flatten the ovn service configurations
This change combines the previous puppet and docker files into a single file that performs the docker service installation and configuration for the ovn services. Related-Blueprint: services-yaml-flattening Change-Id: I6261863c15f594fed8207ff258f1d9c809a9a864
This commit is contained in:
parent
be90d93c3c
commit
30cfaccb49
@ -4,7 +4,7 @@ resource_registry:
|
||||
# Some infra instances don't pass the ping test but are otherwise working.
|
||||
# Since the OVB jobs also test this functionality we can shut it off here.
|
||||
OS::TripleO::AllNodes::Validation: ../common/all-nodes-validation-disabled.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../docker/services/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-container-puppet.yaml
|
||||
|
||||
parameter_defaults:
|
||||
ControllerServices:
|
||||
|
@ -36,37 +36,108 @@ parameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
OVNSouthboundServerPort:
|
||||
description: Port of the Southbound DB Server
|
||||
type: number
|
||||
default: 6642
|
||||
OVNTunnelEncapType:
|
||||
description: Tunnel encapsulation type
|
||||
type: string
|
||||
default: geneve
|
||||
NeutronBridgeMappings:
|
||||
description: >
|
||||
The OVS logical->physical bridge mappings to use. See the Neutron
|
||||
documentation for details. Defaults to mapping br-ex - the external
|
||||
bridge on hosts - to a physical name 'datacentre' which can be used
|
||||
to create provider networks (and we use this for the default floating
|
||||
network) - if changing this either use different post-install network
|
||||
scripts or be sure to keep 'datacentre' as a mapping network name.
|
||||
type: comma_delimited_list
|
||||
default: "datacentre:br-ex"
|
||||
tags:
|
||||
- role_specific
|
||||
OVNIntegrationBridge:
|
||||
description: >
|
||||
Name of the OVS bridge to use as integration bridge by OVN Controller.
|
||||
type: string
|
||||
default: "br-int"
|
||||
OVNMetadataEnabled:
|
||||
description: Whether Metadata Service has to be enabled
|
||||
type: boolean
|
||||
default: true
|
||||
OVNCMSOptions:
|
||||
description: The CMS options to configure in ovs db
|
||||
type: string
|
||||
default: ""
|
||||
tags:
|
||||
- role_specific
|
||||
OvsHwOffload:
|
||||
default: false
|
||||
description: |
|
||||
Enable OVS Hardware Offload. This feature supported from OVS 2.8.0
|
||||
type: boolean
|
||||
tags:
|
||||
- role_specific
|
||||
|
||||
conditions:
|
||||
force_config_drive: {equals: [{get_param: OVNMetadataEnabled}, false]}
|
||||
|
||||
resources:
|
||||
|
||||
ContainersCommon:
|
||||
type: ./containers-common.yaml
|
||||
type: ../../docker/services/containers-common.yaml
|
||||
|
||||
OvnControllerBase:
|
||||
type: ../../puppet/services/ovn-controller.yaml
|
||||
# Merging role-specific parameters (RoleParameters) with the default parameters.
|
||||
# RoleParameters will have the precedence over the default parameters.
|
||||
RoleParametersValue:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
EndpointMap: {get_param: EndpointMap}
|
||||
ServiceData: {get_param: ServiceData}
|
||||
ServiceNetMap: {get_param: ServiceNetMap}
|
||||
DefaultPasswords: {get_param: DefaultPasswords}
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
type: json
|
||||
value:
|
||||
map_replace:
|
||||
- map_replace:
|
||||
- ovn::controller::ovn_bridge_mappings: NeutronBridgeMappings
|
||||
ovn::controller::ovn_cms_options: OVNCMSOptions
|
||||
ovn::controller::enable_hw_offload: OvsHwOffload
|
||||
- values: {get_param: [RoleParameters]}
|
||||
- values:
|
||||
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
|
||||
OVNCMSOptions: {get_param: OVNCMSOptions}
|
||||
OvsHwOffload: {get_param: OvsHwOffload}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ovn Controller agent.
