tripleo-heat-templates/environments/undercloud.yaml
yatinkarel e4c5afeda2 Allow Undercloud to be deployed with Ml2 OVN
OVN is already default ML2 plugin in Overcloud since
Stein release[1]. OVN 22.06+ supports DHCP for IPv4 baremetal
ports so we can now use it instead of Ml2 OVS Services on
Undercloud.

This patch update roles and add environment file to allow
the Undercloud deployments with OVN.

Once upgrade/migration path is evaluated for Undercloud
from Ml2 OVS to Ml2 OVN we can consider switching default
Ml2 Plugin on Undercloud.

[1] https://review.opendev.org/c/openstack/tripleo-heat-templates/+/593056/

Change-Id: I724934f511a2d530521fd368e56e7bc2bcb07d76
2022-09-13 19:17:04 +05:30

141 lines
6.7 KiB
YAML

resource_registry:
OS::TripleO::Services::Tmpwatch: ../deployment/logrotate/tmpwatch-install.yaml
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml
OS::TripleO::Services::DockerRegistry: ../deployment/image-serve/image-serve-baremetal-ansible.yaml
OS::TripleO::Services::ContainerImagePrepare: ../deployment/container-image-prepare/container-image-prepare-baremetal-ansible.yaml
# Allows us to control the external VIP for Undercloud SSL
OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_from_pool.yaml
OS::TripleO::Services::ComputeNeutronOvsAgent: ../deployment/neutron/neutron-ovs-agent-container-puppet.yaml
OS::TripleO::Services::NeutronOvsAgent: ../deployment/neutron/neutron-ovs-agent-container-puppet.yaml
OS::TripleO::Services::NeutronDhcpAgent: ../deployment/neutron/neutron-dhcp-container-puppet.yaml
OS::TripleO::Services::NeutronL3Agent: ../deployment/neutron/neutron-l3-container-puppet.yaml
OS::TripleO::Services::NeutronCorePlugin: ../deployment/neutron/neutron-plugin-ml2-container-puppet.yaml
OS::TripleO::Services::NeutronMl2PluginBase: ../deployment/neutron/neutron-plugin-ml2.yaml
# Disable OVN services
OS::TripleO::Services::OVNController: OS::Heat::None
OS::TripleO::Services::OVNDBs: OS::Heat::None
OS::TripleO::Services::OVNMetadataAgent: OS::Heat::None
OS::TripleO::Services::OpenStackClients: ../deployment/clients/openstack-clients-baremetal-ansible.yaml
OS::TripleO::Services::HeatEphemeral: ../deployment/heat/heat-ephemeral-container-ansible.yaml
# Novajoin was removed from undercloud. Ensure cleanup task is executed.
OS::TripleO::Services::UndercloudRemoveNovajoin: ../deployment/tls/undercloud-remove-novajoin.yaml
# Services we don't ever want configured. See LP#1824030
OS::TripleO::Services::Pacemaker: OS::Heat::None
OS::TripleO::Services::PacemakerRemote: OS::Heat::None
OS::TripleO::Services::Clustercheck: OS::Heat::None
# Ensure non-pacemaker versions. See LP#1824030
# CinderVolume is set to None above and OVNdbs is currently not in the list in role_data_undercloud.yaml so
# avoiding that as well until the UC switches to OVN
OS::TripleO::Services::MySQL: ../deployment/database/mysql-container-puppet.yaml
OS::TripleO::Services::OsloMessagingRpc: ../deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml
OS::TripleO::Services::OsloMessagingNotify: ../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml
# Enable Podman on the Undercloud.
# This line will drop in Stein when it becomes the default.
OS::TripleO::Services::Podman: ../deployment/podman/podman-baremetal-ansible.yaml
# https://bugs.launchpad.net/tripleo/+bug/1850562
OS::TripleO::Services::Rsyslog: ../deployment/logging/rsyslog-baremetal-ansible.yaml
# Undercloud HA services
OS::TripleO::Services::HAproxy: OS::Heat::None
parameter_defaults:
# ensure we enable ip_forward before docker gets run
KernelIpForward: 1
