tripleo-heat-templates/deployment/neutron/neutron-compute-plugin-nuage.yaml
Kevin Carter 50367fbe35 Convert firewall rules to use TripleO-Ansible
This change converts our filewall deployment practice to use
the tripleo-ansible firewall role. This change creates a new
"firewall_rules" object which is queried using YAQL from the
"FirewallRules" resource.

A new parameter has been added allowing users to input
additional firewall rules as needed. The new parameter is
`ExtraFirewallRules` and will be merged on top of the YAQL
interface.

Depends-On: Ie5d0f51d7efccd112847d3f1edf5fd9cdb1edeed
Change-Id: I1be209a04f599d1d018e730c92f1fc8dd9bf884b
Signed-off-by: Kevin Carter <kecarter@redhat.com>
2019-11-18 15:40:22 -06:00

107 lines
3.9 KiB
YAML

heat_template_version: rocky
description: >
OpenStack Neutron Compute Nuage plugin
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
NovaPassword:
description: The password for the nova service and db account
type: string
hidden: true
NuageMetadataPort:
description: TCP Port to listen for metadata server requests
type: string
default: '9697'
NuageActiveController:
description: IP address of the Active Virtualized Services Controller (VSC)
type: string
NuageStandbyController:
description: IP address of the Standby Virtualized Services Controller (VSC)
type: string
NuageNovaMetadataPort:
description: TCP Port used by Nova metadata server
type: string
default: '8775'
NuageMetadataProxySharedSecret:
description: Shared secret to sign the instance-id request
type: string
NuageNovaClientVersion:
description: Client Version Nova
type: string
default: '2'
NuageNovaOsUsername:
description: Nova username in keystone_authtoken
type: string
default: 'nova'
NuageMetadataAgentStartWithOvs:
description: Set to true if nuage-metadata-agent needs to be started with nuage-openvswitch-switch
type: boolean
default: true
NuageNovaApiEndpoint:
description: One of publicURL, internalURL, adminURL in "keystone endpoint-list"
type: string
default: 'publicURL'
NuageNovaRegionName:
description: Region name in "keystone endpoint-list"
type: string
default: 'regionOne'
NuageBridgeMTU:
description: Support for non-default MTU configured on each VRS node
type: string
default: ''
outputs:
role_data:
description: Role data for the Neutron Compute Nuage plugin
firewall_rules:
'118 neutron vxlan networks':
proto: 'udp'
dport: 4789
'100 metadata agent':
dport: {get_param: NuageMetadataPort}
value:
service_name: neutron_compute_plugin_nuage
config_settings:
nuage::vrs::active_controller: {get_param: NuageActiveController}
nuage::vrs::standby_controller: {get_param: NuageStandbyController}
nuage::vrs::bridge_mtu: {get_param: NuageBridgeMTU}
nuage::metadataagent::metadata_port: {get_param: NuageMetadataPort}
nuage::metadataagent::nova_metadata_port: {get_param: NuageNovaMetadataPort}
nuage::metadataagent::metadata_secret: {get_param: NuageMetadataProxySharedSecret}
nuage::metadataagent::nova_client_version: {get_param: NuageNovaClientVersion}
nuage::metadataagent::nova_os_username: {get_param: NuageNovaOsUsername}
nuage::metadataagent::metadata_agent_start_with_ovs: {get_param: NuageMetadataAgentStartWithOvs}
nuage::metadataagent::nova_api_endpoint_type: {get_param: NuageNovaApiEndpoint}
nuage::metadataagent::nova_region_name: {get_param: NuageNovaRegionName}
tripleo::profile::base::neutron::agents::nuage::nova_os_tenant_name: 'service'
tripleo::profile::base::neutron::agents::nuage::nova_os_password: {get_param: NovaPassword}
tripleo::profile::base::neutron::agents::nuage::nova_auth_ip: {get_param: [EndpointMap, KeystoneInternal, host]}
step_config: |
include ::tripleo::profile::base::neutron::agents::nuage