Add public network and quintupleo template
This should have been two commits, but apparently I forgot to push the button after the first one. Adding a public network allows us to simulate a more realistic environment where the provisioning network and the public API network are separate. The QuintupleO template wraps the existing virtual-baremetal.yaml and does some extra configuration suited to a TripleO deployment model. I made it a separate template in an attempt to decouple OVB and QuintupleO since the former doesn't necessarily need the latter.
This commit is contained in:
parent
f3f0cefd08
commit
49b3a4967d
18
README.rst
18
README.rst
|
@ -91,6 +91,24 @@ Preparing the Host Cloud Environment
|
|||
neutron net-create provision
|
||||
neutron subnet-create --name provision --no-gateway --disable-dhcp provision 192.0.2.0/24
|
||||
|
||||
#. Create "public" network.
|
||||
|
||||
.. note:: The CIDR used for the subnet does not matter.
|
||||
This can be used as the network for the public API endpoints
|
||||
on the overcloud, but it does not have to be accessible
|
||||
externally. Only the undercloud VM will need to have access
|
||||
to this network.
|
||||
|
||||
.. warning:: Do not enable DHCP on this network. Doing so may cause
|
||||
conflicts between the host cloud metadata service and the
|
||||
undercloud metadata service. Overcloud nodes will be
|
||||
assigned addresses on this network by the undercloud Neutron.
|
||||
|
||||
::
|
||||
|
||||
neutron net-create public
|
||||
neutron subnet-create --name public --no-gateway --disable-dhcp public 10.0.0.0/24
|
||||
|
||||
#. Add a Nova keypair to be injected into instances::
|
||||
|
||||
nova keypair-add --pub-key ~/.ssh/id_rsa.pub default
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
"baremetal_flavor": "baremetal",
|
||||
"baremetal_image": "empty",
|
||||
"key_name": "default",
|
||||
"public_net": "public",
|
||||
"private_net": "private",
|
||||
"provision_net": "provision",
|
||||
"bmc_prefix": "bmc",
|
||||
|
|
|
@ -1,2 +1,3 @@
|
|||
resource_registry:
|
||||
OS::OVB::BMC: virtual-baremetal-servers.yaml
|
||||
OS::OVB::ServerPair: virtual-baremetal-servers.yaml
|
||||
OS::OVB::BaremetalEnvironment: virtual-baremetal.yaml
|
||||
|
|
|
@ -22,6 +22,12 @@ parameters:
|
|||
baremetal_prefix:
|
||||
type: string
|
||||
|
||||
public_net:
|
||||
type: string
|
||||
|
||||
public_sg:
|
||||
type: string
|
||||
|
||||
private_net:
|
||||
type: string
|
||||
|
||||
|
@ -115,8 +121,10 @@ resources:
|
|||
key_name: {get_param: key_name}
|
||||
security_groups:
|
||||
- {get_param: provision_sg}
|
||||
- {get_param: public_sg}
|
||||
networks:
|
||||
- network: {get_param: provision_net}
|
||||
- network: {get_param: public_net}
|
||||
name:
|
||||
list_join:
|
||||
- ''
|
||||
|
|
|
@ -11,7 +11,7 @@ parameters:
|
|||
|
||||
bmc_image:
|
||||
type: string
|
||||
default: openstack-bmc
|
||||
default: CentOS-7-x86_64-GenericCloud-1503
|
||||
|
||||
baremetal_flavor:
|
||||
type: string
|
||||
|
@ -30,6 +30,10 @@ parameters:
|
|||
type: number
|
||||
default: 1
|
||||
|
||||
public_net:
|
||||
type: string
|
||||
default: public
|
||||
|
||||
private_net:
|
||||
type: string
|
||||
default: private
|
||||
|
@ -63,6 +67,19 @@ parameters:
|
|||
type: string
|
||||
|
||||
resources:
|
||||
# NOTE(bnemec): This should probably be limited to allowing only
|
||||
# OpenStack API ports, but for now this is simpler and not
|
||||
# completely unreasonable.
|
||||
public_sg:
|
||||
type: OS::Neutron::SecurityGroup
|
||||
properties:
|
||||
name: public_sg
|
||||
description: Allows all traffic
|
||||
rules:
|
||||
- protocol: icmp
|
||||
- protocol: tcp
|
||||
- protocol: udp
|
||||
|
||||
provision_sg:
|
||||
type: OS::Neutron::SecurityGroup
|
||||
properties:
|
||||
|
@ -92,13 +109,15 @@ resources:
|
|||
properties:
|
||||
count: {get_param: node_count}
|
||||
resource_def:
|
||||
type: OS::OVB::BMC
|
||||
type: OS::OVB::ServerPair
|
||||
properties:
|
||||
bmc_flavor: {get_param: bmc_flavor}
|
||||
bmc_image: {get_param: bmc_image}
|
||||
baremetal_flavor: {get_param: baremetal_flavor}
|
||||
baremetal_image: {get_param: baremetal_image}
|
||||
key_name: {get_param: key_name}
|
||||
public_net: {get_param: public_net}
|
||||
public_sg: {get_resource: public_sg}
|
||||
private_net: {get_param: private_net}
|
||||
private_sg: {get_resource: private_sg}
|
||||
provision_net: {get_param: provision_net}
|
||||
|
|
Loading…
Reference in New Issue