diff --git a/network/config/multiple-nics-vlans/role.role.j2.yaml b/network/config/multiple-nics-vlans/role.role.j2.yaml index 4e793f2979..39d2abe529 100644 --- a/network/config/multiple-nics-vlans/role.role.j2.yaml +++ b/network/config/multiple-nics-vlans/role.role.j2.yaml @@ -42,7 +42,7 @@ parameters: guaranteed to pass through the data path of the segments in the network. (The parameter is automatically resolved from the ctlplane network's mtu attribute.) type: number -{% for network in networks if network.enabled|default(true) and network.name in role.networks %} +{% for network in networks if network.enabled|default(true) and network.name in _role_networks %} {{network.name}}IpSubnet: default: '' description: IP address/subnet on the {{network.name_lower}} network @@ -74,7 +74,7 @@ parameters: from the subnet host_routes attribute. type: json {%- endfor %} -{% for network in networks if network.name == "External" and 'external_bridge' in role.tags and not network.name in role.networks %} +{% for network in networks if network.name == "External" and 'external_bridge' in role.tags and not network.name in _role_networks %} {{network.name}}Mtu: default: {{network.mtu|default('1500')}} description: The maximum transmission unit (MTU) size(in bytes) that is diff --git a/network/config/multiple-nics/role.role.j2.yaml b/network/config/multiple-nics/role.role.j2.yaml index 6053125d56..57a5e361cb 100644 --- a/network/config/multiple-nics/role.role.j2.yaml +++ b/network/config/multiple-nics/role.role.j2.yaml @@ -42,7 +42,7 @@ parameters: guaranteed to pass through the data path of the segments in the network. (The parameter is automatically resolved from the ctlplane network's mtu attribute.) type: number -{% for network in networks if network.enabled|default(true) and network.name in role.networks %} +{% for network in networks if network.enabled|default(true) and network.name in _role_networks %} {{network.name}}IpSubnet: default: '' description: IP address/subnet on the {{network.name_lower}} network @@ -74,7 +74,7 @@ parameters: from the subnet host_routes attribute. type: json {%- endfor %} -{% for network in networks if network.name == "External" and 'external_bridge' in role.tags and not network.name in role.networks %} +{% for network in networks if network.name == "External" and 'external_bridge' in role.tags and not network.name in _role_networks %} {{network.name}}Mtu: default: {{network.mtu|default('1500')}} description: The maximum transmission unit (MTU) size(in bytes) that is @@ -156,7 +156,7 @@ resources: {%- endif %} {%- endif %} {#- We need bridge also for ComputeDVR and Computes with OVN #} -{%- elif network.name in role.networks or 'external_bridge' in role.tags %} +{%- elif network.name in _role_networks or 'external_bridge' in role.tags %} - type: ovs_bridge {%- if network.name == "External" %} name: bridge_name diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 6d52655640..9378c90b96 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -18,13 +18,14 @@ resource_registry: {%- for network in networks if network.enabled|default(true) and network.name in role.networks|default([]) %} OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: network/ports/noop.yaml {%- endfor %} + {%- if 'external_bridge' in role.tags %} + # Create Neutron external bridge for floating IPs and/or SNAT + OS::TripleO::{{role.name}}::Net::SoftwareConfig: net-config-bridge.yaml + {%- else %} OS::TripleO::{{role.name}}::Net::SoftwareConfig: net-config-noop.yaml + {%- endif %} {% endfor %} - # This resource registry entry will override the one generated by default - # in the jinja loop - OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml - {% for role in roles %} OS::TripleO::{{role.name}}ServiceServerMetadataHook: OS::Heat::None {%- endfor %} diff --git a/releasenotes/notes/external-bridge-by-default-on-compute-f3ff6bf46ab80640.yaml b/releasenotes/notes/external-bridge-by-default-on-compute-f3ff6bf46ab80640.yaml new file mode 100644 index 0000000000..f3ced7f21f --- /dev/null +++ b/releasenotes/notes/external-bridge-by-default-on-compute-f3ff6bf46ab80640.yaml @@ -0,0 +1,15 @@ +--- +features: + - | + This change updates the multiple-nics and multiple-nics-vlans templates so + that an external bridge is created if either the role uses the External + network or the "external_bridge" tag is set in the role definition. This + is done instead of checking if the role name is "Controller". This + change also assigns the "external_bridge" tag to the Controller as well + as the Compute roles so that both roles can access the Neutron external + bridge for floating IPs or SNAT by default so that OVN can use DVR. +upgrade: + - | + The "external_bridge" tag is now used for the Compute node. An external + network bridge is required on the compute nodes in order to host floating + IPs when using DVR. OVN deploys with DVR by default. diff --git a/roles/Controller.yaml b/roles/Controller.yaml index 45612a8380..a5086299d7 100644 --- a/roles/Controller.yaml +++ b/roles/Controller.yaml @@ -9,6 +9,9 @@ tags: - primary - controller + # Create external Neutron bridge for SNAT (and floating IPs when using + # ML2/OVS without DVR) + - external_bridge networks: External: subnet: external_subnet diff --git a/roles_data.yaml b/roles_data.yaml index 7400c22649..92c1bea4da 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -12,6 +12,9 @@ tags: - primary - controller + # Create external Neutron bridge for SNAT (and floating IPs when using + # ML2/OVS without DVR) + - external_bridge networks: External: subnet: external_subnet