Rework networking setup for external routers
External routers (vmx/vsrx) are now connected with accessible router
by 2 networks:
- external control network needed to provide access to
external router via floating ip address.
- external data network is used for mpls/gre tunnels and other
traffic.
Also added separate network for MetalLb, and is routed via infra
router.
Related-Prod: https://mirantis.jira.com/browse/PRODX-48892
Change-Id: I53d922b3a37f55453b0fc7031f835f50ca2a1a12
diff --git a/de/heat-templates/env/aio.yaml b/de/heat-templates/env/aio.yaml
index a490725..5bd98ec 100644
--- a/de/heat-templates/env/aio.yaml
+++ b/de/heat-templates/env/aio.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/k0s-aio.yaml b/de/heat-templates/env/k0s-aio.yaml
index eca9149..23703fb 100644
--- a/de/heat-templates/env/k0s-aio.yaml
+++ b/de/heat-templates/env/k0s-aio.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/k0s-mstr1-wrkr3-cmp0-gtw0.yaml b/de/heat-templates/env/k0s-mstr1-wrkr3-cmp0-gtw0.yaml
index 0c8b0e8..ba00928 100644
--- a/de/heat-templates/env/k0s-mstr1-wrkr3-cmp0-gtw0.yaml
+++ b/de/heat-templates/env/k0s-mstr1-wrkr3-cmp0-gtw0.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-gtw0-vbmc3.yaml b/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-gtw0-vbmc3.yaml
index a4f5355..c384a38 100644
--- a/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-gtw0-vbmc3.yaml
+++ b/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-gtw0-vbmc3.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-gtw0.yaml b/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-gtw0.yaml
index 4e415fb..4247521 100644
--- a/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-gtw0.yaml
+++ b/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-gtw0.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-ntw3.yaml b/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-ntw3.yaml
index bb734b1..f6f80bb 100644
--- a/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-ntw3.yaml
+++ b/de/heat-templates/env/migration-mstr1-wrkr5-cmp2-ntw3.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -32,8 +33,6 @@
ironic_baremetal_network_pool_start: '10.14.0.100'
ironic_baremetal_network_pool_end: '10.14.0.200'
control_network_cidr: '10.9.10.0/24'
- control_network_ext_router_ip: '10.9.10.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp0-gtw0-vbmc2.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp0-gtw0-vbmc2.yaml
index 5db0db5..e106da5 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp0-gtw0-vbmc2.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp0-gtw0-vbmc2.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp0-gtw0.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp0-gtw0.yaml
index 4e491a9..525e3d4 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp0-gtw0.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp0-gtw0.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-gtw0.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-gtw0.yaml
index f382d9e..d3e1c46 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-gtw0.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-gtw0.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-ntw3.yaml
index 911b071..675ae1b 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-acmp2-ntw3.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -24,13 +25,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
private_floating_network_gateway: '10.11.12.1'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-lma3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-lma3.yaml
index 8bee567..b34a8d8 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-lma3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-lma3.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vbmc5.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vbmc5.yaml
index ba93aaa..601fb0c 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vbmc5.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vbmc5.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vsrx1.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vsrx1.yaml
index 0b2917f..c6eb73a 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vsrx1.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0-vsrx1.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -12,7 +13,7 @@
parameters:
image: bionic-server-cloudimg-amd64-20190612
public_net_id: public
