Integrate vMX in tungstenfabric environment
Related-PROD: PRODX-20668
Change-Id: I202bf3a25cf7fd4b70b43ce6d0b3e1397872c9ed
diff --git a/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-ntw3.yaml b/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-ntw3.yaml
index d55232c..82d04fd 100644
--- a/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-ntw3.yaml
+++ b/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-ntw3.yaml
@@ -32,8 +32,8 @@
ironic_baremetal_network_pool_start: '10.14.0.100'
ironic_baremetal_network_pool_end: '10.14.0.200'
control_network_cidr: '10.9.10.0/24'
- control_network_vsrx_peering_ip: '10.9.10.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.9.10.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-ntw3.yaml
index 037c118..66cacdc 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-ntw3.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -22,12 +23,13 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
+ vsrx_enabled: true
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_ipam_pool_start: '10.11.12.3'
private_floating_network_ipam_pool_end: '10.11.12.99'
private_floating_network_gateway: '10.11.12.1'
- control_network_vsrx_peering_ip: '10.10.0.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vsrx1.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vsrx1.yaml
index e2bc3a5..9c8bff0 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vsrx1.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vsrx1.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -23,9 +24,10 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
private_floating_network_cidr: '10.11.12.0/24'
private_floating_interface: 'ens4'
- control_network_vsrx_peering_ip: '10.10.0.131'
+ vsrx_enabled: true
+ control_network_ext_router_ip: '10.10.0.131'
private_floating_network_gateway: '10.11.12.254'
- data_network_vsrx_ip: '10.15.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","openvswitch":"enabled","openstack-gateway": "enabled","local-volume-provisioner": "enabled", "openstack-frrouting": "enabled"}}
cmp_metadata: {"labels": {"openstack-compute-node":"enabled","openvswitch":"enabled", "role":"ceph-osd-node"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-lma3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-lma3.yaml
index 0118654..e8c21f9 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-lma3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-lma3.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -22,12 +23,13 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
+ vsrx_enabled: true
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_gateway: '10.11.12.1'
private_floating_network_ipam_pool_start: '10.11.12.3'
private_floating_network_ipam_pool_end: '10.11.12.99'
- control_network_vsrx_peering_ip: '10.10.0.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vbmc2.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vbmc2.yaml
index 547c25b..175077f 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vbmc2.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vbmc2.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -22,12 +23,13 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
+ vsrx_enabled: true
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_ipam_pool_start: '10.11.12.3'
private_floating_network_ipam_pool_end: '10.11.12.99'
private_floating_network_gateway: '10.11.12.1'
- control_network_vsrx_peering_ip: '10.10.0.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vmx.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vmx.yaml
new file mode 100644
index 0000000..714ae8c
--- /dev/null
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vmx.yaml
@@ -0,0 +1,74 @@
+resource_registry:
+ "MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
+ "MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
+ "MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
+ "MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
+ "MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VMX": ../fragments/vMX.yaml
+ "OS::Nova::VmxRe": ../fragments/vmx-components/vms/re.yaml
+ "OS::Nova::VmxFpcSingle": ../fragments/vmx-components/vms/fpc_no_metadata.yaml
+ "OS::Networking::VmxFpcFixedNet": ../fragments/vmx-components/vms/fpc_fixed_net.yaml
+ "OS::Networking::VmxInternalNet": ../fragments/vmx-components/bridges/bridges_internal.yaml
+ "OS::Networking::VmxPort": ../fragments/vmx-components/ports/port.yaml
+ "OS::Networking::VmxFpcEvpnNet": ../fragments/vmx-components/network/evpn_network.yaml
+
+parameters:
+ # vmx parameters
+ vmx_linux_img: vPFC-20170216
+ vmx_linux_flav: vfp.lite
+ vmx_junos_img: vmx-x86-64-17.1R1.8
+ vmx_junos_flav: vcp.lite
+ vmx_gateway_ip: 10.10.0.1
+
+ image: bionic-server-cloudimg-amd64-20190612
+ public_net_id: public
+ masters_size: 0
+ worker_size: 3
+ cmp_size: 2
+ gtw_size: 0
+ lma_size: 0
+ osd_size: 0
+ ntw_size: 3
+ ucp_boot_timeout: 3600
+ cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
+ tungstenfabric_enabled: true
+ vmx_enabled: true
+ private_floating_network_cidr: '10.11.12.0/24'
+ private_floating_network_ipam_pool_start: '10.11.12.3'
+ private_floating_network_ipam_pool_end: '10.11.12.99'
+ private_floating_network_gateway: '10.11.12.1'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
+ evpn_network_vmx_ip: '10.20.100.100'
+ private_floating_interface: 'ens4'
+ tunnel_interface: 'ens8'
+ worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
+ cmp_metadata: {"labels": {"openstack-compute-node":"enabled","tfvrouter":"enabled", "role":"ceph-osd-node"}}
+ ntw_metadata: {"labels": {"tfconfig":"enabled","tfconfigdb":"enabled","tfcontrol":"enabled","tfanalytics":"enabled","tfanalyticsdb":"enabled","tfwebui":"enabled","local-volume-provisioner": "enabled"}}
+ # hardware_metadata which is used for Ceph requires flavor with
+ # ephemeral storage because it is used for Ceph bluestore.