|
||||
value:
|
||||
service_name: {get_attr: [OvnControllerBase, role_data, service_name]}
|
||||
service_name: ovn_controller
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [OvnControllerBase, role_data, config_settings]
|
||||
service_config_settings: {get_attr: [OvnControllerBase, role_data, service_config_settings]}
|
||||
- get_attr: [RoleParametersValue, value]
|
||||
- ovn::southbound::port: {get_param: OVNSouthboundServerPort}
|
||||
ovn::controller::ovn_encap_type: {get_param: OVNTunnelEncapType}
|
||||
ovn::controller::ovn_encap_ip:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
|
||||
ovn::controller::ovn_bridge: {get_param: OVNIntegrationBridge}
|
||||
nova::compute::force_config_drive: {if: [force_config_drive, true, false]}
|
||||
tripleo::profile::base::neutron::agents::ovn::ovn_db_host: {get_param: [EndpointMap, OvnDbInternal, host_nobrackets]}
|
||||
tripleo::ovn_controller::firewall_rules:
|
||||
'118 neutron vxlan networks':
|
||||
proto: 'udp'
|
||||
dport: 4789
|
||||
'119 neutron geneve networks':
|
||||
proto: 'udp'
|
||||
dport: 6081
|
||||
service_config_settings: {}
|
||||
# BEGIN DOCKER SETTINGS
|
||||
puppet_config:
|
||||
puppet_tags: vs_config,exec
|
||||
config_volume: ovn_controller
|
||||
step_config:
|
||||
get_attr: [OvnControllerBase, role_data, step_config]
|
||||
step_config: |
|
||||
include ::tripleo::profile::base::neutron::agents::ovn
|
||||
config_image: {get_param: DockerOvnControllerConfigImage}
|
||||
# We need to mount /run for puppet_config step. This is because
|
||||
# puppet-vswitch runs the commands "ovs-vsctl set open_vswitch . external_ids:..."
|
||||
@ -114,7 +185,7 @@ outputs:
|
||||
- yaql:
|
||||
expression: str($.data.port)
|
||||
data:
|
||||
port: {get_attr: [OvnControllerBase, role_data, config_settings, 'ovn::southbound::port']}
|
||||
port: {get_param: OVNSouthboundServerPort}
|
||||
volumes:
|
||||
- /var/lib/kolla/config_files/ovn_controller.json:/var/lib/kolla/config_files/config.json:ro
|
||||
- /lib/modules:/lib/modules:ro
|
@ -39,30 +39,41 @@ parameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
OVNNorthboundServerPort:
|
||||
description: Port of the OVN Northbound DB server
|
||||
type: number
|
||||
default: 6641
|
||||
OVNSouthboundServerPort:
|
||||
description: Port of the OVN Southbound DB server
|
||||
type: number
|
||||
default: 6642
|
||||
|
||||
resources:
|
||||
|
||||
ContainersCommon:
|
||||
type: ./containers-common.yaml
|
||||
|
||||
OVNDbsBase:
|
||||
type: ../../puppet/services/ovn-dbs.yaml
|
||||
properties:
|
||||
EndpointMap: {get_param: EndpointMap}
|
||||
ServiceData: {get_param: ServiceData}
|
||||
ServiceNetMap: {get_param: ServiceNetMap}
|
||||
DefaultPasswords: {get_param: DefaultPasswords}
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
type: ../../docker/services/containers-common.yaml
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the OVN Dbs role.
|
||||
value:
|
||||
service_name: {get_attr: [OVNDbsBase, role_data, service_name]}
|
||||
service_name: ovn_dbs
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [OVNDbsBase, role_data, config_settings]
|
||||
ovn::northbound::port: {get_param: OVNNorthboundServerPort}
|
||||
ovn::southbound::port: {get_param: OVNSouthboundServerPort}
|
||||
ovn::northd::dbs_listen_ip:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, OvnDbsNetwork]}
|
||||
tripleo::haproxy::ovn_dbs_manage_lb: true
|
||||
tripleo::ovn_dbs::firewall_rules:
|
||||
'121 OVN DB server ports':
|
||||
proto: 'tcp'
|
||||
dport:
|
||||
- {get_param: OVNNorthboundServerPort}
|
||||
- {get_param: OVNSouthboundServerPort}
|
||||
# BEGIN DOCKER SETTINGS
|
||||
# puppet_config is not required for this service since we configure
|
||||
# the NB and SB DB servers to listen on the proper IP address/port
|
||||
@ -71,8 +82,8 @@ outputs:
|
||||
puppet_config:
|
||||
config_volume: ''
|
||||
config_image: ''
|
||||
step_config:
|
||||
get_attr: [OVNDbsBase, role_data, step_config]
|
||||
step_config: |
|
||||
include ::tripleo::profile::base::neutron::ovn_northd #unused
|
||||
kolla_config:
|
||||
/var/lib/kolla/config_files/ovn_north_db_server.json:
|
||||
command:
|
@ -72,10 +72,10 @@ conditions:
|
||||
resources:
|
||||
|
||||
ContainersCommon:
|
||||
type: ./../containers-common.yaml
|
||||
type: ../../docker/services/containers-common.yaml
|
||||
|
||||
OVNDbsBase:
|
||||
type: ../../../puppet/services/pacemaker/ovn-dbs.yaml
|
||||
type: ./ovn-dbs-container-puppet.yaml
|
||||
properties:
|
||||
EndpointMap: {get_param: EndpointMap}
|
||||
ServiceData: {get_param: ServiceData}
|
||||
@ -90,7 +90,7 @@ outputs:
|
||||
role_data:
|
||||
description: Role data for the OVN Dbs HA role.
