diff --git a/ansible/group_vars/all/kolla b/ansible/group_vars/all/kolla index 7df5f0426..bd2652c2c 100644 --- a/ansible/group_vars/all/kolla +++ b/ansible/group_vars/all/kolla @@ -550,6 +550,27 @@ kolla_ansible_default_custom_passwords: # passwords file. kolla_ansible_custom_passwords: "{{ kolla_ansible_default_custom_passwords }}" +############################################################################### +# OpenStack API addresses. + +# Virtual IP address of OpenStack internal API. Default is the vip_address +# attribute of the internal network. +kolla_internal_vip_address: "{{ internal_net_name | net_vip_address }}" + +# Fully Qualified Domain Name (FQDN) of OpenStack internal API. Default is the +# fqdn attribute of the internal network if set, otherwise +# kolla_internal_vip_address. +kolla_internal_fqdn: "{{ internal_net_name | net_fqdn or kolla_internal_vip_address }}" + +# Virtual IP address of OpenStack external API. Default is the vip_address +# attribute of the external network. +kolla_external_vip_address: "{{ public_net_name | net_vip_address }}" + +# Fully Qualified Domain Name (FQDN) of OpenStack external API. Default is the +# fqdn attribute of the external network if set, otherwise +# kolla_external_vip_address. +kolla_external_fqdn: "{{ public_net_name | net_fqdn or kolla_external_vip_address }}" + ############################################################################### # TLS certificate bundle management diff --git a/ansible/kolla-ansible.yml b/ansible/kolla-ansible.yml index ae04fcf8c..fa182b5ae 100644 --- a/ansible/kolla-ansible.yml +++ b/ansible/kolla-ansible.yml @@ -27,12 +27,6 @@ tags: - kolla-ansible gather_facts: false - vars: - # We need to reference configuration for the network node. - # We pick the first host from the group for this. It is possible that at - # this point these groups have no hosts in, and we should handle that case - # gracefully. - network_host: "{{ groups['network'][0] }}" pre_tasks: # Configuration of extra user-provided Kolla globals. - block: @@ -52,46 +46,29 @@ - config # Configuration and validation of network host networking. - - block: - - name: Set facts containing the VIP addresses and FQDNs - set_fact: - kolla_internal_vip_address: "{{ internal_net_name | net_vip_address }}" - kolla_internal_fqdn: "{{ internal_net_name | net_fqdn or internal_net_name | net_vip_address }}" - kolla_external_vip_address: "{{ public_net_name | net_vip_address }}" - kolla_external_fqdn: "{{ public_net_name | net_fqdn or public_net_name | net_vip_address }}" - when: kolla_enable_haproxy | bool - - - name: Set facts containing the VIP addresses and FQDNs - set_fact: - kolla_internal_vip_address: "{{ internal_net_name | net_ip(network_host) }}" - kolla_internal_fqdn: "{{ internal_net_name | net_ip(network_host) }}" - kolla_external_vip_address: "{{ public_net_name | net_ip(network_host) }}" - kolla_external_fqdn: "{{ public_net_name | net_ip(network_host) }}" - when: not kolla_enable_haproxy | bool - - - name: Validate Kolla Ansible API address configuration - fail: - msg: > - The Kolla Ansible variable {{ item.var_name }} - ({{ item.description }}) is invalid. Value: - "{{ hostvars[inventory_hostname][item.var_name] | default('') }}". - when: - - item.required | bool - - hostvars[inventory_hostname][item.var_name] is not defined or not hostvars[inventory_hostname][item.var_name] - with_items: - - var_name: "kolla_internal_vip_address" - description: "Internal API VIP address" - required: True - - var_name: "kolla_internal_fqdn" - description: "Internal API Fully Qualified Domain Name (FQDN)" - required: True - - var_name: "kolla_external_vip_address" - description: "external API VIP address" - required: True - - var_name: "kolla_external_fqdn" - description: "External API Fully Qualified Domain Name (FQDN)" - required: True - when: groups['network'] | length > 0 + - name: Validate Kolla Ansible API address configuration + fail: + msg: > + The Kolla Ansible variable {{ item.var_name }} + ({{ item.description }}) is invalid. Value: + "{{ hostvars[inventory_hostname][item.var_name] | default('') }}". + when: + - groups['network'] | length > 0 + - item.required | bool + - hostvars[inventory_hostname][item.var_name] is not defined or not hostvars[inventory_hostname][item.var_name] + with_items: + - var_name: "kolla_internal_vip_address" + description: "Internal API VIP address" + required: True + - var_name: "kolla_internal_fqdn" + description: "Internal API Fully Qualified Domain Name (FQDN)" + required: True + - var_name: "kolla_external_vip_address" + description: "external API VIP address" + required: True + - var_name: "kolla_external_fqdn" + description: "External API Fully Qualified Domain Name (FQDN)" + required: True tags: - config - config-validation diff --git a/ansible/overcloud-grafana-configure.yml b/ansible/overcloud-grafana-configure.yml index 7fd18a16d..7ae5c9026 100644 --- a/ansible/overcloud-grafana-configure.yml +++ b/ansible/overcloud-grafana-configure.yml @@ -59,16 +59,6 @@ tags: - grafana pre_tasks: - - name: Set fact for the VIP address - set_fact: - kolla_internal_vip_address: "{{ internal_net_name | net_vip_address }}" - when: kolla_enable_haproxy | bool - - - name: Set fact for the VIP address - set_fact: - kolla_internal_vip_address: "{{ internal_net_name | net_ip }}" - when: not kolla_enable_haproxy | bool - - name: Include Kolla passwords for Grafana local admin account credentials include_vars: "{{ kayobe_config_path }}/kolla/passwords.yml" roles: diff --git a/ansible/public-openrc.yml b/ansible/public-openrc.yml index 4367773a0..d81d1300b 100644 --- a/ansible/public-openrc.yml +++ b/ansible/public-openrc.yml @@ -8,7 +8,7 @@ - public-openrc vars: public_api_proto: "{% if kolla_enable_tls_external | bool %}https{% else %}http{% endif %}" - public_api_host: "{{ public_net_name | net_fqdn or public_net_name | net_vip_address }}" + public_api_host: "{{ kolla_external_fqdn }}" public_api_keystone_port: 5000 roles: - role: public-openrc diff --git a/doc/source/configuration/reference/kolla-ansible.rst b/doc/source/configuration/reference/kolla-ansible.rst index a5d11a933..17251ada6 100644 --- a/doc/source/configuration/reference/kolla-ansible.rst +++ b/doc/source/configuration/reference/kolla-ansible.rst @@ -225,6 +225,32 @@ OpenStack services. This is not usually advisable in production. --- kolla_openstack_logging_debug: true +API Addresses +------------- + +.. note:: + + These variables should be used over the deprecated ``vip_address`` and + ``fqdn`` `network attributes ` + +The following variables affect the addresses used for the external and internal +API. + +``kolla_internal_vip_address`` + Virtual IP address of OpenStack internal API. Default is the + ``vip_address`` attribute of the internal network. +``kolla_internal_fqdn`` + Fully Qualified Domain Name (FQDN) of OpenStack internal API. Default is + the ``fqdn`` attribute of the internal network if set, otherwise + ``kolla_internal_vip_address``. +``kolla_external_vip_address`` + Virtual IP address of OpenStack external API. Default is the + ``vip_address`` attribute of the external network. +``kolla_external_fqdn`` + Fully Qualified Domain Name (FQDN) of OpenStack external API. Default is + the ``fqdn`` attribute of the external network if set, otherwise + ``kolla_external_vip_address``. + TLS Encryption of APIs ---------------------- diff --git a/doc/source/configuration/reference/network.rst b/doc/source/configuration/reference/network.rst index 426690d1b..34532570b 100644 --- a/doc/source/configuration/reference/network.rst +++ b/doc/source/configuration/reference/network.rst @@ -10,6 +10,8 @@ that define the network's attributes. For example, to configure the ``cidr`` attribute of a network named ``arpanet``, we would use a variable named ``arpanet_cidr``. +.. _configuration-network-global: + Global Network Configuration ============================ @@ -42,8 +44,18 @@ supported: ``mtu`` Maximum Transmission Unit (MTU). ``vip_address`` + .. note:: + + Use of the ``vip_address`` attribute is deprecated. Instead use + ``kolla_internal_vip_address`` and ``kolla_external_vip_address``. + Virtual IP address (VIP) used by API services on this network. ``fqdn`` + .. note:: + + Use of the ``fqdn`` attribute is deprecated. Instead use + ``kolla_internal_fqdn`` and ``kolla_external_fqdn``. + Fully Qualified Domain Name (FQDN) used by API services on this network. ``routes`` List of static IP routes. Each item should be a dict containing the diff --git a/etc/kayobe/kolla.yml b/etc/kayobe/kolla.yml index f8f0a482c..7e6da27de 100644 --- a/etc/kayobe/kolla.yml +++ b/etc/kayobe/kolla.yml @@ -345,6 +345,27 @@ # passwords file. #kolla_ansible_custom_passwords: +############################################################################### +# OpenStack API addresses. + +# Virtual IP address of OpenStack internal API. Default is the vip_address +# attribute of the internal network. +#kolla_internal_vip_address: + +# Fully Qualified Domain Name (FQDN) of OpenStack internal API. Default is the +# fqdn attribute of the internal network if set, otherwise +# kolla_internal_vip_address. +#kolla_internal_fqdn: + +# Virtual IP address of OpenStack external API. Default is the vip_address +# attribute of the external network. +#kolla_external_vip_address: + +# Fully Qualified Domain Name (FQDN) of OpenStack external API. Default is the +# fqdn attribute of the external network if set, otherwise +# kolla_external_vip_address. +#kolla_external_fqdn: + ############################################################################### # TLS certificate bundle management diff --git a/releasenotes/notes/add-vip-fqdn-variables-a6202664c2b6eb01.yaml b/releasenotes/notes/add-vip-fqdn-variables-a6202664c2b6eb01.yaml new file mode 100644 index 000000000..a172f8ab0 --- /dev/null +++ b/releasenotes/notes/add-vip-fqdn-variables-a6202664c2b6eb01.yaml @@ -0,0 +1,22 @@ +--- +features: + - | + Adds the following new variables for the Kolla Ansible API VIP address and + FQDNs: + + * ``kolla_internal_vip_address`` + * ``kolla_internal_fqdn`` + * ``kolla_external_vip_address`` + * ``kolla_external_fqdn`` + + These variables should be used in preference to the ``vip_address`` and + ``fqdn`` network attributes which are deprecated. +deprecations: + - | + The ``vip_address`` and ``fqdn`` network attributes are deprecated in + favour of the following variables: + + * ``kolla_internal_vip_address`` + * ``kolla_internal_fqdn`` + * ``kolla_external_vip_address`` + * ``kolla_external_fqdn``