dsl_version: 0.4.0 service: name: neutron-server # {% if neutron.plugin_agent == "opendaylight" %} hostNetwork: true # {% endif %} ports: - {{ neutron.server_port }} annotations: service: prometheus.io/probe: "true" containers: - name: neutron-server image: neutron-server pre: - name: neutron-db-create dependencies: - database type: single command: mysql -u root -p{{ db.root_password }} -h {{ address("database") }} -e 'create database `{{ neutron.db.name }}`; create user "{{ neutron.db.username }}"@"%" identified by "{{ neutron.db.password }}" {% if db.tls.enabled %} require ssl {% endif %}; grant all privileges on `{{ neutron.db.name }}`.* to "{{ neutron.db.username }}"@"%" identified by "{{ neutron.db.password }}" {% if db.tls.enabled %} require ssl {% endif %};' - name: neutron-db-sync type: single command: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head dependencies: - rpc - notifications - neutron-db-create files: - neutron.conf - ml2-conf.ini - name: neutron-user-create dependencies: - keystone-create-domain type: single command: openstack user create --domain {{ service_account.domain }} --password {{ neutron.password }} {{ neutron.username }} - name: neutron-role-add dependencies: - neutron-user-create type: single command: openstack role add --project {{ service_account.project }} --user {{ neutron.username }} admin - name: neutron-service-create dependencies: - keystone type: single command: openstack service create --name neutron --description "OpenStack Networking" network - name: neutron-public-endpoint-create dependencies: - neutron-service-create type: single command: openstack endpoint create --region RegionOne network public {{ address('neutron-server', neutron.server_port, external=True, with_scheme=True) }} - name: neutron-internal-endpoint-create dependencies: - neutron-service-create type: single command: openstack endpoint create --region RegionOne network internal {{ address('neutron-server', neutron.server_port, with_scheme=True) }} - name: neutron-admin-endpoint-create dependencies: - neutron-service-create type: single command: openstack endpoint create --region RegionOne network admin {{ address('neutron-server', neutron.server_port, with_scheme=True) }} daemon: command: neutron-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini files: - neutron.conf - ml2-conf.ini # {% if neutron.tls.enabled %} - ca-cert # {% endif %} # {% if neutron.plugin_agent == "opendaylight" %} dependencies: - openvswitch-vswitchd # {% endif %} # {% if neutron.tls.enabled %} - name: nginx-neutron-server image: nginx daemon: files: - servers - server-cert - server-key - upstreams command: nginx # {% endif %} files: neutron.conf: path: /etc/neutron/neutron.conf content: neutron.conf.j2 perm: "0600" ml2-conf.ini: path: /etc/neutron/plugins/ml2/ml2_conf.ini content: ml2_conf.ini.j2 perm: "0600" # {% if neutron.tls.enabled %} servers: path: /etc/nginx/conf.d/servers.conf content: nginx-neutron-server.conf.j2 perm: "0400" upstreams: path: /etc/nginx/conf.d/upstreams.conf content: upstreams.conf.j2 perm: "0400" server-cert: path: /opt/ccp/etc/tls/server-cert.pem content: server-cert.pem.j2 perm: "0400" server-key: path: /opt/ccp/etc/tls/server-key.pem content: server-key.pem.j2 perm: "0400" ca-cert: path: /opt/ccp/etc/tls/ca.pem content: ca-cert.pem.j2 perm: "0400" # {% endif %}