+ workers_flavor: 'system.compact.openstack.control.ephemeral'
+ cmps_flavor: 'system.compact.openstack.control.ephemeral'
+ storage_frontend_network_cidr: '10.12.1.0/24'
+ storage_backend_network_cidr: '10.12.0.0/24'
+ hardware_metadata: |
+ '00:00:00:00:00:00':
+ write_files:
+ - path: /usr/share/metadata/ceph.yaml
+ content: |
+ storageDevices:
+ - name: vdb
+ role: hdd
+ sizeGb: 20
+ ramGb: 8
+ cores: 2
+ # The roles will be assigned based on node labels.
+ # roles:
+ # - mon
+ # - mgr
+ ips:
+ - 192.168.122.101
+ crushPath: {}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3.yaml
index 54d0047..ad61006 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -21,12 +22,13 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
+ vsrx_enabled: true
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_ipam_pool_start: '10.11.12.3'
private_floating_network_ipam_pool_end: '10.11.12.99'
private_floating_network_gateway: '10.11.12.1'
- control_network_vsrx_peering_ip: '10.10.0.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp3-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp3-ntw3.yaml
index 9d5842a..58ea460 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp3-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp3-ntw3.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -21,12 +22,13 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
+ vsrx_enabled: true
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_gateway: '10.11.12.1'
private_floating_network_ipam_pool_start: '10.11.12.3'
private_floating_network_ipam_pool_end: '10.11.12.99'
- control_network_vsrx_peering_ip: '10.10.0.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr5-cmp2-gtw0-vsrx1.yaml b/de/heat-templates/env/mstr1-wrkr5-cmp2-gtw0-vsrx1.yaml
index 20fa4bd..5bb86fa 100644
--- a/de/heat-templates/env/mstr1-wrkr5-cmp2-gtw0-vsrx1.yaml
+++ b/de/heat-templates/env/mstr1-wrkr5-cmp2-gtw0-vsrx1.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -23,9 +24,10 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
private_floating_network_cidr: '10.11.12.0/24'
private_floating_interface: 'ens4'
- control_network_vsrx_peering_ip: '10.10.0.131'
+ vsrx_enabled: true
+ control_network_ext_router_ip: '10.10.0.131'
private_floating_network_gateway: '10.11.12.254'
- data_network_vsrx_ip: '10.15.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","openvswitch":"enabled","openstack-gateway": "enabled","local-volume-provisioner": "enabled", "openstack-frrouting": "enabled"}}
cmp_metadata: {"labels": {"openstack-compute-node":"enabled","openvswitch":"enabled", "role":"ceph-osd-node"}}
diff --git a/de/heat-templates/env/mstr1-wrkr5-cmp2-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr5-cmp2-ntw3.yaml
index 658d577..7bf7d3c 100644
--- a/de/heat-templates/env/mstr1-wrkr5-cmp2-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr5-cmp2-ntw3.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -25,8 +26,8 @@
private_floating_network_ipam_pool_start: '10.11.12.3'
private_floating_network_ipam_pool_end: '10.11.12.99'
private_floating_network_gateway: '10.11.12.1'
- control_network_vsrx_peering_ip: '10.10.0.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma0-osd3.yaml b/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma0-osd3.yaml
index b3ad83e..740ba89 100644
--- a/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma0-osd3.yaml
+++ b/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma0-osd3.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -27,12 +28,13 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
+ vsrx_enabled: true
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_gateway: '10.11.12.1'
private_floating_network_ipam_pool_start: '10.11.12.3'
private_floating_network_ipam_pool_end: '10.11.12.99'
- control_network_vsrx_peering_ip: '10.10.0.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled", "openvswitch":"enabled", "openstack-gateway": "enabled","local-volume-provisioner": "enabled","role": "stacklight", "stacklight": "enabled"}}
diff --git a/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma3-osd3.yaml b/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma3-osd3.yaml
index aa5c753..86e3b82 100644
--- a/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma3-osd3.yaml
+++ b/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma3-osd3.yaml
@@ -1,12 +1,13 @@
resource_registry:
"MCP2::NetworkAcc": ../fragments/NetworkAccVM.yaml
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
- "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFlVSRX.yaml
+ "MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
+ "MCP2::VSRX": ../fragments/vSRX.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
@@ -28,12 +29,13 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
+ vsrx_enabled: true
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_gateway: '10.11.12.1'
private_floating_network_ipam_pool_start: '10.11.12.3'
private_floating_network_ipam_pool_end: '10.11.12.99'
- control_network_vsrx_peering_ip: '10.10.0.131'