|
||||
value:
|
||||
service_name: {get_attr: [OVNDbsBase, role_data, service_name]}
|
||||
service_name: ovn_dbs
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [OVNDbsBase, role_data, config_settings]
|
||||
@ -104,7 +104,8 @@ outputs:
|
||||
- tripleo::profile::pacemaker::ovn_dbs_bundle::nb_db_port: {get_param: OVNNorthboundServerPort}
|
||||
- tripleo::profile::pacemaker::ovn_dbs_bundle::sb_db_port: {get_param: OVNSouthboundServerPort}
|
||||
- tripleo::profile::pacemaker::ovn_dbs_bundle::container_backend: {get_param: ContainerCli}
|
||||
service_config_settings: {get_attr: [OVNDbsBase, role_data, service_config_settings]}
|
||||
- tripleo::haproxy::ovn_dbs_manage_lb: false
|
||||
service_config_settings: {}
|
||||
# BEGIN DOCKER SETTINGS
|
||||
puppet_config:
|
||||
config_volume: 'ovn_dbs'
|
@ -59,19 +59,64 @@ parameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
NeutronMetadataProxySharedSecret:
|
||||
description: Shared secret to prevent spoofing
|
||||
type: string
|
||||
hidden: true
|
||||
NeutronWorkers:
|
||||
default: ''
|
||||
description: |
|
||||
Sets the number of worker processes for the neutron metadata agent. The
|
||||
default value results in the configuration being left unset and a
|
||||
system-dependent default will be chosen (usually the number of
|
||||
processors). Please note that this can result in a large number of
|
||||
processes and memory consumption on systems with a large core count. On
|
||||
such systems it is recommended that a non-default value be selected that
|
||||
matches the load requirements.
|
||||
type: string
|
||||
NeutronPassword:
|
||||
description: The password for the neutron service and db account, used by neutron agents.
|
||||
type: string
|
||||
hidden: true
|
||||
OVNSouthboundServerPort:
|
||||
description: Port of the OVN Southbound DB server
|
||||
type: number
|
||||
default: 6642
|
||||
OVNDbConnectionTimeout:
|
||||
description: Timeout in seconds for the OVSDB connection transaction
|
||||
type: number
|
||||
default: 180
|
||||
MonitoringSubscriptionOvnMetadata:
|
||||
default: 'overcloud-ovn-metadata'
|
||||
type: string
|
||||
Debug:
|
||||
type: boolean
|
||||
default: false
|
||||
description: Set to True to enable debugging on all services.
|
||||
OvnMetadataAgentDebug:
|
||||
default: ''
|
||||
description: Set to True to enable debugging for OVN Metadata agent.
