heat_template_version: queens description: > OpenStack Neutron L3 agent configured with Puppet parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json Debug: type: boolean default: false description: Set to True to enable debugging on all services. DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json NeutronL3AgentMode: description: | Agent mode for L3 agent. Must be one of legacy or dvr_snat. default: 'legacy' type: string constraints: - allowed_values: - legacy - dvr_snat MonitoringSubscriptionNeutronL3: default: 'overcloud-neutron-l3-agent' type: string NeutronL3AgentDebug: default: '' description: Set to True to enable debugging for Neutron L3 agent. type: string constraints: - allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE'] NeutronL3AgentLoggingSource: type: json default: tag: openstack.neutron.agent.l3 path: /var/log/neutron/l3-agent.log # DEPRECATED: the following options are deprecated and are currently maintained # for backwards compatibility. They will be removed in the Pike cycle. NeutronExternalNetworkBridge: description: Name of bridge used for external network traffic. Usually L2 agent handles port wiring into external bridge, and hence the parameter should be unset. type: string default: '' conditions: service_debug_unset: {equals: [{get_param: NeutronL3AgentDebug}, '']} external_network_bridge_empty: {equals : [{get_param: NeutronExternalNetworkBridge}, "''"]} resources: NeutronBase: type: ./neutron-base.yaml properties: ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} outputs: role_data: description: Role data for the Neutron L3 agent service. value: service_name: neutron_l3 monitoring_subscription: {get_param: MonitoringSubscriptionNeutronL3} logging_source: {get_param: NeutronL3AgentLoggingSource} logging_groups: - neutron config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - neutron::agents::l3::agent_mode: {get_param: NeutronL3AgentMode} neutron::agents::l3::debug: if: - service_debug_unset - {get_param: Debug} - {get_param: NeutronL3AgentDebug} tripleo.neutron_l3.firewall_rules: '106 neutron_l3 vrrp': proto: vrrp - if: - external_network_bridge_empty - {} - neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge} step_config: | include tripleo::profile::base::neutron::l3 upgrade_tasks: - name: Check if neutron_l3_agent is deployed command: systemctl is-enabled neutron-l3-agent tags: common ignore_errors: True register: neutron_l3_agent_enabled - name: "PreUpgrade step0,validation: Check service neutron-l3-agent is running" shell: /usr/bin/systemctl show 'neutron-l3-agent' --property ActiveState | grep '\bactive\b' when: (neutron_l3_agent_enabled.rc == 0) and (step|int == 0) tags: validation - name: Stop neutron_l3 service when: (neutron_l3_agent_enabled.rc == 0) and (step|int == 1) service: name=neutron-l3-agent state=stopped