- data_network_vsrx_ip: '10.15.0.131'
+ control_network_ext_router_ip: '10.10.0.131'
+ tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane": "enabled", "openvswitch": "enabled","openstack-gateway":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/fragments/NetworkAccVM.yaml b/de/heat-templates/fragments/NetworkAccVM.yaml
index 4954b0f..ee7abab 100644
--- a/de/heat-templates/fragments/NetworkAccVM.yaml
+++ b/de/heat-templates/fragments/NetworkAccVM.yaml
@@ -13,7 +13,7 @@
default: []
tungstenfabric_enabled:
type: boolean
- control_network_vsrx_peering_ip:
+ control_network_ext_router_ip:
type: string
default: ''
private_floating_network_cidr:
@@ -53,7 +53,7 @@
condition: cond_extra_routes
properties:
destination: { get_param: private_floating_network_cidr }
- nexthop: { get_param: control_network_vsrx_peering_ip }
+ nexthop: { get_param: control_network_ext_router_ip }
router_id: { get_resource: router }
diff --git a/de/heat-templates/fragments/NetworkPrvFl.yaml b/de/heat-templates/fragments/NetworkPrvFl.yaml
index 20a50a4..29bd1da 100644
--- a/de/heat-templates/fragments/NetworkPrvFl.yaml
+++ b/de/heat-templates/fragments/NetworkPrvFl.yaml
@@ -7,27 +7,6 @@
type: string
private_floating_network_ipam_pool_end:
type: string
- private_floating_network_gateway:
- type: string
- default: ''
- accessible_network:
- type: string
- default: ''
- control_network_vsrx_peering_ip:
- type: string
- default: ''
- data_network_vsrx_ip:
- type: string
- tun_network:
- type: string
- vsrx_image:
- type: string
- default: mos-vsrx-acc-fl-tun
- vsrx_flavor:
- type: string
- default: oc_vsrx
- public_net_id:
- type: string
resources:
diff --git a/de/heat-templates/fragments/vMX.yaml b/de/heat-templates/fragments/vMX.yaml
new file mode 100644
index 0000000..f0dd60c
--- /dev/null
+++ b/de/heat-templates/fragments/vMX.yaml
@@ -0,0 +1,147 @@
+heat_template_version: queens
+
+parameters:
+ linux_img:
+ type: string
+ description: Name of image to use for servers
+ linux_flav:
+ type: string
+ description: Name of image to use for servers
+ junos_flav:
+ type: string
+ description: Name of image to use for servers
+ junos_img:
+ type: string
+ description: Name of image to use for servers
+ vmx_gateway_ip:
+ type: string
+ description: Default GW for vmx
+ vmx_lo_ip:
+ type: string
+ description: lo ip addr (used for BGP peering)
+ evpn_network_vmx_ip:
+ type: string
+ description: vmx ip addr in a network for evpn test
+
+ accessible_network_id:
+ type: string
+ control_network_cidr:
+ type: string
+ control_network_vmx_ip:
+ type: string
+
+ tun_network_id:
+ type: string
+ tun_network_cidr:
+ type: string
+ tun_network_vmx_ip:
+ type: string
+
+ private_floating_network_id:
+ type: string
+ private_floating_network_cidr:
+ type: string
+ private_floating_network_gateway:
+ type: string
+
+ evpn_network_cidr:
+ type: string
+ evpn_network_ipam_pool_start:
+ type: string
+ evpn_network_ipam_pool_end:
+ type: string
+
+ public_net_id:
+ type: string
+
+resources:
+
+ accessible_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: accessible_network_id }
+ port_security_enabled: false
+ fixed_ips:
+ - ip_address: {get_param: control_network_vmx_ip }
+
+ private_floating_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: private_floating_network_id }
+ port_security_enabled: false
+ fixed_ips:
+ - ip_address: { get_param: private_floating_network_gateway}
+
+ tun_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: tun_network_id }
+ port_security_enabled: false
+ fixed_ips:
+ - ip_address: { get_param: tun_network_vmx_ip}
+
+ server_floating_ip:
+ type: OS::Neutron::FloatingIP
+ properties:
+ floating_network_id: { get_param: public_net_id }
+ port_id: { get_resource: accessible_server_port }
+
+ vmx_int_network:
+ type: OS::Networking::VmxInternalNet
+
+ evpn_network:
+ type: OS::Networking::VmxFpcEvpnNet
+ properties:
+ evpn_network_cidr: { get_param: evpn_network_cidr }
+ evpn_network_ipam_pool_start: { get_param: evpn_network_ipam_pool_start }
+ evpn_network_ipam_pool_end: { get_param: evpn_network_ipam_pool_end }
+
+ evpn_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_attr: [ evpn_network, evpn_network_id ] }
+ port_security_enabled: false
+ fixed_ips:
+ - ip_address: { get_param: evpn_network_vmx_ip }
+
+ re0:
+ type: OS::Nova::VmxRe
+ properties:
+ junos_flav: { get_param: junos_flav }
+ junos_img: { get_param: junos_img }
+ re_pfe_network: { get_attr: [ vmx_int_network, re_pfe_network ] }
+ access_port: { get_resource: accessible_server_port }
+ access_port_ip: {get_param: control_network_vmx_ip }
+ control_network_cidr: { get_param: control_network_cidr }
+ gateway_ip: { get_param: vmx_gateway_ip }
+ lo_ip: { get_param: vmx_lo_ip }
+ floating_port_ip: { get_param: private_floating_network_gateway }
+ tun_network_cidr: { get_param: tun_network_cidr }
+ tun_port_ip: { get_param: tun_network_vmx_ip }
+ evpn_port_ip: { get_param: evpn_network_vmx_ip }
+
+ fpc0:
+ type: OS::Nova::VmxFpcSingle