- vsrx_image: mos-vsrx-3nets-tunnel-v2
+ vsrx_image: mos-vsrx-2nets-tunnel-v4
masters_size: 0
worker_size: 3
cmp_size: 2
@@ -23,11 +24,9 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
private_floating_network_cidr: '10.11.12.0/24'
+ private_floating_network_gateway: '10.11.12.1'
private_floating_interface: 'ens4'
vsrx_enabled: true
- control_network_ext_router_ip: '10.10.0.131'
- private_floating_network_gateway: '10.11.12.254'
- tun_network_ext_router_ip: '10.15.0.131'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","openvswitch":"enabled","openstack-gateway": "enabled","local-volume-provisioner": "enabled", "openstack-frrouting": "enabled"}}
cmp_metadata: {"labels": {"openstack-compute-node":"enabled","openvswitch":"enabled", "role":"ceph-osd-node"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0.yaml
index f1c26f1..d886978 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-gtw0.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-lma3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-lma3.yaml
index f5ae9a3..e0ef377 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-lma3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-lma3.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -24,13 +25,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_gateway: '10.11.12.1'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vbmc2.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vbmc2.yaml
index 01ef904..3c74544 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vbmc2.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vbmc2.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -24,13 +25,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
private_floating_network_gateway: '10.11.12.1'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vmx.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vmx.yaml
index fafe70e..2f7ed9e 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vmx.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3-vmx.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -19,9 +20,8 @@
# vmx parameters
vmx_linux_img: vPFC-20170216
vmx_linux_flav: vfp.lite
- vmx_junos_img: vmx-re-x86-64-17.1R1.8
+ vmx_junos_img: vmx-re-2nets-x86-64-17.1R1.8
vmx_junos_flav: vcp.lite
- vmx_gateway_ip: 10.10.0.1
image: bionic-server-cloudimg-amd64-20190612
public_net_id: public
@@ -36,13 +36,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vmx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
private_floating_network_gateway: '10.11.12.1'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
evpn_network_vmx_ip: '10.20.100.100'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3.yaml
index c42a8d5..9375e42 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp2-ntw3.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -23,13 +24,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
private_floating_network_gateway: '10.11.12.1'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp3-gtw0.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp3-gtw0.yaml
index 7202563..ad7578b 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp3-gtw0.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp3-gtw0.yaml
@@ -3,10 +3,12 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
parameters:
image: bionic-server-cloudimg-amd64-20190612
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp3-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp3-ntw3.yaml
index 4978f77..55b1abf 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp3-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp3-ntw3.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -23,13 +24,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_gateway: '10.11.12.1'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr3-cmp5-gtw0.yaml b/de/heat-templates/env/mstr1-wrkr3-cmp5-gtw0.yaml
index 450f5a8..2fea902 100644
--- a/de/heat-templates/env/mstr1-wrkr3-cmp5-gtw0.yaml
+++ b/de/heat-templates/env/mstr1-wrkr3-cmp5-gtw0.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/mstr1-wrkr5-cmp2-gtw0-vsrx1.yaml b/de/heat-templates/env/mstr1-wrkr5-cmp2-gtw0-vsrx1.yaml
index dda7de4..4b3f887 100644
--- a/de/heat-templates/env/mstr1-wrkr5-cmp2-gtw0-vsrx1.yaml
+++ b/de/heat-templates/env/mstr1-wrkr5-cmp2-gtw0-vsrx1.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -12,7 +13,7 @@
parameters:
image: bionic-server-cloudimg-amd64-20190612