|
||||
type: string
|
||||
constraints:
|
||||
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
|
||||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
conditions:
|
||||
haproxy_wrapper_enabled: {equals: [{get_param: OVNEnableHaproxyDockerWrapper}, true]}
|
||||
docker_enabled: {equals: [{get_param: ContainerCli}, 'docker']}
|
||||
service_debug_unset: {equals : [{get_param: OVNWrapperDebug}, false]}
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
neutron_workers_unset: {equals : [{get_param: NeutronWorkers}, '']}
|
||||
|
||||
resources:
|
||||
|
||||
ContainersCommon:
|
||||
type: ./containers-common.yaml
|
||||
type: ../../docker/services/containers-common.yaml
|
||||
|
||||
OVNMetadataBase:
|
||||
type: ../../puppet/services/ovn-metadata.yaml
|
||||
NeutronBase:
|
||||
type: ../../puppet/services/neutron-base.yaml
|
||||
properties:
|
||||
EndpointMap: {get_param: EndpointMap}
|
||||
ServiceData: {get_param: ServiceData}
|
||||
@ -89,10 +134,11 @@ outputs:
|
||||
role_data:
|
||||
description: Role data for OVNMetadata agent
|
||||
value:
|
||||
service_name: {get_attr: [OVNMetadataBase, role_data, service_name]}
|
||||
service_name: ovn_metadata
|
||||
monitoring_subscription: {get_param: MonitoringSubscriptionOvnMetadata}
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [OVNMetadataBase, role_data, config_settings]
|
||||
- get_attr: [NeutronBase, role_data, config_settings]
|
||||
- get_attr: [NeutronLogging, config_settings]
|
||||
- tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::enable_haproxy_wrapper: {get_param: OVNEnableHaproxyDockerWrapper}
|
||||
tripleo::profile::base::neutron::ovn_metadata_agent_wrappers::haproxy_process_wrapper: '/var/lib/neutron/ovn_metadata_haproxy_wrapper'
|
||||
@ -103,11 +149,41 @@ outputs:
|
||||
- {get_param: Debug }
|
||||
- {get_param: OVNWrapperDebug}
|
||||
tripleo::profile::base::neutron::container_cli: {get_param: ContainerCli}
|
||||
neutron::agents::ovn_metadata::shared_secret: {get_param: NeutronMetadataProxySharedSecret}
|
||||
neutron::agents::ovn_metadata::auth_password: {get_param: NeutronPassword}
|
||||
neutron::agents::ovn_metadata::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
|
||||
neutron::agents::ovn_metadata::auth_tenant: 'service'
|
||||
neutron::agents::ovn_metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
|
||||
neutron::agents::ovn_metadata::metadata_host:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('cloud_name_$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, NovaMetadataNetwork]}
|
||||
neutron::agents::ovn_metadata::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
|
||||
ovn::southbound::port: {get_param: OVNSouthboundServerPort}
|
||||
tripleo::profile::base::neutron::ovn_metadata::ovn_db_host: {get_param: [EndpointMap, OvnDbInternal, host_nobrackets]}
|
||||
neutron::agents::ovn_metadata::debug:
|
||||
if:
|
||||
- service_debug_unset
|
||||
- {get_param: Debug}
|
||||
- {get_param: OvnMetadataAgentDebug}
|
||||
neutron::agents::ovn_metadata::metadata_protocol:
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
- 'https'
|
||||
- 'http'
|
||||
-
|
||||
if:
|
||||
- neutron_workers_unset
|
||||
- {}
|
||||
- neutron::agents::ovn_metadata::metadata_workers: {get_param: NeutronWorkers}
|
||||
|
||||
puppet_config:
|
||||
puppet_tags: neutron_config,ovn_metadata_agent_config
|
||||
config_volume: neutron
|
||||
step_config:
|
||||
get_attr: [OVNMetadataBase, role_data, step_config]
|
||||
step_config: |
|
||||
include tripleo::profile::base::neutron::ovn_metadata
|
||||
config_image: {get_param: DockerNeutronConfigImage}
|
||||
volumes:
|
||||
- /lib/modules:/lib/modules:ro
|
||||
@ -205,8 +281,7 @@ outputs:
|
||||
- null
|
||||
environment:
|
||||
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
||||
metadata_settings:
|
||||
get_attr: [OVNMetadataBase, role_data, metadata_settings]
|
||||
metadata_settings: {}
|
||||
host_prep_tasks:
|
||||
list_concat:
|
||||
- {get_attr: [NeutronLogging, host_prep_tasks]}
|
@ -21,7 +21,7 @@ resource_registry:
|
||||
OS::TripleO::Services::OsloMessagingRpc: ../deployment/rabbitmq/rabbitmq-messaging-rpc-pacemaker-puppet.yaml
|
||||
OS::TripleO::Services::OsloMessagingNotify: ../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml
|
||||
OS::TripleO::Services::Redis: ../deployment/database/redis-pacemaker-puppet.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../docker/services/pacemaker/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../deployment/ovn/ovn-dbs-pacemaker-puppet.yaml
|
||||
|
||||
parameter_defaults:
|
||||
ContainerCli: docker
|
||||
|
@ -2,9 +2,9 @@
|
||||
# extensions, configured via docker
|
||||
resource_registry:
|
||||
OS::TripleO::Services::NeutronCorePlugin: OS::TripleO::Services::NeutronCorePluginML2OVN
|
||||
OS::TripleO::Services::OVNController: ../docker/services/ovn-controller.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../docker/services/pacemaker/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../docker/services/ovn-metadata.yaml
|
||||
OS::TripleO::Services::OVNController: ../deployment/ovn/ovn-controller-container-puppet.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../deployment/ovn/ovn-dbs-pacemaker-puppet.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../deployment/ovn/ovn-metadata-container-puppet.yaml
