(WIP) Update for network isolation

playbooks/deploy-osp.yml

@@ -72,6 +72,8 @@
  - logs
  - scripts
  - templates
+ - templates/nic-configs
+ - templates/roles
 
  - name: Upgrading all packages, 3-4 minutes
  yum:
@@ -175,27 +177,45 @@
  group: "stack"
  mode: "{{ item.mode }}"
  with_items:
+ - src: "osp/{{ redhat_osp_version }}/overcloud/roles/role_data.yaml.j2"
+ dest: "/home/stack/templates/roles/role_data.yaml"
+ mode: "0644"
  - src: "osp/{{ redhat_osp_version }}/overcloud/node-info.yaml.j2"
  dest: "/home/stack/templates/node-info.yaml"
  mode: "0644"
  - src: "osp/{{ redhat_osp_version }}/overcloud/ansible-osp-registration.yml.j2"
  dest: "/home/stack/ansible-osp-registration.yml"
  mode: "0644"
+ - src: "osp/{{ redhat_osp_version }}/overcloud/network_data.yaml.j2"
+ dest: "/home/stack/templates/network_data.yaml"
+ mode: "0644"
+ - src: "osp/{{ redhat_osp_version }}/overcloud/environment-rhel-registration.yaml.j2"
+ dest: "/home/stack/templates/rhel-registration/environment-rhel-registration.yaml"
+ mode: "0644"
  - src: "osp/{{ redhat_osp_version }}/overcloud/overcloud-deploy.sh.j2"
  dest: "/home/stack/scripts/overcloud-deploy.sh"
  mode: "0744"
  - src: "osp/{{ redhat_osp_version }}/overcloud/ceph-custom-config.yaml.j2"
  dest: "/home/stack/templates/ceph-custom-config.yaml"
  mode: "0644"
- - src: "osp/{{ redhat_osp_version }}/overcloud/manila-cephfsnative-config.yaml.j2"
- dest: "/home/stack/templates/manila-cephfsnative-config.yaml"
+ - src: "osp/{{ redhat_osp_version }}/overcloud/manila-{{ manila_backend | default('cephfsnative') }}-config.yaml.j2"
+ dest: "/home/stack/templates/manila-{{ manila_backend | default('cephfsnative') }}-config.yaml"
  mode: "0644"
  - src: "osp/{{ redhat_osp_version }}/overcloud/storage-environment.yaml.j2"
  dest: "/home/stack/templates/storage-environment.yaml"
  mode: "0644"
  - src: "osp/{{ redhat_osp_version }}/overcloud/configure-barbican.yaml.j2"
  dest: "/home/stack/templates/configure-barbican.yaml"
  mode: "0644"
+ - src: "osp/{{ redhat_osp_version }}/overcloud/nic-configs/controller.yaml.j2"
+ dest: "/home/stack/templates/nic-configs/controller.yaml"
+ mode: "0644"
+ - src: "osp/{{ redhat_osp_version }}/overcloud/nic-configs/compute.yaml.j2"
+ dest: "/home/stack/templates/nic-configs/compute.yaml"
+ mode: "0644"
+ - src: "osp/{{ redhat_osp_version }}/overcloud/nic-configs/ceph-storage.yaml.j2"
+ dest: "/home/stack/templates/nic-configs/ceph-storage.yaml"
+ mode: "0644"
 
