openstack/openstack-ansible
Code Issues Proposed changes
Files
31f12f54eaccd3ff5a458cb8593897a46b2d923a
openstack-ansible/etc/openstack_deploy/openstack_user_config.yml.aio.j2
Dmitriy Rabotyagov 31f12f54ea Offload network provisionment for AIO to openstack_hosts 
For couple of cycles we include our systemd-related roles in
openstack_hosts role, with purpose of operators being able to
configure their nodes before any actuall service or infra role will
kick in.

This should also provide ability to configure networking for LXC and
setup overall.

So with moving systemd role includes during AIO setup to
variables which leverage openstack_hosts behavior we achieve
multiple goals at once:
- Reduce amount of intersecting logic in AIO bootstrap
- Add testing for openstack_hosts section and ensure it's functional
- Improve transparency for deployers and ability to see and change
network configuration, as it will be templated as variables file
instead of be directly applied.

As a consequence, we need to access host by it's already established
IP address, rather then one defined by us.
However, we already require having `bootstrap_host_public_address`
and rely on it heavily, so it should not bring much regressions
with the approach.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/953670
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/954316
Change-Id: Ib688a5a758ec5ebbd0ebafdcaf2b27aeecdd9aba
Signed-off-by: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>
2025-08-18 14:37:30 +02:00

