openstack/tripleo-heat-templates
Code Issues Proposed changes
829bc72684
tripleo-heat-templates/net-config-undercloud.j2.yaml
Harald Jensås 1ebf115f85 Use /32 netmask for VIPs 
Prior to commit c712355e4b
KeepaliveD created the VIP addresses. KeepaliveD created
the VIPs with /32 netmask, when moving the VIPs to the
DeployedServerPortMap and adding them to the br-ctlplane
interface the netmask of the ctlplane subnet was used
(typically /24). The result is a routing table that
potentially uses the incorrect device for traffic when
the public VIP is not on in the ctlplane subnet.

This change hard-codes the netmask for the VIP addresses
to /32.

blueprint replace-keepalived-undercloud
Closes-Bug: #1878101
Change-Id: I873e925d2250677f25b9ae51ed0b87bd1b8e6b32
2020-05-14 10:09:13 +02:00

156 lines
5.9 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
Software Config to drive os-net-config for a simple bridge configured with a
static IP address for the ctlplane network with optionally the admin and
public IPs too.
parameters:
ControlPlaneIp:
default: ''
description: IP address/subnet on the ctlplane network
type: string
{%- for network in networks %}
{{network.name}}IpSubnet:
default: ''
description: IP address/subnet on the {{network.name_lower}} network
type: string
{{network.name}}InterfaceRoutes:
default: []
description: >
Routes for the {{network.name_lower}} network traffic.
JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}]
Unless the default is changed, the parameter is automatically resolved
from the subnet host_routes attribute.
type: json
{{network.name}}Mtu:
default: {{network.mtu|default('1500')}}
description: The maximum transmission unit (MTU) size(in bytes) that is
guaranteed to pass through the data path of the segments in the
{{network.name}} network.
type: number
{{network.name}}InterfaceDefaultRoute:
default: ''
description: default route for the {{network.name_lower}} network
type: string
{%- endfor %}
ControlPlaneSubnetCidr:
default: ''
description: >
The subnet CIDR of the control plane network. (The parameter is
automatically resolved from the ctlplane subnet's cidr attribute.)
type: string
ControlPlaneDefaultRoute:
default: ''
description: The default route of the control plane network. (The parameter
is automatically resolved from the ctlplane subnet's gateway_ip attribute.)
type: string
ControlPlaneStaticRoutes:
default: []
description: >
Routes for the ctlplane network traffic.
JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}]
Unless the default is changed, the parameter is automatically resolved
from the subnet host_routes attribute.
type: json
ControlPlaneMtu:
default: 1500
description: The maximum transmission unit (MTU) size(in bytes) that is
guaranteed to pass through the data path of the segments in the network.
(The parameter is automatically resolved from the ctlplane network's mtu attribute.)
type: number
DnsServers: # Override this via parameter_defaults
default: []
description: >
DNS servers to use for the Overcloud (2 max for some implementations).
If not set the nameservers configured in the ctlplane subnet's
dns_nameservers attribute will be used.
type: comma_delimited_list
DnsSearchDomains: # Override this via parameter_defaults
default: []
description: A list of DNS search domains to be added (in order) to resolv.conf.
type: comma_delimited_list
UndercloudLocalMtu: # Override this via parameter_defaults
default: 1500
description: MTU to use for the Undercloud local_interface.
type: number
constraints:
- range: { min: 1000, max: 65536 }
UndercloudNetConfigOverride:
default: {}
description: Custom JSON data to be used to override the os-net-config data in this template. This is meant to be used by net_config_override parameter in tripleoclient to provide an easy means to pass in custom net configs for the Undercloud.
type: json
DeployedServerPortMap:
default: {}
type: json
conditions:
undercloud_net_config_override:
not:
equals: [{get_param: UndercloudNetConfigOverride}, {}]
control_virtual_ip_unset: {equals : [{get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}, '']}
public_virtual_ip_unset: {equals : [{get_param: [DeployedServerPortMap, 'public_virtual_ip', fixed_ips, 0, ip_address]}, '']}
resources:
OsNetConfigImpl:
type: OS::Heat::SoftwareConfig
properties:
group: script
inputs:
- name: disable_configure_safe_defaults
default: true
config:
str_replace:
template:
get_file: network/scripts/run-os-net-config.sh
params:
$network_config:
if:
- undercloud_net_config_override
- {get_param: UndercloudNetConfigOverride}
- network_config:
- type: ovs_bridge
name: br-ctlplane
use_dhcp: false
dns_servers:
get_param: DnsServers
domain:
get_param: DnsSearchDomains
ovs_extra:
- "br-set-external-id br-ctlplane bridge-id br-ctlplane"
addresses:
- ip_netmask:
list_join:
- /
- - get_param: ControlPlaneIp
- get_param: ControlPlaneSubnetCidr
-
if:
- control_virtual_ip_unset
- {}
- ip_netmask:
list_join:
- /
- - {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
- '32'
-
if:
- public_virtual_ip_unset
- {}
- ip_netmask:
list_join:
- /
- - {get_param: [DeployedServerPortMap, 'public_virtual_ip', fixed_ips, 0, ip_address]}
- '32'
routes: {get_param: ControlPlaneStaticRoutes}
members:
- type: interface
name: interface_name
# force the MAC address of the bridge to this interface
primary: true
mtu: {get_param: UndercloudLocalMtu}
outputs:
OS::stack_id:
description: The OsNetConfigImpl resource.
value:
get_resource: OsNetConfigImpl
View Git Blame Copy Permalink