  - name: Introspect servers
  shell: |

playbooks/osp/13/overcloud/nic-configs/ceph-storage.yaml.j2

@@ -0,0 +1,192 @@
+heat_template_version: queens
+description: >
+ Software Config to drive os-net-config with 2 bonded nics on a bridge with VLANs attached for the compute role.
+parameters:
+ ControlPlaneIp:
+ default: ''
+ description: IP address/subnet on the ctlplane network
+ type: string
+ ExternalIpSubnet:
+ default: ''
+ description: IP address/subnet on the external network
+ type: string
+ InternalApiIpSubnet:
+ default: ''
+ description: IP address/subnet on the internal_api network
+ type: string
+ StorageIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage network
+ type: string
+ StorageMgmtIpSubnet:
+ default: ''
+ description: IP address/subnet on the storage_mgmt network
+ type: string
+ TenantIpSubnet:
+ default: ''
+ description: IP address/subnet on the tenant network
+ type: string
+ ManagementIpSubnet: # Only populated when including environments/network-management.yaml
+ default: ''
+ description: IP address/subnet on the management network
+ type: string
+ BondInterfaceOvsOptions:
+ default: ''
+ description: 'The ovs_options or bonding_options string for the bond
+ interface. Set things like lacp=active and/or bond_mode=balance-slb
+ for OVS bonds or like mode=4 for Linux bonds using this option.'
+ type: string
+ constraints:
+ - allowed_pattern: ^((?!balance.tcp).)*$
+ description: 'The balance-tcp bond mode is known to cause packet loss and
+ should not be used in BondInterfaceOvsOptions.'
+ ExternalNetworkVlanID:
+ default: 10
+ description: Vlan ID for the external network traffic.
+ type: number
+ InternalApiNetworkVlanID:
+ default: 20
+ description: Vlan ID for the internal_api network traffic.
+ type: number
+ StorageNetworkVlanID:
+ default: 30
+ description: Vlan ID for the storage network traffic.
+ type: number
+ StorageMgmtNetworkVlanID:
+ default: 40
+ description: Vlan ID for the storage mgmt network traffic.
+ type: number
+ TenantNetworkVlanID:
+ default: 50
+ description: Vlan ID for the tenant network traffic.
+ type: number
+ ManagementNetworkVlanID:
+ default: 60
+ description: Vlan ID for the management network traffic.
+ type: number
+ ControlPlaneSubnetCidr: # Override this via parameter_defaults
+ default: '24'
+ description: The subnet CIDR of the control plane network.
+ type: string
+ ControlPlaneDefaultRoute: # Override this via parameter_defaults
+ description: The default route of the control plane network.
+ type: string
+ ExternalInterfaceDefaultRoute: # Not used by default in this template
+ default: 10.0.0.1
+ description: The default route of the external network.
+ type: string
+ ManagementInterfaceDefaultRoute: # Commented out by default in this template
+ default: unset
+ description: The default route of the management network.
+ type: string
+ DnsServers: # Override this via parameter_defaults
+ default: []
+ description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
+ type: comma_delimited_list
+resources:
+ OsNetConfigImpl:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ str_replace:
+ template:
+ get_file: /usr/share/openstack-tripleo-heat-templates/network/scripts/run-os-net-config.sh
+ params:
+ $network_config:
+ network_config:
+ - type: interface
+ name: eth0
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ list_join:
+ - /
+ - - get_param: ControlPlaneIp
+ - get_param: ControlPlaneSubnetCidr
+ routes:
+ - default: true
+ next_hop:
+ get_param: ControlPlaneDefaultRoute 
+ - ip_netmask: 169.254.169.254/32
+ next_hop:
+ get_param: ControlPlaneDefaultRoute
+ dns_servers:
+ get_param: DnsServers 
+ - type: ovs_bridge
+ name: bridge_name
+ members:
+ - type: linux_bond
+ name: bond0
+ mtu: 9000
+ bonding_options:
+ get_param: BondInterfaceOvsOptions
+ members:
+ - type: interface
+ name: eth1
+ mtu: 9000
+ - type: interface
+ name: eth2
+ mtu: 9000
+ - type: vlan
+ device: bond0
+ mtu: 1500
+ vlan_id:
+ get_param: ManagementNetworkVlanID
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: ManagementIpSubnet 
+ routes:
+ - ip_netmask: ManagementNetCidr
+ next_hop:
+ get_param: ManagementInterfaceDefaultRoute
+ - type: vlan
+ device: bond0
+ mtu: 1500
+ vlan_id:
+ get_param: InternalApiNetworkVlanID
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: InternalApiIpSubnet
+ - type: vlan
+ device: bond0
+ mtu: 1500
+ vlan_id:
+ get_param: StorageNetworkVlanID
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: StorageIpSubnet
+ - type: vlan
+ device: bond1
+ mtu: 1500
+ vlan_id:
+ get_param: StorageMgmtNetworkVlanID
+ use_dhcp: false
+ addresses:
+ - ip_netmask:
+ get_param: StorageMgmtIpSubnet
+ - type: ovs_bridge
+ name: br-storage
+ members:
+ - type: linux_bond
+ name: bond1
+ mtu: 9000
+ bonding_options:
+ get_param: BondInterfaceOvsOptions
+ members:
+ - type: interface
+ name: eth3
+ mtu: 9000
+ - type: interface
+ name: eth4
+ mtu: 9000
+
+
+outputs:
+ OS::stack_id:
+ description: The OsNetConfigImpl resource.
+ value:
+ get_resource: OsNetConfigImpl