+ properties:
+ linux_img: { get_param: linux_img }
+ linux_flav: { get_param: linux_flav }
+ id: 0
+ re0_ip: { get_attr: [ fpc0_fixed_net, external_ip ] }
+ all_ports: [ { get_attr: [ fpc0_fixed_net, external_port ] },
+ { get_attr: [ fpc0_fixed_net, internal_port ] },
+ { get_resource: private_floating_server_port },
+ { get_resource: tun_server_port },
+ { get_resource: evpn_server_port } ]
+
+ fpc0_fixed_net:
+ type: OS::Networking::VmxFpcFixedNet
+ properties:
+ public_network: { get_param: accessible_network_id }
+ re_pfe_network: { get_attr: [ vmx_int_network, re_pfe_network ] }
+ id: 0
+ internal_ip: 128.0.0.16
+
+outputs:
+ re_floating_ip:
+ description: Floating IP address of server in public network
+ value: { get_attr: [ server_floating_ip, floating_ip_address ] }
diff --git a/de/heat-templates/fragments/NetworkPrvFlVSRX.yaml b/de/heat-templates/fragments/vSRX.yaml
similarity index 68%
rename from de/heat-templates/fragments/NetworkPrvFlVSRX.yaml
rename to de/heat-templates/fragments/vSRX.yaml
index 988121d..23d64b4 100644
--- a/de/heat-templates/fragments/NetworkPrvFlVSRX.yaml
+++ b/de/heat-templates/fragments/vSRX.yaml
@@ -1,17 +1,13 @@
heat_template_version: queens
parameters:
- private_floating_network_cidr:
- type: string
- private_floating_network_ipam_pool_start:
- type: string
- private_floating_network_ipam_pool_end:
+ private_floating_network_id:
type: string
private_floating_network_gateway:
type: string
accessible_network:
type: string
- control_network_vsrx_peering_ip:
+ control_network_vsrx_ip:
type: string
data_network_vsrx_ip:
type: string
@@ -31,33 +27,18 @@
resources:
- network:
- type: OS::Neutron::Net
- properties:
- port_security_enabled: false
- subnet:
- type: OS::Neutron::Subnet
- properties:
- network: { get_resource: network }
- enable_dhcp: false
- cidr: { get_param: private_floating_network_cidr }
- gateway_ip: ~
- allocation_pools:
- - start: { get_param: private_floating_network_ipam_pool_start }
- end: { get_param: private_floating_network_ipam_pool_end }
-
accessible_server_port:
type: OS::Neutron::Port
properties:
network_id: { get_param: accessible_network }
port_security_enabled: false
fixed_ips:
- - ip_address: {get_param: control_network_vsrx_peering_ip }
+ - ip_address: {get_param: control_network_vsrx_ip }
private_floating_server_port:
type: OS::Neutron::Port
properties:
- network_id: { get_resource: network }
+ network_id: { get_param: private_floating_network_id }
port_security_enabled: false
fixed_ips:
- ip_address: { get_param: private_floating_network_gateway}
@@ -89,10 +70,8 @@
- port: { get_resource: tun_server_port }
outputs:
- private_floating_network_id:
- value: { get_resource: network }
- private_floating_subnet_id:
- value: { get_resource: subnet }
server_public_ip:
description: Floating IP address of server in public network
value: { get_attr: [ server_floating_ip, floating_ip_address ] }
+ vsrx_show:
+ value: { get_attr: [ vsrx_instance, show ] }
diff --git a/de/heat-templates/fragments/vmx-components/bridges/bridges_internal.yaml b/de/heat-templates/fragments/vmx-components/bridges/bridges_internal.yaml
new file mode 100644
index 0000000..4e203bf
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/bridges/bridges_internal.yaml
@@ -0,0 +1,26 @@
+heat_template_version: 2015-10-15
+parameters:
+
+resources:
+ bridge_net_re_pfe:
+ type: OS::Neutron::Net
+ properties:
+ admin_state_up: true
+ name:
+ str_replace:
+ template: "%ident%-vfp0-to-vcp0"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+
+ bridge_network_subnet_re_pfe:
+ properties:
+ cidr: 128.0.0.0/24
+ network_id: {get_resource: bridge_net_re_pfe}
+ enable_dhcp: False
+ gateway_ip: 128.0.0.3
+ type: OS::Neutron::Subnet
+
+outputs:
+ re_pfe_network:
+ description: RE-PFE bridge
+ value: {get_resource: bridge_net_re_pfe}
diff --git a/de/heat-templates/fragments/vmx-components/network/evpn_network.yaml b/de/heat-templates/fragments/vmx-components/network/evpn_network.yaml
new file mode 100644
index 0000000..384f3c0
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/network/evpn_network.yaml
@@ -0,0 +1,28 @@
+heat_template_version: queens
+
+parameters:
+ evpn_network_cidr:
+ type: string
+ evpn_network_ipam_pool_start:
+ type: string
+ evpn_network_ipam_pool_end:
+ type: string
+
+resources:
+
+ network:
+ type: OS::Neutron::Net
+ subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ network: { get_resource: network }
+ enable_dhcp: false
+ cidr: { get_param: evpn_network_cidr }
+ gateway_ip: ~
+ allocation_pools:
+ - start: { get_param: evpn_network_ipam_pool_start }
+ end: { get_param: evpn_network_ipam_pool_end }
+
+outputs:
+ evpn_network_id:
+ value: { get_resource: network }
diff --git a/de/heat-templates/fragments/vmx-components/ports/port.yaml b/de/heat-templates/fragments/vmx-components/ports/port.yaml
new file mode 100755
index 0000000..25fbb0c
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/ports/port.yaml
@@ -0,0 +1,26 @@
+heat_template_version: 2015-10-15
