From 255fff02b7de8dd5161f3dbd55ebddd211179246 Mon Sep 17 00:00:00 2001
From: Jim Rollenhagen <jim@jimrollenhagen.com>
Date: Tue, 18 Dec 2018 10:45:27 -0500
Subject: [PATCH] Allow neutron services to use independent hostnames

This allows neutron service endpoints to use custom hostnames, and adds the
following variables:

* neutron_internal_fqdn
* neutron_external_fqdn

These default to the old values of kolla_internal_fqdn or
kolla_external_fqdn.

This also adds a neutron_server_listen_port option, which defaults to
neutron_server_port for backward compatibility.

This option allow the user to differentiate between the port the
service listens on, and the port the service is reachable on. This is
useful for external load balancers which live on the same host as the
service itself.

Change-Id: I87d7387326b6eaa6adae1600b48d480319d10676
Implements: blueprint service-hostnames
---
 ansible/group_vars/all.yml                              | 3 +++
 ansible/roles/ironic/templates/ironic.conf.j2           | 2 +-
 ansible/roles/manila/templates/manila-share.conf.j2     | 2 +-
 ansible/roles/neutron/defaults/main.yml                 | 8 +++++---
 ansible/roles/neutron/tasks/precheck.yml                | 2 +-
 ansible/roles/neutron/templates/neutron.conf.j2         | 2 +-
 ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2 | 2 +-
 ansible/roles/nova/templates/nova.conf.j2               | 2 +-
 8 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index aecfbfcf85..bdc4b242de 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -273,7 +273,10 @@ mongodb_web_port: "28017"
 
 murano_api_port: "8082"
 
+neutron_internal_fqdn: "{{ kolla_internal_fqdn }}"
+neutron_external_fqdn: "{{ kolla_external_fqdn }}"
 neutron_server_port: "9696"
+neutron_server_listen_port: "{{ neutron_server_port }}"
 
 nova_internal_fqdn: "{{ kolla_internal_fqdn }}"
 nova_external_fqdn: "{{ kolla_external_fqdn }}"
diff --git a/ansible/roles/ironic/templates/ironic.conf.j2 b/ansible/roles/ironic/templates/ironic.conf.j2
index 81c373e17b..9915d28516 100644
--- a/ansible/roles/ironic/templates/ironic.conf.j2
+++ b/ansible/roles/ironic/templates/ironic.conf.j2
@@ -82,7 +82,7 @@ username = {{ ironic_keystone_user }}
 password = {{ ironic_keystone_password }}
 
 [neutron]
-url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
+url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
 auth_type = password
 project_domain_id = default
diff --git a/ansible/roles/manila/templates/manila-share.conf.j2 b/ansible/roles/manila/templates/manila-share.conf.j2
index 9899b09806..7180a1edd7 100644
--- a/ansible/roles/manila/templates/manila-share.conf.j2
+++ b/ansible/roles/manila/templates/manila-share.conf.j2
@@ -38,7 +38,7 @@ memcache_secret_key = {{ memcache_secret_key }}
 memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
 
 [neutron]
-url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
+url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}
 uth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
 auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
 auth_type = password
diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml
index cbb9f6a64b..cc0408e3a8 100644
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@@ -19,6 +19,7 @@ neutron_services:
         mode: "http"
         external: false
         port: "{{ neutron_server_port }}"
+        listen_port: "{{ neutron_server_listen_port }}"
         frontend_http_extra:
           - "option http-tunnel"
       neutron_server_external:
@@ -26,6 +27,7 @@ neutron_services:
         mode: "http"
         external: true
         port: "{{ neutron_server_port }}"
+        listen_port: "{{ neutron_server_listen_port }}"
   neutron-openvswitch-agent:
     container_name: "neutron_openvswitch_agent"
     image: "{{ neutron_openvswitch_agent_image_full }}"
@@ -305,9 +307,9 @@ max_l3_agents_per_router: 3
 # valid value is: ["v1", "v2"]
 neutron_fwaas_version: "v1"
 
-neutron_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
-neutron_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
-neutron_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ neutron_server_port }}"
+neutron_admin_endpoint: "{{ admin_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}"
+neutron_internal_endpoint: "{{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}"
+neutron_public_endpoint: "{{ public_protocol }}://{{ neutron_external_fqdn }}:{{ neutron_server_port }}"
 
 neutron_logging_debug: "{{ openstack_logging_debug }}"
 
diff --git a/ansible/roles/neutron/tasks/precheck.yml b/ansible/roles/neutron/tasks/precheck.yml
index 850e6ec13c..a0a1c7f319 100644
--- a/ansible/roles/neutron/tasks/precheck.yml
+++ b/ansible/roles/neutron/tasks/precheck.yml
@@ -8,7 +8,7 @@
 - name: Checking free port for Neutron Server
   wait_for:
     host: "{{ api_interface_address }}"
-    port: "{{ neutron_server_port }}"
+    port: "{{ neutron_server_listen_port }}"
     connect_timeout: 1
     timeout: 1
     state: stopped
diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2
index 3e8dbf2809..7560d10b00 100644
--- a/ansible/roles/neutron/templates/neutron.conf.j2
+++ b/ansible/roles/neutron/templates/neutron.conf.j2
@@ -9,7 +9,7 @@ log_dir = /var/log/kolla/neutron
 use_stderr = False
 
 bind_host = {{ api_interface_address }}
-bind_port = {{ neutron_server_port }}
+bind_port = {{ neutron_server_listen_port }}
 
 api_paste_config = /usr/share/neutron/api-paste.ini
 endpoint_type = internalURL
diff --git a/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2 b/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2
index 7cd9515d76..54ab387174 100644
--- a/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2
+++ b/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2
@@ -48,7 +48,7 @@ enabled = true
 html5_proxy_base_url = {{ public_protocol }}://{{ kolla_internal_vip_address }}:{{ rdp_port }}
 
 [neutron]
-url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
+url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}
 auth_strategy = keystone
 project_domain_name = default
 project_name = service
diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2
index 45e5bc7728..b7871bc83b 100644
--- a/ansible/roles/nova/templates/nova.conf.j2
+++ b/ansible/roles/nova/templates/nova.conf.j2
@@ -139,7 +139,7 @@ os_region_name = {{ openstack_region_name }}
 {% endif %}
 
 [neutron]
-url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
+url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}
 metadata_proxy_shared_secret = {{ metadata_secret }}
 service_metadata_proxy = true
 {% if neutron_plugin_agent == 'vmware_nsxv3' %}