Allow neutron services to use independent hostnames

This allows neutron service endpoints to use custom hostnames, and adds the following variables: * neutron_internal_fqdn * neutron_external_fqdn These default to the old values of kolla_internal_fqdn or kolla_external_fqdn. This also adds a neutron_server_listen_port option, which defaults to neutron_server_port for backward compatibility. This option allow the user to differentiate between the port the service listens on, and the port the service is reachable on. This is useful for external load balancers which live on the same host as the service itself. Change-Id: I87d7387326b6eaa6adae1600b48d480319d10676 Implements: blueprint service-hostnames
2018-12-18 10:45:27 -05:00 · 2018-12-18 10:45:27 -05:00 · 255fff02b7
commit 255fff02b7
parent a819ef1215
8 changed files with 14 additions and 9 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -273,7 +273,10 @@ mongodb_web_port: "28017"

 murano_api_port: "8082"

+neutron_internal_fqdn: "{{ kolla_internal_fqdn }}"
+neutron_external_fqdn: "{{ kolla_external_fqdn }}"
 neutron_server_port: "9696"
+neutron_server_listen_port: "{{ neutron_server_port }}"

 nova_internal_fqdn: "{{ kolla_internal_fqdn }}"
 nova_external_fqdn: "{{ kolla_external_fqdn }}"
--- a/ansible/roles/ironic/templates/ironic.conf.j2
+++ b/ansible/roles/ironic/templates/ironic.conf.j2
@ -82,7 +82,7 @@ username = {{ ironic_keystone_user }}
 password = {{ ironic_keystone_password }}

 [neutron]
-url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
+url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
 auth_type = password
 project_domain_id = default
--- a/ansible/roles/manila/templates/manila-share.conf.j2
+++ b/ansible/roles/manila/templates/manila-share.conf.j2
@ -38,7 +38,7 @@ memcache_secret_key = {{ memcache_secret_key }}
 memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}

 [neutron]
-url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
+url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}
 uth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
 auth_type = password
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@ -19,6 +19,7 @@ neutron_services:
        mode: "http"
        external: false
        port: "{{ neutron_server_port }}"
+        listen_port: "{{ neutron_server_listen_port }}"
        frontend_http_extra:
          - "option http-tunnel"
      neutron_server_external:
@ -26,6 +27,7 @@ neutron_services:
        mode: "http"
        external: true
        port: "{{ neutron_server_port }}"
+        listen_port: "{{ neutron_server_listen_port }}"
  neutron-openvswitch-agent:
    container_name: "neutron_openvswitch_agent"
    image: "{{ neutron_openvswitch_agent_image_full }}"
@ -305,9 +307,9 @@ max_l3_agents_per_router: 3
 # valid value is: ["v1", "v2"]
 neutron_fwaas_version: "v1"

-neutron_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
-neutron_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
-neutron_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ neutron_server_port }}"
+neutron_admin_endpoint: "{{ admin_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}"
+neutron_internal_endpoint: "{{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}"
+neutron_public_endpoint: "{{ public_protocol }}://{{ neutron_external_fqdn }}:{{ neutron_server_port }}"

 neutron_logging_debug: "{{ openstack_logging_debug }}"

--- a/ansible/roles/neutron/tasks/precheck.yml
+++ b/ansible/roles/neutron/tasks/precheck.yml
@ -8,7 +8,7 @@
 - name: Checking free port for Neutron Server
  wait_for:
    host: "{{ api_interface_address }}"
-    port: "{{ neutron_server_port }}"
+    port: "{{ neutron_server_listen_port }}"
    connect_timeout: 1
    timeout: 1
    state: stopped
--- a/ansible/roles/neutron/templates/neutron.conf.j2
+++ b/ansible/roles/neutron/templates/neutron.conf.j2
@ -9,7 +9,7 @@ log_dir = /var/log/kolla/neutron
 use_stderr = False

 bind_host = {{ api_interface_address }}
-bind_port = {{ neutron_server_port }}
+bind_port = {{ neutron_server_listen_port }}

 api_paste_config = /usr/share/neutron/api-paste.ini
 endpoint_type = internalURL
--- a/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2
+++ b/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2
@ -48,7 +48,7 @@ enabled = true
 html5_proxy_base_url = {{ public_protocol }}://{{ kolla_internal_vip_address }}:{{ rdp_port }}

 [neutron]
-url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
+url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}
 auth_strategy = keystone
 project_domain_name = default
 project_name = service
--- a/ansible/roles/nova/templates/nova.conf.j2
+++ b/ansible/roles/nova/templates/nova.conf.j2
@ -139,7 +139,7 @@ os_region_name = {{ openstack_region_name }}
 {% endif %}

 [neutron]
-url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
+url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}
 metadata_proxy_shared_secret = {{ metadata_secret }}
 service_metadata_proxy = true
 {% if neutron_plugin_agent == 'vmware_nsxv3' %}