public_net_id: public
- vsrx_image: mos-vsrx-3nets-tunnel-v2
+ vsrx_image: mos-vsrx-2nets-tunnel-v4
masters_size: 0
worker_size: 5
cmp_size: 2
@@ -23,11 +24,9 @@
ucp_boot_timeout: 3600
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
private_floating_network_cidr: '10.11.12.0/24'
+ private_floating_network_gateway: '10.11.12.1'
private_floating_interface: 'ens4'
vsrx_enabled: true
- control_network_ext_router_ip: '10.10.0.131'
- private_floating_network_gateway: '10.11.12.254'
- tun_network_ext_router_ip: '10.15.0.131'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","openvswitch":"enabled","openstack-gateway": "enabled","local-volume-provisioner": "enabled", "openstack-frrouting": "enabled"}}
cmp_metadata: {"labels": {"openstack-compute-node":"enabled","openvswitch":"enabled", "role":"ceph-osd-node"}}
diff --git a/de/heat-templates/env/mstr1-wrkr5-cmp2-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr5-cmp2-ntw3.yaml
index caeaa0e..c0b0ba1 100644
--- a/de/heat-templates/env/mstr1-wrkr5-cmp2-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr5-cmp2-ntw3.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -23,13 +24,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
private_floating_network_gateway: '10.11.12.1'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr5-cmp3-cmpgw2-ntw3.yaml b/de/heat-templates/env/mstr1-wrkr5-cmp3-cmpgw2-ntw3.yaml
index 948c627..91f4839 100644
--- a/de/heat-templates/env/mstr1-wrkr5-cmp3-cmpgw2-ntw3.yaml
+++ b/de/heat-templates/env/mstr1-wrkr5-cmp3-cmpgw2-ntw3.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
@@ -24,13 +25,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
private_floating_network_gateway: '10.11.12.1'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/env/mstr1-wrkr5-cmp3-gtw0.yaml b/de/heat-templates/env/mstr1-wrkr5-cmp3-gtw0.yaml
index 8387f60..d4e15c0 100644
--- a/de/heat-templates/env/mstr1-wrkr5-cmp3-gtw0.yaml
+++ b/de/heat-templates/env/mstr1-wrkr5-cmp3-gtw0.yaml
@@ -3,6 +3,7 @@
"MCP2::NetworkAccStorage": ../fragments/NetworkAccVMStorage.yaml
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
diff --git a/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma0-osd3.yaml b/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma0-osd3.yaml
index 124033a..938ef80 100644
--- a/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma0-osd3.yaml
+++ b/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma0-osd3.yaml
@@ -4,6 +4,7 @@
"MCP2::NetworkPrvFl": ../fragments/NetworkPrvFl.yaml
"MCP2::NetworkIronicFlat": ../fragments/NetworkIronicFlat.yaml
"MCP2::NetworkTun": ../fragments/NetworkTun.yaml
+ "MCP2::NetworkExtSrv": ../fragments/NetworkExtSrv.yaml
"MCP2::SrvInstances": ../fragments/SrvInstancesVM.yaml
"MCP2::SrvInstancesCeph": ../fragments/SrvInstancesVMCeph.yaml
"MCP2::SrvInstancesCephOSD": ../fragments/SrvInstancesVMCephOSD.yaml
@@ -29,13 +30,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_gateway: '10.11.12.1'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane":"enabled", "openvswitch":"enabled", "openstack-gateway": "enabled","local-volume-provisioner": "enabled","role": "stacklight", "stacklight": "enabled"}}
diff --git a/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma3-osd3.yaml b/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma3-osd3.yaml
index f15218e..f708590 100644
--- a/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma3-osd3.yaml
+++ b/de/heat-templates/env/mstr3-wrkr3-cmp2-ntw3-lma3-osd3.yaml
@@ -30,13 +30,8 @@
cluster_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
tungstenfabric_enabled: true
vsrx_enabled: true
- metallb_address_pools: '10.11.12.201-10.11.12.254'
private_floating_network_cidr: '10.11.12.0/24'
private_floating_network_gateway: '10.11.12.1'
- private_floating_network_ipam_pool_start: '10.11.12.3'
- private_floating_network_ipam_pool_end: '10.11.12.70'
- control_network_ext_router_ip: '10.10.0.131'
- tun_network_ext_router_ip: '10.15.0.131'
private_floating_interface: 'ens4'
tunnel_interface: 'ens8'
worker_metadata: {"labels": {"openstack-control-plane": "enabled", "openvswitch": "enabled","openstack-gateway":"enabled","local-volume-provisioner": "enabled"}}
diff --git a/de/heat-templates/fragments/NetworkAccVM.yaml b/de/heat-templates/fragments/NetworkAccVM.yaml
index cee4951..5855143 100644
--- a/de/heat-templates/fragments/NetworkAccVM.yaml