+parameters:
+ vnetwork_id: {description: ID of network, type: string}
+ pname: {description: name, type: string}
+
+resources:
+ port:
+ type: OS::Neutron::Port
+ properties:
+ port_security_enabled: false
+ network: {get_param: vnetwork_id}
+ name:
+ str_replace:
+ template: "%ident%_%name%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ '%name%': {get_param: pname}
+
+outputs:
+ port:
+ description: port
+ value: { get_resource: port}
+ ip:
+ description: The IP address assigned to the VM
+ value: { get_attr: [port, fixed_ips, 0, ip_address] }
+
diff --git a/de/heat-templates/fragments/vmx-components/ports/re_pfe_port.yaml b/de/heat-templates/fragments/vmx-components/ports/re_pfe_port.yaml
new file mode 100755
index 0000000..0e1a1e0
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/ports/re_pfe_port.yaml
@@ -0,0 +1,24 @@
+heat_template_version: 2015-10-15
+parameters:
+ vnetwork_id: {description: ID of network, type: string}
+ ip_addr: {description: Fixed IP, type: string}
+ name: {description: name, type: string}
+
+resources:
+ port:
+ type: OS::Neutron::Port
+ properties:
+ port_security_enabled: false
+ name: {get_param: name}
+ network: {get_param: vnetwork_id}
+ fixed_ips:
+ - ip_address: {get_param: ip_addr}
+
+outputs:
+ port:
+ description: port
+ value: { get_resource: port}
+ ip:
+ description: The IP address assigned to the VM
+ value: { get_attr: [port, fixed_ips, 0, ip_address] }
+
diff --git a/de/heat-templates/fragments/vmx-components/vms/fpc.yaml b/de/heat-templates/fragments/vmx-components/vms/fpc.yaml
new file mode 100644
index 0000000..301e4e2
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/fpc.yaml
@@ -0,0 +1,54 @@
+heat_template_version: 2015-10-15
+parameters:
+ project_name: {description: Project name, type: string}
+ id: {description: FPC id, type: string}
+ linux_img: {description: Linux PFE image, type: string}
+ linux_flav: {description: Type of FPC/linux Image, type: string}
+ gateway_ip: {description: ip of gateway, type: string}
+ re0_ip: {description: ip of RE0, type: string}
+ all_ports: {description: ge port list, type: comma_delimited_list}
+ stack_name: {description: Stack name, type: string}
+
+resources:
+ fpc:
+ properties:
+ config_drive: true
+ flavor: {get_param: linux_flav}
+ image: {get_param: linux_img}
+ metadata:
+ boot_noveriexec: 'yes'
+ gateway: {get_param: gateway_ip}
+ hostname:
+ str_replace:
+ template: "Instance_%proj%-%ident%-fpc%id%"
+ params:
+ '%proj%': {get_param: project_name}
+ '%ident%': {get_param: stack_name}
+ '%id%': {get_param: id}
+ hw.pci.link.0x60.irq: 10
+ netmask: '24'
+ re0_ip: {get_param: re0_ip}
+ vm_chassname: {get_param: stack_name}
+ vm_chassis_i2cid: "161"
+ vm_i2cid: '0xBAA'
+ vm_instance: {get_param: id}
+ vm_is_virtual: 1
+ vm_ore_present: 0
+ vm_retype: RE-VMX
+ vmchtype: mx240
+ vmtype: 1
+ name:
+ str_replace:
+ template: "Instance_%proj%-%ident%_fpc%id%"
+ params:
+ '%proj%': {get_param: project_name}
+ '%ident%': {get_param: stack_name}
+ '%id%': {get_param: id}
+ networks:
+ repeat:
+ for_each:
+ <%ports%>: { get_param: all_ports }
+ template:
+ port: <%ports%>
+ type: OS::Nova::Server
+
diff --git a/de/heat-templates/fragments/vmx-components/vms/fpc_fixed_net.yaml b/de/heat-templates/fragments/vmx-components/vms/fpc_fixed_net.yaml
new file mode 100644
index 0000000..5e0b231
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/fpc_fixed_net.yaml
@@ -0,0 +1,40 @@
+heat_template_version: 2015-10-15
+parameters:
+ public_network: {description: ID of public network, type: string}
+ re_pfe_network: {description: ID of RE-PFE network, type: string}
+ id: {description: ID of port, type: string}
+ internal_ip: {description: IP of internal port, type: string}
+
+resources:
+ external_port:
+ type: ../ports/port.yaml
+ properties:
+ vnetwork_id: {get_param: public_network}
+ pname:
+ str_replace:
+ template: "public_fpc_%id%"
+ params:
+ '%id%': {get_param: id}
+
+ internal_port:
+ type: ../ports/re_pfe_port.yaml
+ properties:
+ vnetwork_id: {get_param: re_pfe_network}
+ ip_addr: {get_param: internal_ip}
+ name:
+ str_replace:
+ template: "Port_%ident%_internal_fpc_%id%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ '%id%': {get_param: id}
+
+outputs:
+ external_port:
+ description: external port
+ value: {get_attr: [external_port, port]}
+ external_ip:
+ description: external port IP
+ value: {get_attr: [external_port, ip]}
+ internal_port:
+ description: internal port
+ value: {get_attr: [internal_port, port]}
diff --git a/de/heat-templates/fragments/vmx-components/vms/fpc_no_metadata.yaml b/de/heat-templates/fragments/vmx-components/vms/fpc_no_metadata.yaml
new file mode 100644
index 0000000..ba129af
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/fpc_no_metadata.yaml
@@ -0,0 +1,26 @@
+heat_template_version: 2015-10-15
+parameters:
+ id: {description: FPC id, type: string}
+ linux_img: {description: Linux PFE image, type: string}
+ linux_flav: {description: Type of FPC/linux Image, type: string}
