}``
|
||||||
|
resource groups so that the correct network for this role is mapped to
|
||||||
|
the service.
|
||||||
|
|
||||||
|
Closes bug: `1904482 <https://bugs.launchpad.net/tripleo/+bug/1904482>`_.
|
||||||
Loading…
Reference in New Issue