|
||||
# Disabling Neutron services that overlap with OVN
|
||||
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
|
||||
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
|
||||
|
@ -1,9 +1,9 @@
|
||||
# A Heat environment that can be used to deploy OVN services with non HA OVN DB servers.
|
||||
resource_registry:
|
||||
OS::TripleO::Docker::NeutronMl2PluginBase: ../../puppet/services/neutron-plugin-ml2-ovn.yaml
|
||||
OS::TripleO::Services::OVNController: ../../puppet/services/ovn-controller.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../puppet/services/pacemaker/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../../puppet/services/ovn-metadata.yaml
|
||||
OS::TripleO::Services::OVNController: ../../deployment/ovn/ovn-controller-container-puppet.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-pacemaker-puppet.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../../deployment/ovn/ovn-metadata-container-puppet.yaml
|
||||
# Disabling Neutron services that overlap with OVN
|
||||
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
|
||||
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
|
||||
|
@ -1,9 +1,9 @@
|
||||
# A Heat environment that can be used to deploy OVN services with non HA OVN DB servers.
|
||||
resource_registry:
|
||||
OS::TripleO::Docker::NeutronMl2PluginBase: ../../puppet/services/neutron-plugin-ml2-ovn.yaml
|
||||
OS::TripleO::Services::OVNController: ../../docker/services/ovn-controller.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../docker/services/pacemaker/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../../docker/services/ovn-metadata.yaml
|
||||
OS::TripleO::Services::OVNController: ../../deployment/ovn/ovn-controller-container-puppet.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-pacemaker-puppet.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../../deployment/ovn/ovn-metadata-container-puppet.yaml
|
||||
# Disabling Neutron services that overlap with OVN
|
||||
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
|
||||
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
|
||||
|
@ -1,9 +1,9 @@
|
||||
# A Heat environment that can be used to deploy OVN services with non HA OVN DB servers.
|
||||
resource_registry:
|
||||
OS::TripleO::Docker::NeutronMl2PluginBase: ../../puppet/services/neutron-plugin-ml2-ovn.yaml
|
||||
OS::TripleO::Services::OVNController: ../../docker/services/ovn-controller.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../docker/services/pacemaker/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../../docker/services/ovn-metadata.yaml
|
||||
OS::TripleO::Services::OVNController: ../../deployment/ovn/ovn-controller-container-puppet.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-pacemaker-puppet.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../../deployment/ovn/ovn-metadata-container-puppet.yaml
|
||||
# Disabling Neutron services that overlap with OVN
|
||||
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
|
||||
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
|
||||
|
@ -1,9 +1,9 @@
|
||||
# A Heat environment that can be used to deploy OVN services with non HA OVN DB servers.
|
||||
resource_registry:
|
||||
OS::TripleO::Docker::NeutronMl2PluginBase: ../../puppet/services/neutron-plugin-ml2-ovn.yaml
|
||||
OS::TripleO::Services::OVNController: ../../docker/services/ovn-controller.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../docker/services/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../../docker/services/ovn-metadata.yaml
|
||||
OS::TripleO::Services::OVNController: ../../deployment/ovn/ovn-controller-container-puppet.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-container-puppet.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: ../../deployment/ovn/ovn-metadata-container-puppet.yaml
|
||||
# Disabling Neutron services that overlap with OVN
|
||||
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
|
||||
OS::TripleO::Services::ComputeNeutronOvsAgent: OS::Heat::None
|
||||
|
@ -110,7 +110,7 @@ resource_registry:
|
||||
OS::TripleO::Services::MistralEngine: OS::Heat::None
|
||||
OS::TripleO::Services::MistralEventEngine: OS::Heat::None
|
||||
OS::TripleO::Services::MistralExecutor: OS::Heat::None
|
||||
OS::TripleO::Services::OVNDBs: ../../docker/services/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-container-puppet.yaml