+++ b/de/heat-templates/fragments/NetworkAccVM.yaml
@@ -13,9 +13,13 @@
default: []
tungstenfabric_enabled:
type: boolean
+ external_data_network_cidr:
+ type: string
+ external_control_network_cidr:
+ type: string
vsrx_enabled:
type: boolean
- control_network_ext_router_ip:
+ vsrx_control_network_cidr:
type: string
default: ''
private_floating_network_cidr:
@@ -30,6 +34,18 @@
private_floating_network_gateway:
type: string
default: ''
+ tun_network_cidr:
+ type: string
+ default: ''
+ tun_network:
+ type: string
+ default: ''
+ tun_subnet:
+ type: string
+ default: ''
+ tun_network_gateway:
+ type: string
+ default: ''
storage_frontend_network:
type: string
default: ''
@@ -39,6 +55,22 @@
storage_frontend_network_gateway:
type: string
default: ''
+ external_router_data_ip:
+ type: string
+ default: ''
+ external_router_lo_ip:
+ type: string
+ default: ''
+ external_services_network:
+ type: string
+ default: ''
+ external_services_subnet:
+ type: string
+ default: ''
+ external_services_network_gateway:
+ type: string
+ default: ''
+
conditions:
tf:
@@ -67,9 +99,33 @@
dns_nameservers: { get_param: dns_nameservers }
host_routes: { get_param: control_network_host_routes }
+ external_control_network:
+ type: OS::Neutron::Net
+ condition: cond_extra_routes
+ external_control_subnet:
+ type: OS::Neutron::Subnet
+ condition: cond_extra_routes
+ properties:
+ network: { get_resource: external_control_network }
+ enable_dhcp: false
+ cidr: { get_param: external_control_network_cidr }
+ dns_nameservers: { get_param: dns_nameservers }
+
+ external_data_network:
+ type: OS::Neutron::Net
+ condition: cond_extra_routes
+ external_data_subnet:
+ type: OS::Neutron::Subnet
+ condition: cond_extra_routes
+ properties:
+ network: { get_resource: external_data_network }
+ enable_dhcp: false
+ cidr: { get_param: external_data_network_cidr }
+ dns_nameservers: { get_param: dns_nameservers }
+
private_floating_router_port:
type: OS::Neutron::Port
- condition: {not: cond_extra_routes}
+ condition: {not: tf}
properties:
network_id: { get_param: private_floating_network }
port_security_enabled: false
@@ -77,6 +133,16 @@
- subnet: { get_param: private_floating_subnet }
ip_address: { get_param: private_floating_network_gateway }
+ tun_router_port:
+ type: OS::Neutron::Port
+ condition: cond_extra_routes
+ properties:
+ network_id: { get_param: tun_network }
+ port_security_enabled: false
+ fixed_ips:
+ - subnet: { get_param: tun_subnet }
+ ip_address: { get_param: tun_network_gateway }
+
public_storage_router_port:
type: OS::Neutron::Port
properties:
@@ -86,6 +152,15 @@
- subnet: { get_param: storage_frontend_subnet }
ip_address: { get_param: storage_frontend_network_gateway }
+ external_services_router_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: external_services_network }
+ port_security_enabled: false
+ fixed_ips:
+ - subnet: { get_param: external_services_subnet }
+ ip_address: { get_param: external_services_network_gateway }
+
router:
type: OS::Neutron::Router
properties:
@@ -98,28 +173,86 @@
subnet: { get_resource: subnet }
private_floating_router_iface:
type: OS::Neutron::RouterInterface
- condition: {not: cond_extra_routes}
+ condition: {not: tf}
properties:
router: { get_resource: router }
port: { get_resource: private_floating_router_port }
+ external_control_router_iface:
+ type: OS::Neutron::RouterInterface
+ condition: cond_extra_routes
+ properties:
+ router: { get_resource: router }
+ subnet: { get_resource: external_control_subnet }
+ external_data_router_iface:
+ type: OS::Neutron::RouterInterface
+ condition: cond_extra_routes
+ properties:
+ router: { get_resource: router }
+ subnet: { get_resource: external_data_subnet }
+ tun_router_iface:
+ type: OS::Neutron::RouterInterface
+ condition: cond_extra_routes
+ properties:
+ router: { get_resource: router }
+ port: { get_resource: tun_router_port }
public_storage_iface:
type: OS::Neutron::RouterInterface
properties:
router: { get_resource: router }
port: { get_resource: public_storage_router_port }
+ external_services_iface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router: { get_resource: router }
+ port: { get_resource: external_services_router_port }
- extra_routes:
+ # NOTE(mkarpin): In Queens there is a bug with race condition
+ # when removing stack - when there is more than 1 route, interface fails
+ # to be removed because of routes, that's why adding test resources.
