openstack
/
openstack-virtual-baremetal
Code Issues Proposed changes

Add public network and quintupleo template 

This should have been two commits, but apparently I forgot to push
the button after the first one.

Adding a public network allows us to simulate a more realistic
environment where the provisioning network and the public API
network are separate.

The QuintupleO template wraps the existing virtual-baremetal.yaml
and does some extra configuration suited to a TripleO deployment
model.  I made it a separate template in an attempt to decouple
OVB and QuintupleO since the former doesn't necessarily need the
latter.
This commit is contained in:
Ben Nemec 2015-09-22 17:31:16 -05:00
parent f3f0cefd08
commit 49b3a4967d
5 changed files with 50 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
README.rst
View File

@ -91,6 +91,24 @@ Preparing the Host Cloud Environment
neutron net-create provision
neutron subnet-create --name provision --no-gateway --disable-dhcp provision 192.0.2.0/24
#. Create "public" network.
.. note:: The CIDR used for the subnet does not matter.
This can be used as the network for the public API endpoints
on the overcloud, but it does not have to be accessible
externally. Only the undercloud VM will need to have access
to this network.
.. warning:: Do not enable DHCP on this network. Doing so may cause
conflicts between the host cloud metadata service and the
undercloud metadata service. Overcloud nodes will be
assigned addresses on this network by the undercloud Neutron.
::
neutron net-create public
neutron subnet-create --name public --no-gateway --disable-dhcp public 10.0.0.0/24
#. Add a Nova keypair to be injected into instances::
nova keypair-add --pub-key ~/.ssh/id_rsa.pub default

1
templates/env.json.example
View File

@ -10,6 +10,7 @@
"baremetal_flavor": "baremetal",
"baremetal_image": "empty",
"key_name": "default",
"public_net": "public",
"private_net": "private",
"provision_net": "provision",
"bmc_prefix": "bmc",

3
templates/resource-registry.yaml
View File

@ -1,2 +1,3 @@
resource_registry:
OS::OVB::BMC: virtual-baremetal-servers.yaml
OS::OVB::ServerPair: virtual-baremetal-servers.yaml
OS::OVB::BaremetalEnvironment: virtual-baremetal.yaml

8
templates/virtual-baremetal-servers.yaml
View File

@ -22,6 +22,12 @@ parameters:
baremetal_prefix:
type: string
public_net:
type: string
public_sg:
type: string
private_net:
type: string
@ -115,8 +121,10 @@ resources:
key_name: {get_param: key_name}
security_groups:
- {get_param: provision_sg}
- {get_param: public_sg}
networks:
- network: {get_param: provision_net}
- network: {get_param: public_net}
name:
list_join:
- ''

23
templates/virtual-baremetal.yaml
View File

@ -11,7 +11,7 @@ parameters:
bmc_image:
type: string
default: openstack-bmc
default: CentOS-7-x86_64-GenericCloud-1503
baremetal_flavor:
type: string
@ -30,6 +30,10 @@ parameters:
type: number
default: 1
public_net:
type: string
default: public
private_net:
type: string
default: private
@ -63,6 +67,19 @@ parameters:
type: string
resources:
# NOTE(bnemec): This should probably be limited to allowing only
# OpenStack API ports, but for now this is simpler and not
# completely unreasonable.
public_sg:
type: OS::Neutron::SecurityGroup
properties:
name: public_sg
description: Allows all traffic
rules:
- protocol: icmp
- protocol: tcp
- protocol: udp
provision_sg:
type: OS::Neutron::SecurityGroup
properties:
@ -92,13 +109,15 @@ resources:
properties:
count: {get_param: node_count}
resource_def:
type: OS::OVB::BMC
type: OS::OVB::ServerPair
properties:
bmc_flavor: {get_param: bmc_flavor}
bmc_image: {get_param: bmc_image}
baremetal_flavor: {get_param: baremetal_flavor}
baremetal_image: {get_param: baremetal_image}
key_name: {get_param: key_name}
public_net: {get_param: public_net}
public_sg: {get_resource: public_sg}
private_net: {get_param: private_net}
private_sg: {get_resource: private_sg}
provision_net: {get_param: provision_net}