KernelIpNonLocalBind: 1
EnablePackageInstall: true
UndercloudNetworkConfigUpdate: True
NeutronTunnelTypes: []
NeutronBridgeMappings: ctlplane:br-ctlplane
NeutronAgentExtensions: []
NeutronFlatNetworks: '*'
DhcpAgentNotification: true
IronicCleaningDiskErase: 'metadata'
IronicCorsAllowedOrigin: '*'
IronicDefaultInspectInterface: 'inspector'
IronicDefaultResourceClass: 'baremetal'
IronicEnabledHardwareTypes: ['ipmi', 'redfish', 'idrac', 'ilo']
IronicEnabledBootInterfaces: ['ipxe', 'pxe', 'ilo-pxe']
IronicEnabledConsoleInterfaces: ['ipmitool-socat', 'ilo', 'no-console']
IronicEnabledDeployInterfaces: ['direct', 'ansible']
IronicEnabledInspectInterfaces: ['inspector', 'no-inspect']
IronicEnabledManagementInterfaces: ['ipmitool', 'redfish', 'idrac', 'ilo']
# NOTE(dtantsur): disabling advanced networking as it's not used (or
# configured) in the undercloud
IronicEnabledNetworkInterfaces: ['flat']
IronicEnabledPowerInterfaces: ['ipmitool', 'redfish', 'idrac', 'ilo']
# NOTE(dtantsur): disabling the "agent" RAID as our ramdisk does not contain
# any vendor-specific RAID additions.
IronicEnabledRaidInterfaces: ['no-raid']
# NOTE(dtantsur): we don't use boot-from-cinder on the undercloud
IronicEnabledStorageInterfaces: ['noop']
IronicEnabledVendorInterfaces: ['ipmitool', 'idrac', 'no-vendor']
IronicEnableStagingDrivers: true
IronicCleaningNetwork: 'ctlplane'
IronicForcePowerStateDuringSync: false
IronicInspectorCollectors: default,extra-hardware,numa-topology,logs
IronicInspectorInterface: br-ctlplane
# IronicInspectorSubnets:
# - ip_range: '192.168.24.100,192.168.24.200'
IronicInspectorUseSwift: false
IronicInspectorStorageBackend: 'database'
IronicConfigureSwiftTempUrlKey: false
IronicProvisioningNetwork: 'ctlplane'
IronicRescuingNetwork: 'ctlplane'
NeutronServicePlugins: router,segments
NeutronMechanismDrivers: ['openvswitch', 'baremetal']
NeutronNetworkVLANRanges: 'physnet1:1000:2999'
NeutronPluginExtensions: port_security,dns_domain_ports
NeutronOVSFirewallDriver: ''
NeutronNetworkType: ['local','flat','vlan','gre','vxlan']
NeutronTunnelIdRanges: '20:100'
NeutronTypeDrivers: ['local','flat','vlan','gre','vxlan']
NeutronVniRanges: '10:100'
NeutronEnableDVR: false
NeutronPortQuota: '-1'
# This allows MTU > 1500 for the overcloud if local_mtu is set to 1500
# See LP#1826729
TenantNetPhysnetMtu: 0
# A list of static routes for the control plane network. Ensure traffic to
# nodes on remote control plane networks use the correct network path.
# Example:
# ControlPlaneStaticRoutes:
# - ip_netmask: 192.168.25.0/24
# next_hop: 192.168.24.1
# - ip_netmask: 192.168.26.0/24
# next_hop: 192.168.24.1
ControlPlaneStaticRoutes: []
# A dictionary of Undercloud ctlplane subnets.
# NOTE(hjensas): This should be {} in this environment file, otherwise it may
# results in values set here being merged with the values set in
# undercloud.conf. See Bug: https://bugs.launchpad.net/tripleo/+bug/1820330
# Example:
# UndercloudCtlplaneSubnets:
# ctlplane-subnet:
# NetworkCidr: '192.168.24.0/24'
# NetworkGateway: '192.168.24.1'
# DhcpRangeStart: '192.168.24.5'
# DhcpRangeEnd: '192.168.24.24'
# HostRoutes:
# - {'destination': '10.10.10.0/24', 'nexthop': '192.168.24.254'}
UndercloudCtlplaneSubnets: {}
UndercloudCtlplaneLocalSubnet: 'ctlplane-subnet'
UndercloudNetworkConfigTemplate: 'templates/undercloud.j2'
PasswordAuthentication: 'yes'
MySQLServerOptions:
mysqld:
connect_timeout: 60
SshFirewallAllowAll: true
NetworkSafeDefaults: false
IronicRpcTransport: 'json-rpc'
IronicAuthStrategy: http_basic
NeutronAuthStrategy: http_basic