+ re0_ip: {description: ip of RE0, type: string}
+ all_ports: {description: ge port list, type: comma_delimited_list}
+
+resources:
+ fpc:
+ type: OS::Nova::Server
+ properties:
+ flavor: {get_param: linux_flav}
+ image: {get_param: linux_img}
+ name:
+ str_replace:
+ template: "vMX_fpc%id%_%ident%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ '%id%': {get_param: id}
+ networks:
+ repeat:
+ for_each:
+ <%ports%>: { get_param: all_ports }
+ template:
+ port: <%ports%>
diff --git a/de/heat-templates/fragments/vmx-components/vms/re.yaml b/de/heat-templates/fragments/vmx-components/vms/re.yaml
new file mode 100755
index 0000000..0c52f50
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/re.yaml
@@ -0,0 +1,67 @@
+heat_template_version: 2015-10-15
+parameters:
+ access_port: {description: ID of public port, type: string}
+ access_port_ip: {description: IP of public port, type: string}
+ control_network_cidr: { type: string }
+ re_pfe_network: {description: ID of RE-PFE network, type: string}
+ junos_flav: {description: Type of Image, type: string}
+ junos_img: {description: Junos RE image, type: string}
+ gateway_ip: {description: ip of gateway, type: string}
+ lo_ip: {description: ip of lo interface, type: string}
+ floating_port_ip: { type: string }
+ tun_network_cidr: { type: string }
+ tun_port_ip: { description: ip of interface from data (tunnel) network, type: string }
+ evpn_port_ip: { description: ip of interface from network for evpn test, type: string }
+
+resources:
+ re_fixed_net:
+ type: vm_fixed_net.yaml
+ properties:
+ re_pfe_network: { get_param: re_pfe_network }
+ ext_name: public_re
+ int_name: internal_re
+ internal_ip: 128.0.0.1
+
+ re:
+ type: OS::Nova::Server
+ properties:
+ config_drive: true
+ flavor: {get_param: junos_flav}
+ image: {get_param: junos_img}
+ metadata:
+ gateway: { get_param: gateway_ip }
+ hostname: "vMX_re0"
+ hw.pci.link.0x60.irq: 10
+ netmask: '24'
+ re0_ip:
+ {get_param: access_port_ip}
+ vm_chassis_i2cid: "161"
+ vm_chassisname: {get_param: "OS::stack_name"}
+ vm_chassname: {get_param: "OS::stack_name"}
+ vm_i2cid: '0xBAA'
+ vm_instance: 0
+ vm_is_virtual: 1
+ vm_ore_present: 0
+ vm_retype: RE-VMX
+ vmchtype: mx240
+ vmtype: 0
+ console: vidconsole
+ name:
+ str_replace:
+ template: "vMX_re0_%ident%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ networks:
+ - port: {get_param: access_port}
+ - port: {get_attr: [re_fixed_net, internal_port]}
+ personality:
+ /var/db/cumulus/baseline_config.template:
+ str_replace:
+ template: { get_file: vmx_evpn.conf }
+ params:
+ $lo_ip: { get_param: lo_ip }
+ $floating_port_ip: { get_param: floating_port_ip }
+ $control_network_cidr: { get_param: control_network_cidr }
+ $tun_network_cidr: { get_param: tun_network_cidr }
+ $tun_port_ip: { get_param: tun_port_ip }
+ $evpn_port_ip: { get_param: evpn_port_ip }
diff --git a/de/heat-templates/fragments/vmx-components/vms/vm_fixed_net.yaml b/de/heat-templates/fragments/vmx-components/vms/vm_fixed_net.yaml
new file mode 100644
index 0000000..7e1c0c4
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/vm_fixed_net.yaml
@@ -0,0 +1,24 @@
+heat_template_version: 2015-10-15
+parameters:
+ re_pfe_network: {description: ID of RE-PFE network, type: string}
+ ext_name: {description: name of external port, type: string}
+ int_name: {description: name of internal port, type: string}
+ internal_ip: {description: IP of internal port, type: string}
+
+resources:
+
+ internal_port:
+ type: ../ports/re_pfe_port.yaml
+ properties:
+ vnetwork_id: {get_param: re_pfe_network}
+ ip_addr: {get_param: internal_ip}
+ name:
+ str_replace:
+ template: "Port_%ident%_%name%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ '%name%': {get_param: int_name}
+outputs:
+ internal_port:
+ description: internal port
+ value: {get_attr: [internal_port, port]}
diff --git a/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf b/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf
new file mode 100755
index 0000000..9fe0dc7
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf
@@ -0,0 +1,177 @@
+groups {
+ re0 {
+ system {
+ host-name %hostname%;
+ backup-router %gateway%;
+ }
+ interfaces {
+ fxp0 { # Management/telnet Interface
+ unit 0 {
+ family inet {
+ address %re0_ip%/%netmask%; # Management/telnet address
+ }
+ }
+ }
+ }
+ }
+ global {
+ system {
+ debugger-on-panic;
+ debugger-on-break;
+ dump-on-panic;
+ services {
+ finger;
+ ftp;
+ rlogin;
+ rsh;
+ ssh;
+ telnet;
+ xnm-clear-text;
+ }
+ syslog {
+ host log {
+ kernel info;
+ any notice;
+ pfe info;
+ interactive-commands any;
+ }
+ file messages {
+ kernel info;
+ any notice;
+ authorization info;
+ pfe info;
+ archive world-readable;
+ }
+ file security {
+ interactive-commands any;
+ archive world-readable;
+ }
+ }
+ processes {
+ routing enable;
+ ntp enable;
+ management enable;
+ watchdog enable;
+ snmp enable;
+ inet-process enable;
+ mib-process enable;
+ }
+ }
+ chassis {
+ dump-on-panic;
+ }
+ interfaces {
+ lo0 { # Local Loopback interface.