+ wait01:
+ depends_on:
+ - external_data_router_iface
+ type: OS::Heat::TestResource
+ condition: tf
+ properties:
+ action_wait_secs:
+ create: 30
+
+ external_router_private_floating_route:
type: OS::Neutron::ExtraRoute
- condition: cond_extra_routes
+ condition: tf
+ depends_on: wait01
properties:
destination: { get_param: private_floating_network_cidr }
- nexthop: { get_param: control_network_ext_router_ip }
+ nexthop: { get_param: external_router_data_ip }
+ router_id: { get_resource: router }
+
+ wait02:
+ depends_on:
+ - external_router_private_floating_route
+ type: OS::Heat::TestResource
+ condition: cond_extra_routes
+ properties:
+ action_wait_secs:
+ create: 30
+
+ external_router_data_route:
+ type: OS::Neutron::ExtraRoute
+ condition: cond_extra_routes
+ depends_on: wait02
+ properties:
+ destination: { list_join: ['/', [ {get_param: external_router_lo_ip}, '32']] }
+ nexthop: { get_param: external_router_data_ip }
router_id: { get_resource: router }
outputs:
public_network:
value: { get_resource: network }
+ external_router_control_network:
+ value: { get_resource: external_control_network }
+ external_router_data_network:
+ value: { get_resource: external_data_network }
accessible_subnet_id:
value: { get_resource: subnet }
accessible_router:
diff --git a/de/heat-templates/fragments/NetworkExtSrv.yaml b/de/heat-templates/fragments/NetworkExtSrv.yaml
new file mode 100644
index 0000000..be5c7ea
--- /dev/null
+++ b/de/heat-templates/fragments/NetworkExtSrv.yaml
@@ -0,0 +1,30 @@
+heat_template_version: queens
+
+parameters:
+ external_services_network_cidr:
+ type: string
+ external_services_network_ipam_pool_start:
+ type: string
+ external_services_network_ipam_pool_end:
+ type: string
+
+resources:
+
+ network:
+ type: OS::Neutron::Net
+ subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ network: { get_resource: network }
+ enable_dhcp: false
+ cidr: { get_param: external_services_network_cidr }
+ gateway_ip: ~
+ allocation_pools:
+ - start: { get_param: external_services_network_ipam_pool_start }
+ end: { get_param: external_services_network_ipam_pool_end }
+
+outputs:
+ external_services_network_id:
+ value: { get_resource: network }
+ external_services_subnet_id:
+ value: { get_resource: subnet }
diff --git a/de/heat-templates/fragments/SrvInstancesVM.yaml b/de/heat-templates/fragments/SrvInstancesVM.yaml
index 3ed3a67..baa2cfc 100644
--- a/de/heat-templates/fragments/SrvInstancesVM.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVM.yaml
@@ -32,6 +32,12 @@
type: string
control_network_cidr:
type: string
+ external_services_network:
+ type: string
+ external_services_network_cidr:
+ type: string
+ external_services_subnet_id:
+ type: string
functions_override:
type: string
boot_timeout:
@@ -117,6 +123,8 @@
$private_floating_interface: { get_param: private_floating_interface }
$private_floating_interface_ip: { get_attr: [private_floating_server_port, fixed_ips, 0, ip_address] }
$private_floating_network_cidr: { get_param: private_floating_network_cidr }
+ $external_services_network_cidr: { get_param: external_services_network_cidr }
+ $external_services_interface_ip: { get_attr: [external_services_server_port, fixed_ips, 0, ip_address] }
$functions_override: { get_param: functions_override }
$docker_ucp_image: { get_param: docker_ucp_image }
$docker_ucp_swarm_data_port: { get_param: docker_ucp_swarm_data_port }
@@ -162,6 +170,7 @@
networks:
- port: { get_resource: accessible_server_port }
- port: { get_resource: private_floating_server_port }
+ - port: { get_resource: external_services_server_port }
user_data_format: SOFTWARE_CONFIG
user_data: { get_resource: install_config_agent}
metadata: { get_param: metadata }
@@ -182,6 +191,14 @@
fixed_ips:
- subnet: { get_param: private_floating_subnet_id }
+ external_services_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: external_services_network }
+ port_security_enabled: false
+ fixed_ips:
+ - subnet: { get_param: external_services_subnet_id }
+
server_floating_ip:
type: OS::Neutron::FloatingIP
properties:
diff --git a/de/heat-templates/fragments/SrvInstancesVMCeph.yaml b/de/heat-templates/fragments/SrvInstancesVMCeph.yaml
index cc1099b..156e6fc 100644
--- a/de/heat-templates/fragments/SrvInstancesVMCeph.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVMCeph.yaml
@@ -50,6 +50,12 @@
type: boolean
control_network_cidr:
type: string
+ external_services_network:
+ type: string
+ external_services_network_cidr:
+ type: string
+ external_services_subnet_id:
+ type: string
functions_override:
type: string
boot_timeout:
@@ -96,6 +102,9 @@
devops_utils_refspec:
type: string
default: 'master'
+ tungstenfabric_enabled:
+ type: boolean
+ default: false
resources:
@@ -123,6 +132,8 @@