|
||||
OS::TripleO::Services::OpenStackClients: ../../deployment/clients/openstack-clients-baremetal-puppet.yaml
|
||||
OS::TripleO::Services::PankoApi: OS::Heat::None
|
||||
OS::TripleO::Services::Podman: ../../deployment/podman/podman-baremetal-ansible.yaml
|
||||
|
@ -138,7 +138,7 @@ resource_registry:
|
||||
OS::TripleO::Services::NeutronLbaasv2Agent: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronLbaasv2Api: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
|
||||
OS::TripleO::Services::OVNMetadataAgent: docker/services/ovn-metadata.yaml
|
||||
OS::TripleO::Services::OVNMetadataAgent: deployment/ovn/ovn-metadata-container-puppet.yaml
|
||||
# FIXME(shardy) the duplicate NeutronServer line can be removed when we've updated
|
||||
# the multinode job ControllerServices after this patch merges
|
||||
OS::TripleO::Services::NeutronServer: deployment/neutron/neutron-api-container-puppet.yaml
|
||||
@ -153,10 +153,9 @@ resource_registry:
|
||||
OS::TripleO::Services::NeutronCorePluginPlumgrid: puppet/services/neutron-plugin-plumgrid.yaml
|
||||
OS::TripleO::Services::NeutronCorePluginNuage: puppet/services/neutron-plugin-nuage.yaml
|
||||
OS::TripleO::Services::NeutronCorePluginML2Nuage: puppet/services/neutron-plugin-ml2-nuage.yaml
|
||||
|
||||
OS::TripleO::Services::NeutronCorePluginNSX: deployment/neutron/neutron-plugin-nsx-container-puppet.yaml
|
||||
OS::TripleO::Services::OVNDBs: docker/services/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNController: docker/services/ovn-controller.yaml
|
||||
OS::TripleO::Services::OVNDBs: deployment/ovn/ovn-dbs-container-puppet.yaml
|
||||
OS::TripleO::Services::OVNController: deployment/ovn/ovn-controller-container-puppet.yaml
|
||||
|
||||
OS::TripleO::Services::NeutronCorePluginMLNXSDN: docker/services/neutron-plugin-ml2-mlnx-sdn-assist.yaml
|
||||
OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml
|
||||
|
@ -1,127 +0,0 @@
|
||||
heat_template_version: rocky
|
||||
|
||||
description: >
|
||||
OpenStack OVN Controller agent
|
||||
|
||||
parameters:
|
||||
EndpointMap:
|
||||
default: {}
|
||||
description: Mapping of service endpoint -> protocol. Typically set
|
||||
via parameter_defaults in the resource registry.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
RoleName:
|
||||
default: ''
|
||||
description: Role name on which the service is applied
|
||||
type: string
|
||||
RoleParameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
ServiceData:
|
||||
default: {}
|
||||
description: Dictionary packing service data
|
||||
type: json
|
||||
ServiceNetMap:
|
||||
default: {}
|
||||
description: Mapping of service_name -> network name. Typically set
|
||||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
OVNSouthboundServerPort:
|
||||
description: Port of the Southbound DB Server
|
||||
type: number
|
||||
default: 6642
|
||||
OVNTunnelEncapType:
|
||||
description: Tunnel encapsulation type
|
||||
type: string
|
||||
default: geneve
|
||||
NeutronBridgeMappings:
|
||||
description: >
|
||||
The OVS logical->physical bridge mappings to use. See the Neutron
|
||||
documentation for details. Defaults to mapping br-ex - the external
|
||||
bridge on hosts - to a physical name 'datacentre' which can be used
|
||||
to create provider networks (and we use this for the default floating
|
||||
network) - if changing this either use different post-install network
|
||||
scripts or be sure to keep 'datacentre' as a mapping network name.
|
||||
type: comma_delimited_list
|
||||
default: "datacentre:br-ex"
|
||||
tags:
|
||||
- role_specific
|
||||
OVNIntegrationBridge:
|
||||
description: >
|
||||
Name of the OVS bridge to use as integration bridge by OVN Controller.
|
||||
type: string
|
||||
default: "br-int"
|
||||
OVNMetadataEnabled:
|
||||
description: Whether Metadata Service has to be enabled
|
||||
type: boolean
|
||||
default: true
|
||||
OVNCMSOptions:
|
||||
description: The CMS options to configure in ovs db
|
||||
type: string
|
||||
default: ""
|
||||
tags:
|
||||
- role_specific
|
||||
OvsHwOffload:
|
||||
default: false
|
||||
description: |
|
||||
Enable OVS Hardware Offload. This feature supported from OVS 2.8.0
|
||||
type: boolean
|
||||
tags:
|
||||
- role_specific
|
||||
|
||||
|
||||
resources:
|
||||
# Merging role-specific parameters (RoleParameters) with the default parameters.
|
||||
# RoleParameters will have the precedence over the default parameters.
|
||||
RoleParametersValue:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
map_replace:
|
||||
- map_replace:
|
||||
- ovn::controller::ovn_bridge_mappings: NeutronBridgeMappings
|
||||
ovn::controller::ovn_cms_options: OVNCMSOptions
|
||||
ovn::controller::enable_hw_offload: OvsHwOffload
|
||||
- values: {get_param: [RoleParameters]}
|
||||
- values:
|
||||
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
|
||||
OVNCMSOptions: {get_param: OVNCMSOptions}
|
||||
OvsHwOffload: {get_param: OvsHwOffload}
|
||||
|
||||
conditions:
|
||||
force_config_drive: {equals: [{get_param: OVNMetadataEnabled}, false]}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the OVN Controller agent
|
||||
value:
|
||||
service_name: ovn_controller
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [RoleParametersValue, value]
|
||||
- ovn::southbound::port: {get_param: OVNSouthboundServerPort}
|
||||
ovn::controller::ovn_encap_type: {get_param: OVNTunnelEncapType}
|
||||
ovn::controller::ovn_encap_ip:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
|
||||
ovn::controller::ovn_bridge: {get_param: OVNIntegrationBridge}
|
||||
nova::compute::force_config_drive: {if: [force_config_drive, true, false]}
|
||||
tripleo::profile::base::neutron::agents::ovn::ovn_db_host: {get_param: [EndpointMap, OvnDbInternal, host_nobrackets]}
|
||||
tripleo::ovn_controller::firewall_rules:
|
||||
'118 neutron vxlan networks':
|
||||
proto: 'udp'
|
||||
dport: 4789
|
||||
'119 neutron geneve networks':
|
||||
proto: 'udp'
|
||||
dport: 6081
|
||||
step_config: |
|
||||
include ::tripleo::profile::base::neutron::agents::ovn
|
||||
upgrade_tasks: []
|
@ -1,65 +0,0 @@
|
||||
heat_template_version: rocky
|
||||
|
||||
description: >
|
||||
OVN databases configured with puppet
|
||||
|
||||
parameters:
|
||||
ServiceData:
|
||||
default: {}
|
||||
description: Dictionary packing service data
|
||||
type: json
|
||||
ServiceNetMap:
|
||||
default: {}
|
||||
description: Mapping of service_name -> network name. Typically set
|
||||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
RoleName:
|
||||
default: ''
|
||||
description: Role name on which the service is applied
|
||||
type: string
|
||||
RoleParameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
EndpointMap:
|
||||
default: {}
|
||||
description: Mapping of service endpoint -> protocol. Typically set
|
||||
via parameter_defaults in the resource registry.
|
||||
type: json
|
||||
OVNNorthboundServerPort:
|
||||
description: Port of the OVN Northbound DB server
|
||||
type: number
|
||||
default: 6641
|
||||
OVNSouthboundServerPort:
|
||||
description: Port of the OVN Southbound DB server
|
||||
type: number
|
||||
default: 6642
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the OVN northd service
|
||||
value:
|
||||
service_name: ovn_dbs
|
||||
config_settings:
|
||||
ovn::northbound::port: {get_param: OVNNorthboundServerPort}
|
||||
ovn::southbound::port: {get_param: OVNSouthboundServerPort}
|
||||
ovn::northd::dbs_listen_ip:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, OvnDbsNetwork]}
|
||||
tripleo::haproxy::ovn_dbs_manage_lb: true
|
||||
tripleo::ovn_dbs::firewall_rules:
|
||||
'121 OVN DB server ports':
|
||||
proto: 'tcp'
|
||||
dport:
|
||||
- {get_param: OVNNorthboundServerPort}
|
||||
- {get_param: OVNSouthboundServerPort}
|
||||
step_config: |
|
||||
include ::tripleo::profile::base::neutron::ovn_northd
|
||||
upgrade_tasks: []
|
@ -1,134 +0,0 @@
|
||||
heat_template_version: rocky
|
||||
|
||||
description: >
|
||||
OpenStack Networking-ovn Metadata agent configured with Puppet
|
||||
|
||||
parameters:
|
||||
ServiceData:
|
||||
default: {}
|
||||
description: Dictionary packing service data
|
||||
type: json
|
||||
ServiceNetMap:
|
||||
default: {}
|
||||
description: Mapping of service_name -> network name. Typically set
|
||||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
RoleName:
|
||||
default: ''
|
||||
description: Role name on which the service is applied
|
||||
type: string
|
||||
RoleParameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
EndpointMap:
|
||||
default: {}
|
||||
description: Mapping of service endpoint -> protocol. Typically set
|
||||
via parameter_defaults in the resource registry.