+ unit 0 {
+ family inet {
+ address $lo_ip/32;
+ }
+ }
+ }
+ ge-0/0/0 {
+ unit 0 {
+ family inet {
+ address $floating_port_ip/24;
+ }
+ }
+ }
+ ge-0/0/1 {
+ unit 0 {
+ family inet {
+ address $tun_port_ip/24;
+ }
+ }
+ }
+ ge-0/0/2 {
+ unit 0 {
+ family bridge {
+ interface-mode access;
+ vlan-id 100;
+ }
+ }
+ }
+ irb {
+ unit 100 {
+ family inet {
+ address $evpn_port_ip/24;
+ }
+ }
+ }
+ }
+ snmp {
+ interface fxp0.0;
+ community public {
+ authorization read-only;
+ }
+ community private {
+ authorization read-write;
+ }
+ }
+ routing-options {
+ static {
+ route 0.0.0.0/0 next-hop %gateway%;
+ }
+ router-id $lo_ip;
+ route-distinguisher-id $lo_ip;
+ autonomous-system 64512;
+ }
+ protocols {
+ bgp {
+ group Contrail_Controller {
+ type internal;
+ local-address $lo_ip;
+ keep all;
+ family evpn {
+ signaling;
+ }
+ allow [ $control_network_cidr $tun_network_cidr ];
+ }
+ }
+ }
+ routing-instances {
+ VIRTUAL_SWITCH {
+ vtep-source-interface lo0.0;
+ instance-type virtual-switch;
+ interface ge-0/0/2.0;
+ route-distinguisher 64512:100;
+ vrf-target target:64512:100;
+ protocols {
+ evpn {
+ encapsulation vxlan;
+ extended-vni-list 100;
+ multicast-mode ingress-replication;
+ }
+ }
+ bridge-domains {
+ BD100 {
+ domain-type bridge;
+ vlan-id 100;
+ routing-interface irb.100;
+ vxlan {
+ vni 100;
+ ingress-node-replication;
+ }
+ }
+ }
+ }
+ }
+ }
+}
+apply-groups [ global re0 ];
+system {
+ root-authentication {
+ encrypted-password "$6$.5tcJTSN$KPRcnIU50oyAWSanuWg7Hktab.kBauqIrjO33YERofHkD0nTTELOLVHnkA/sdoW5.qzg6IVBTg3xQE6wmnuaT0"; ## SECRET-DATA
+ }
+ ports {
+ console log-out-on-disconnect;
+ }
+ services {
+ netconf {
+ ssh;
+ rfc-compliant;
+ }
+ }
+}
+chassis {
+ network-services enhanced-ip;
+}
diff --git a/de/heat-templates/top.yaml b/de/heat-templates/top.yaml
index d3331b3..b6a3e19 100644
--- a/de/heat-templates/top.yaml
+++ b/de/heat-templates/top.yaml
@@ -24,13 +24,9 @@
- "destination": "10.100.100.1/32"
"nexthop": "172.16.1.1"
default: []
- control_network_vsrx_peering_ip:
+ control_network_ext_router_ip:
type: string
- description: IP address of vsrx for tungsten fabric peering
- default: ''
- data_network_vsrx_ip:
- type: string
- description: IP address of vsrx in tungsten fabric data network
+ description: IP address of vsrx/vmx in control network
default: ''
docker_default_address_pool:
type: string
@@ -168,6 +164,30 @@
tungstenfabric_enabled:
type: boolean
default: false
+ vmx_linux_img:
+ type: string
+ description: Name of image to use for servers
+ default: "vPFC-20170216"
+ vmx_linux_flav:
+ type: string
+ description: Name of image to use for servers
+ default: "vfp.lite"
+ vmx_junos_img:
+ type: string
+ description: Name of image to use for servers
+ default: "vmx-x86-64-17.1R1.8"
+ vmx_junos_flav:
+ type: string
+ description: Name of image to use for servers
+ default: "vcp.lite"
+ vmx_gateway_ip:
+ type: string
+ description: Default GW for vmx
+ default: '10.10.0.1'
+ vmx_lo_ip:
+ type: string
+ description: Ip of lo interface for vmx
+ default: '10.199.199.199'
tun_network_cidr:
type: string
default: '10.15.0.0/24'
@@ -184,6 +204,10 @@
tun_network_pool_end:
type: string
default: '10.15.0.99'
+ tun_network_ext_router_ip:
+ type: string
+ description: IP address of vsrx/vmx in data network
+ default: ''
tun_network_host_routes:
type: json
description: >
@@ -191,6 +215,27 @@
- "destination": "10.100.100.1/32"
"nexthop": "172.16.1.1"
default: []
+ evpn_network_cidr:
+ type: string
+ default: '10.20.100.0/24'
+ evpn_network_ipam_pool_start:
+ type: string
+ description: pool start which is used as pool for IPAM and assigned to instances port
+ default: '10.20.100.2'
+ evpn_network_ipam_pool_end:
+ type: string
+ description: pool end which is used as pool for IPAM and assigned to instances port
+ default: '10.20.100.99'
+ evpn_network_pool_start:
+ type: string
+ default: '10.20.100.105'
+ evpn_network_pool_end:
+ type: string
+ default: '10.20.100.200'
+ evpn_network_vmx_ip:
+ type: string
+ description: IP address of vmx in a network for evpn test
+ default: ''
ucp_metadata:
type: json
default: {"role":"ucp"}
@@ -341,12 +386,38 @@
secure_overlay_enabled:
type: boolean
default: false
+ vsrx_enabled:
+ type: boolean
+ default: false
+ vmx_enabled:
+ type: boolean
+ default: false
conditions:
aio_deploy:
equals:
- get_param: single_node
- 'true'
+ tf:
+ equals:
+ - get_param: tungstenfabric_enabled
+ - true
+ vsrx_deploy:
+ equals:
+ - get_param: vsrx_enabled
+ - true
+ vmx_deploy:
+ and:
+ - tf
+ - equals:
+ - get_param: vmx_enabled
+ - true
+ - not:
+ vsrx_deploy
+ ext_router_deploy:
+ or:
+ - vsrx_deploy
+ - vmx_deploy
resources:
keypair_name:
@@ -369,7 +440,7 @@
dns_nameservers: { get_param: dns_nameservers }