233 lines
7.9 KiB
Django/Jinja
Raw Blame History

---
cidr_networks:
{% if 'ironic' in bootstrap_host_scenarios_expanded %}
bmaas: {{ bmaas_network }}
{% endif %}
{% if 'trove' in bootstrap_host_scenarios_expanded %}
dbaas: {{ dbaas_network }}
{% endif %}
{% if 'octavia' in bootstrap_host_scenarios_expanded %}
lbaas: {{ lbaas_network }}
{% endif %}
management: {{ mgmt_network }}
tunnel: {{ vxlan_network }}
storage: {{ storage_network }}
used_ips:
{% if 'ironic' in bootstrap_host_scenarios_expanded %}
- "{{ bmaas_network | ansible.utils.nthhost('1') }},{{ bmaas_network | ansible.utils.nthhost('10') }}"
- "{{ bmaas_network | ansible.utils.nthhost('110') }},{{ bmaas_network | ansible.utils.nthhost('-10') }}"
- "{{ bmaas_network | ansible.utils.nthhost('100') }}"
{% endif %}
{% if 'trove' in bootstrap_host_scenarios_expanded %}
- "{{ dbaas_network | ansible.utils.nthhost('1') }},{{ dbaas_network | ansible.utils.nthhost('10') }}"
- "{{ dbaas_network | ansible.utils.nthhost('50') }},{{ dbaas_network | ansible.utils.nthhost('-1') }}"
{% endif %}
{% if 'octavia' in bootstrap_host_scenarios_expanded %}
- "{{ lbaas_network | ansible.utils.nthhost('1') }},{{ lbaas_network | ansible.utils.nthhost('10') }}"
- "{{ lbaas_network | ansible.utils.nthhost('50') }},{{ lbaas_network | ansible.utils.nthhost('-1') }}"
{% endif %}
- "{{ mgmt_network | ansible.utils.nthhost('1') }},{{ mgmt_network | ansible.utils.nthhost('50') }}"
- "{{ mgmt_network | ansible.utils.nthhost('100') }}"
- "{{ mgmt_network | ansible.utils.nthhost('101') }}"
- "{{ vxlan_network | ansible.utils.nthhost('1') }},{{ vxlan_network | ansible.utils.nthhost('50') }}"
- "{{ vxlan_network | ansible.utils.nthhost('100') }}"
- "{{ storage_network | ansible.utils.nthhost('1') }},{{ storage_network | ansible.utils.nthhost('50') }}"
- "{{ storage_network | ansible.utils.nthhost('100') }}"
- "{{ vlan_network | ansible.utils.nthhost('1') }},{{ vlan_network | ansible.utils.nthhost('50') }}"
- "{{ vlan_network | ansible.utils.nthhost('100') }}"
global_overrides:
internal_lb_vip_address: {{ bootstrap_host_internal_address }}
# The external IP is quoted simply to ensure that the .aio file can be used as input
# dynamic inventory testing.
external_lb_vip_address: "{{ ('stepca' in bootstrap_host_scenarios) | ternary('external.openstack.local', bootstrap_host_public_address) }}"
management_bridge: "br-mgmt"
no_containers: {{ true if 'metal' in bootstrap_host_scenarios else false }}
provider_networks:
- network:
container_bridge: "br-mgmt"
container_type: "veth"
container_interface: "eth1"
ip_from_q: "management"
type: "raw"
group_binds:
- all_containers
- hosts
is_management_address: true
# define static routes to the neutron public IP ranges via br-mgmt
# this is AIO specific and relies on the host forwarding to reach instance
# floating ips using the br-mgmt interface as a gateway
static_routes:
# neutron public addresses, LXC
- cidr: {{ vlan_network }}
gateway: {{ bootstrap_host_management_address }}
{% if 'proxy' in bootstrap_host_scenarios_expanded %}
- cidr: {{ squid_network }}
gateway: {{ bootstrap_host_management_address }}
{% endif %}
{% if 'ovs' in bootstrap_host_scenarios_expanded %}
- network:
container_bridge: "br-vxlan"
container_type: "veth"
container_interface: "eth10"
ip_from_q: "tunnel"
type: "vxlan"
range: "1:1000"
net_name: "vxlan"
group_binds:
- neutron_openvswitch_agent
{% else %}
- network:
container_bridge: "br-vxlan"
container_type: "veth"
container_interface: "eth10"
ip_from_q: "tunnel"
type: "geneve"
range: "1:1000"
net_name: "geneve"
group_binds:
- neutron_ovn_controller
{% endif %}
{% if 'trove' in bootstrap_host_scenarios_expanded %}
- network:
container_bridge: "br-dbaas"
container_type: "veth"
container_interface: "eth13"
network_interface: "eth13"
ip_from_q: "dbaas"
type: "flat"
net_name: "dbaas-mgmt"
group_binds:
- neutron_ovn_gateway
- rabbitmq
{% endif %}
{% if 'octavia' in bootstrap_host_scenarios_expanded %}
- network:
container_bridge: "br-lbaas"
container_type: "veth"
container_interface: "eth14"
network_interface: "eth14"
ip_from_q: "lbaas"
type: "flat"
net_name: "lbaas"
group_binds:
- neutron_ovn_gateway
- octavia-worker
- octavia-housekeeping
- octavia-health-manager
{% endif %}
{% if 'ironic' in bootstrap_host_scenarios_expanded %}
- network:
container_bridge: "br-bmaas"
container_type: "veth"
container_interface: "eth15"
host_bind_override: "eth15"
ip_from_q: "bmaas"
type: "flat"
net_name: "bmaas"
group_binds:
- ironic_api
- ironic_inspector
{% endif %}
{% if 'ovs' in bootstrap_host_scenarios_expanded %}
- network:
container_bridge: "br-provider"
container_type: "veth"
container_interface: "eth12"
network_interface: "eth12"
type: "vlan"
range: "101:200,301:400"
net_name: "physnet1"
group_binds:
- neutron_openvswitch_agent
- network:
container_bridge: "br-provider"
container_type: "veth"
net_name: "physnet1"
type: "flat"
group_binds:
- neutron_openvswitch_agent
{% else %}
- network:
container_bridge: "br-provider"
network_interface: "eth12"
type: "vlan"
range: "101:200,301:400"
net_name: "physnet1"
group_binds:
- neutron_ovn_gateway
- network:
container_bridge: "br-provider"
container_type: "veth"
net_name: "physnet1"
type: "flat"
group_binds:
- neutron_ovn_gateway
{% endif %}
- network:
container_bridge: "br-storage"
container_type: "veth"
container_interface: "eth2"
ip_from_q: "storage"
type: "raw"
group_binds:
- glance_api
- cinder_api
- cinder_volume
- nova_compute
- manila_share
- swift_proxy
- ceph-mon
- ceph-osd
# keystone
identity_hosts:
aio1:
ip: {{ bootstrap_host_public_address }}
management_ip: {{ bootstrap_host_management_address }}
{% if 'keystone' in bootstrap_host_scenarios or 'infra' in bootstrap_host_scenarios %}
# NOTE (jrosser) this ensures that we deploy 3 keystone containers
# during the os_keystone role test to validate ssh keys and fernet key sync
# Also deploy 3 keystone containers for infra jobs as these are run
# for patches to the plugins repo containing the ssh key management role
affinity:
keystone_container: 3
{% endif %}
# galera, memcache, rabbitmq, utility
shared-infra_hosts:
aio1:
ip: {{ bootstrap_host_public_address }}
management_ip: {{ bootstrap_host_management_address }}
{% if 'infra' in bootstrap_host_scenarios_expanded %}
affinity:
galera_container: 3
memcached_container: 3
rabbit_mq_container: 3
{% endif %}
repo-infra_hosts:
aio1:
{% if bootstrap_host_install_method == 'distro' %}
affinity:
repo_container: 0
{% endif %}
{% if 'infra' in bootstrap_host_scenarios_expanded %}
affinity:
repo_container: 3
{% endif %}
ip: {{ bootstrap_host_public_address }}
management_ip: {{ bootstrap_host_management_address }}
{% if 'zookeeper' in bootstrap_host_scenarios_expanded %}
coordination_hosts:
aio1:
ip: {{ bootstrap_host_public_address }}
management_ip:{{ bootstrap_host_management_address }}
{% if 'infra' in bootstrap_host_scenarios_expanded %}
affinity:
zookeeper_container: 3
{% endif %}
{% endif %}
View Git Blame Copy Permalink