|
||||
type: json
|
||||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
NeutronMetadataProxySharedSecret:
|
||||
description: Shared secret to prevent spoofing
|
||||
type: string
|
||||
hidden: true
|
||||
NeutronWorkers:
|
||||
default: ''
|
||||
description: |
|
||||
Sets the number of worker processes for the neutron metadata agent. The
|
||||
default value results in the configuration being left unset and a
|
||||
system-dependent default will be chosen (usually the number of
|
||||
processors). Please note that this can result in a large number of
|
||||
processes and memory consumption on systems with a large core count. On
|
||||
such systems it is recommended that a non-default value be selected that
|
||||
matches the load requirements.
|
||||
type: string
|
||||
NeutronPassword:
|
||||
description: The password for the neutron service and db account, used by neutron agents.
|
||||
type: string
|
||||
hidden: true
|
||||
OVNSouthboundServerPort:
|
||||
description: Port of the OVN Southbound DB server
|
||||
type: number
|
||||
default: 6642
|
||||
OVNDbConnectionTimeout:
|
||||
description: Timeout in seconds for the OVSDB connection transaction
|
||||
type: number
|
||||
default: 180
|
||||
MonitoringSubscriptionOvnMetadata:
|
||||
default: 'overcloud-ovn-metadata'
|
||||
type: string
|
||||
Debug:
|
||||
type: boolean
|
||||
default: false
|
||||
description: Set to True to enable debugging on all services.
|
||||
OvnMetadataAgentDebug:
|
||||
default: ''
|
||||
description: Set to True to enable debugging for OVN Metadata agent.
|
||||
type: string
|
||||
constraints:
|
||||
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
|
||||
|
||||
conditions:
|
||||
neutron_workers_unset: {equals : [{get_param: NeutronWorkers}, '']}
|
||||
service_debug_unset: {equals: [{get_param: OvnMetadataAgentDebug}, '']}
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
|
||||
resources:
|
||||
|
||||
NeutronBase:
|
||||
type: ./neutron-base.yaml
|
||||
properties:
|
||||
ServiceData: {get_param: ServiceData}
|
||||
ServiceNetMap: {get_param: ServiceNetMap}
|
||||
DefaultPasswords: {get_param: DefaultPasswords}
|
||||
EndpointMap: {get_param: EndpointMap}
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Networking-ovn Metadata agent service.
|
||||
value:
|
||||
service_name: ovn_metadata
|
||||
monitoring_subscription: {get_param: MonitoringSubscriptionOvnMetadata}
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [NeutronBase, role_data, config_settings]
|
||||
- neutron::agents::ovn_metadata::shared_secret: {get_param: NeutronMetadataProxySharedSecret}
|
||||
neutron::agents::ovn_metadata::auth_password: {get_param: NeutronPassword}
|
||||
neutron::agents::ovn_metadata::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
|
||||
neutron::agents::ovn_metadata::auth_tenant: 'service'
|
||||
neutron::agents::ovn_metadata::metadata_ip: "%{hiera('nova_metadata_vip')}"
|
||||
neutron::agents::ovn_metadata::metadata_host:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('cloud_name_$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, NovaMetadataNetwork]}
|
||||
neutron::agents::ovn_metadata::ovsdb_connection_timeout: {get_param: OVNDbConnectionTimeout}
|
||||
ovn::southbound::port: {get_param: OVNSouthboundServerPort}
|
||||
tripleo::profile::base::neutron::ovn_metadata::ovn_db_host: {get_param: [EndpointMap, OvnDbInternal, host_nobrackets]}
|
||||
neutron::agents::ovn_metadata::debug:
|
||||
if:
|
||||
- service_debug_unset
|
||||
- {get_param: Debug}
|
||||
- {get_param: OvnMetadataAgentDebug}
|
||||
neutron::agents::ovn_metadata::metadata_protocol:
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
- 'https'
|
||||
- 'http'
|
||||
-
|
||||
if:
|
||||
- neutron_workers_unset
|
||||
- {}
|
||||
- neutron::agents::ovn_metadata::metadata_workers: {get_param: NeutronWorkers}
|
||||
step_config: |
|
||||
include tripleo::profile::base::neutron::ovn_metadata
|
||||
upgrade_tasks: []
|
@ -63,7 +63,7 @@ environments:
|
||||
OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml
|
||||
|
||||
# OVN
|
||||
OS::TripleO::Services::OVNDBs: ../../docker/services/ovn-dbs.yaml
|
||||
OS::TripleO::Services::OVNDBs: ../../deployment/ovn/ovn-dbs-container-puppet.yaml
|
||||
|
||||
# Manage SELinux
|
||||
OS::TripleO::Services::SELinux: ../../deployment/selinux/selinux-baremetal-puppet.yaml
|
||||
|
Loading…
x
Reference in New Issue
Block a user