control_network_host_routes: { get_param: control_network_host_routes }
tungstenfabric_enabled: { get_param: tungstenfabric_enabled }
- control_network_vsrx_peering_ip: { get_param: control_network_vsrx_peering_ip }
+ control_network_ext_router_ip: { get_param: control_network_ext_router_ip }
private_floating_network_cidr: { get_param: private_floating_network_cidr }
tun_network:
@@ -386,11 +457,50 @@
private_floating_network_cidr: { get_param: private_floating_network_cidr }
private_floating_network_ipam_pool_start: { get_param: private_floating_network_ipam_pool_start }
private_floating_network_ipam_pool_end: { get_param: private_floating_network_ipam_pool_end }
- private_floating_network_gateway: {get_param: private_floating_network_gateway}
- control_network_vsrx_peering_ip: {get_param: control_network_vsrx_peering_ip}
- accessible_network: { get_attr: [accessible_network, public_network]}
- data_network_vsrx_ip: { get_param: data_network_vsrx_ip }
- tun_network: { get_attr: [tun_network, tun_network_id] }
+
+ vmx:
+ depends_on:
+ - private_floating_network
+ - accessible_network
+ - tun_network
+ condition: vmx_deploy
+ type: MCP2::VMX
+ properties:
+ linux_img: { get_param: vmx_linux_img }
+ linux_flav: { get_param: vmx_linux_flav }
+ junos_img: { get_param: vmx_junos_img }
+ junos_flav: { get_param: vmx_junos_flav }
+ vmx_gateway_ip: { get_param: vmx_gateway_ip }
+ vmx_lo_ip: { get_param: vmx_lo_ip }
+ accessible_network_id: { get_attr: [ accessible_network, public_network ] }
+ control_network_cidr: { get_param: control_network_cidr }
+ control_network_vmx_ip: { get_param: control_network_ext_router_ip }
+ tun_network_id: { get_attr: [ tun_network, tun_network_id ] }
+ tun_network_vmx_ip: { get_param: tun_network_ext_router_ip }
+ tun_network_cidr: { get_param: tun_network_cidr }
+ private_floating_network_id: { get_attr: [private_floating_network, private_floating_network_id] }
+ private_floating_network_cidr: { get_param: private_floating_network_cidr }
+ private_floating_network_gateway: { get_param: private_floating_network_gateway }
+ evpn_network_cidr: { get_param: evpn_network_cidr }
+ evpn_network_ipam_pool_start: { get_param: evpn_network_ipam_pool_start }
+ evpn_network_ipam_pool_end: { get_param: evpn_network_ipam_pool_end }
+ evpn_network_vmx_ip: { get_param: evpn_network_vmx_ip }
+ public_net_id: { get_param: public_net_id }
+
+ vsrx:
+ depends_on:
+ - private_floating_network
+ - accessible_network
+ - tun_network
+ condition: vsrx_deploy
+ type: MCP2::VSRX
+ properties:
+ private_floating_network_id: { get_attr: [private_floating_network, private_floating_network_id] }
+ private_floating_network_gateway: { get_param: private_floating_network_gateway }
+ control_network_vsrx_ip: { get_param: control_network_ext_router_ip }
+ accessible_network: { get_attr: [ accessible_network, public_network ] }
+ data_network_vsrx_ip: { get_param: tun_network_ext_router_ip }
+ tun_network: { get_attr: [ tun_network, tun_network_id ] }
vsrx_image: { get_param: vsrx_image }
vsrx_flavor: { get_param: vsrx_flavor }
public_net_id: { get_param: public_net_id }
@@ -1040,15 +1150,27 @@
value: { get_param: storage_backend_network_cidr }
tungstenfabric_enabled:
value: { get_param: tungstenfabric_enabled }
- data_network_vsrx_ip:
- description: IP address of vsrx in tungsten fabric data network
- value: { get_param: data_network_vsrx_ip }
- control_network_vsrx_peering_ip:
- description: IP address of vsrx in control/accessible network
- value: { get_param: control_network_vsrx_peering_ip }
- public_network_vsrx_ip:
- description: IP address of vsrx in tungsten fabric public network
- value: { get_attr: [private_floating_network, server_public_ip] }
+ tun_network_ext_router_ip:
+ condition: ext_router_deploy
+ description: IP address of vsrx/vmx in data network
+ value: { get_param: tun_network_ext_router_ip }
+ control_network_ext_router_ip:
+ condition: ext_router_deploy
+ description: IP address of vsrx/vmx in control/accessible network
+ value: { get_param: control_network_ext_router_ip }
+ public_network_ext_router_ip:
+ condition: ext_router_deploy
+ description: Public IP of vsrx/vmx instance
+ value: { if: [ vmx_deploy, get_attr: [ vmx, re_floating_ip ], get_attr: [ vsrx, server_public_ip ] ] }
accessible_router:
description: Router from accessible network to public
value: { get_attr: [accessible_network, accessible_router] }
+ evpn_network_cidr:
+ description: Network CIDR for evpn tests
+ value: { get_param: evpn_network_cidr }
+ evpn_network_pool_start:
+ description: IPAM pool start for evpn tests
+ value: { get_param: evpn_network_pool_start }
+ evpn_network_pool_end:
+ description: IPAM pool end for evpn tests
+ value: { get_param: evpn_network_pool_end }