heat_template_version: rocky description: > OpenDaylight SDN Controller. parameters: OpenDaylightUsername: default: 'admin' description: The username for the opendaylight server. type: string OpenDaylightPassword: type: string description: The password for the opendaylight server. hidden: true OpenDaylightFeatures: description: List of features to install with ODL type: comma_delimited_list default: ["odl-netvirt-openstack","odl-jolokia"] OpenDaylightApiVirtualIP: type: string default: '' EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json OpenDaylightManageRepositories: description: Whether to manage the OpenDaylight repository type: boolean default: false OpenDaylightSNATMechanism: description: SNAT mechanism to be used default: 'conntrack' type: string constraints: - allowed_values: - conntrack - controller OpenDaylightLogMechanism: description: Logging mechanism to be used default: 'file' type: string constraints: - allowed_values: - file - console OpenDaylightTLSKeystorePassword: default: 'opendaylight' type: string description: The password for the opendaylight TLS keystore. Must be at least 6 characters. hidden: true EnableInternalTLS: type: boolean default: false InternalTLSCAFile: default: '/etc/ipa/ca.crt' type: string description: Specifies the default CA cert to use if TLS is used for services in the internal network. OpenDaylightInheritDSCPMarking: description: Enable DSCP marking for VXLAN/GRE tunnels type: boolean default: false OpenDaylightJavaOpts: default: '' type: string description: Specifies the Java options to run ODL with as a string. Note, these options are in addition to the default Java options set by the karaf/ODL boot scripts and IP version based flag set by 'opendaylight' class. OpenDaylightInactivityProbe: description: Time in millseconds before an inactivity probe is sent via OVSDB to OVS type: number default: 180000 conditions: internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} outputs: role_data: description: Role data for the OpenDaylight service. value: service_name: opendaylight_api config_settings: map_merge: - opendaylight::odl_rest_port: {get_param: [EndpointMap, OpenDaylightInternal, port]} opendaylight::username: {get_param: OpenDaylightUsername} opendaylight::password: {get_param: OpenDaylightPassword} opendaylight::extra_features: {get_param: OpenDaylightFeatures} opendaylight::odl_bind_ip: str_replace: template: "%{hiera('$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, OpendaylightApiNetwork]} opendaylight::manage_repositories: {get_param: OpenDaylightManageRepositories} tripleo::opendaylight_api::firewall_rules: '137 opendaylight api': dport: - {get_param: [EndpointMap, OpenDaylightInternal, port]} - 6640 - 6653 - 2550 - 8185 opendaylight::snat_mechanism: {get_param: OpenDaylightSNATMechanism} opendaylight::log_mechanism: {get_param: OpenDaylightLogMechanism} opendaylight::inherit_dscp_marking: {get_param: OpenDaylightInheritDSCPMarking} opendaylight::java_opts: {get_param: OpenDaylightJavaOpts} opendaylight::inactivity_probe: {get_param: OpenDaylightInactivityProbe} - if: - internal_tls_enabled - generate_service_certificates: true tripleo::profile::base::neutron::opendaylight::certificate_specs: service_certificate: '/etc/pki/tls/certs/odl.crt' service_key: '/etc/pki/tls/private/odl.key' hostname: str_replace: template: "%{hiera('fqdn_NETWORK')}" params: NETWORK: {get_param: [ServiceNetMap, OpendaylightApiNetwork]} principal: str_replace: template: "odl/%{hiera('fqdn_NETWORK')}" params: NETWORK: {get_param: [ServiceNetMap, OpendaylightApiNetwork]} opendaylight::tls_ca_cert_file: {get_param: InternalTLSCAFile} opendaylight::tls_keystore_password: {get_param: OpenDaylightTLSKeystorePassword} - {} service_config_settings: neutron_dhcp: if: - internal_tls_enabled - neutron::agents::dhcp::ovsdb_connection: 'ssl:127.0.0.1:6639' - neutron::agents::dhcp::ovsdb_connection: 'tcp:127.0.0.1:6639' step_config: | include tripleo::profile::base::neutron::opendaylight upgrade_tasks: [] metadata_settings: if: - internal_tls_enabled - - service: odl network: {get_param: [ServiceNetMap, OpendaylightApiNetwork]} type: node - null