$private_floating_interface: { get_param: private_floating_interface }
$private_floating_interface_ip: { get_attr: [private_floating_server_port, fixed_ips, 0, ip_address] }
$private_floating_network_cidr: { get_param: private_floating_network_cidr }
+ $external_services_network_cidr: { get_param: external_services_network_cidr }
+ $external_services_interface_ip: { get_attr: [external_services_server_port, fixed_ips, 0, ip_address] }
$functions_override: { get_param: functions_override }
$storage_frontend_interface: { get_param: storage_frontend_interface }
$storage_frontend_network_interface_ip: { get_attr: [storage_frontend_server_port, fixed_ips, 0, ip_address] }
@@ -133,6 +144,7 @@
$ironic_mt_enabled: { get_param: ironic_mt_enabled }
$kubectl_version: { get_param: kubectl_version }
$devops_utils_refspec: { get_param: devops_utils_refspec }
+ $tungstenfabric_enabled: { get_param: tungstenfabric_enabled }
inject_files:
type: "OS::Heat::CloudConfig"
@@ -169,6 +181,7 @@
- port: { get_resource: private_floating_server_port }
- port: { get_resource: storage_frontend_server_port }
- port: { get_resource: ironic_baremetal_server_port }
+ - port: { get_resource: external_services_server_port }
user_data_format: SOFTWARE_CONFIG
user_data: { get_resource: install_config_agent}
metadata: { get_param: metadata }
@@ -211,6 +224,14 @@
fixed_ips:
- subnet: { get_param: ironic_baremetal_subnet_id }
+ external_services_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: external_services_network }
+ port_security_enabled: false
+ fixed_ips:
+ - subnet: { get_param: external_services_subnet_id }
+
wait_handle:
type: OS::Heat::WaitConditionHandle
wait_condition:
diff --git a/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml b/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml
index e7834e2..f21e7fb 100644
--- a/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml
+++ b/de/heat-templates/fragments/SrvInstancesVMCephOSD.yaml
@@ -48,6 +48,12 @@
type: string
control_network_cidr:
type: string
+ external_services_network:
+ type: string
+ external_services_network_cidr:
+ type: string
+ external_services_subnet_id:
+ type: string
ironic_baremetal_network:
type: string
ironic_baremetal_subnet_id:
@@ -156,6 +162,8 @@
$private_floating_interface: { get_param: private_floating_interface }
$private_floating_interface_ip: { get_attr: [private_floating_server_port, fixed_ips, 0, ip_address] }
$private_floating_network_cidr: { get_param: private_floating_network_cidr }
+ $external_services_network_cidr: { get_param: external_services_network_cidr }
+ $external_services_interface_ip: { get_attr: [external_services_server_port, fixed_ips, 0, ip_address] }
$functions_override: { get_param: functions_override }
$storage_frontend_interface: { get_param: storage_frontend_interface }
$storage_frontend_network_interface_ip: { get_attr: [storage_frontend_server_port, fixed_ips, 0, ip_address] }
@@ -213,6 +221,7 @@
- port: { get_resource: storage_backend_server_port }
- port: { get_resource: ironic_baremetal_server_port }
- port: { get_resource: tun_server_port }
+ - port: { get_resource: external_services_server_port }
user_data_format: SOFTWARE_CONFIG
user_data: { get_resource: install_config_agent}
metadata: { get_param: metadata }
@@ -272,6 +281,14 @@
fixed_ips:
- subnet: { get_param: ironic_baremetal_subnet_id }
+ external_services_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: external_services_network }
+ port_security_enabled: false
+ fixed_ips:
+ - subnet: { get_param: external_services_subnet_id }
+
tun_server_port:
type: OS::Neutron::Port
properties:
diff --git a/de/heat-templates/fragments/vMX.yaml b/de/heat-templates/fragments/vMX.yaml
index 67fb1ad..a992dc8 100644
--- a/de/heat-templates/fragments/vMX.yaml
+++ b/de/heat-templates/fragments/vMX.yaml
@@ -29,28 +29,20 @@
type: string
control_network_vmx_ip:
type: string
-
- tun_network_id:
- type: string
tun_network_cidr:
type: string
- tun_network_vmx_ip:
- type: string
-
- private_floating_network_id:
- type: string
- private_floating_network_cidr:
- type: string
private_floating_network_gateway:
type: string
-
evpn_network_cidr:
type: string
evpn_network_ipam_pool_start:
type: string
evpn_network_ipam_pool_end:
type: string
-
+ vmx_data_network_id:
+ type: string
+ vmx_data_network_vmx_ip:
+ type: string
public_net_id:
type: string
@@ -64,21 +56,13 @@
fixed_ips:
- ip_address: {get_param: control_network_vmx_ip }
- private_floating_server_port:
+ vmx_data_server_port:
type: OS::Neutron::Port
properties:
- network_id: { get_param: private_floating_network_id }
+ network_id: { get_param: vmx_data_network_id }
port_security_enabled: false
fixed_ips:
- - ip_address: { get_param: private_floating_network_gateway}
-
- tun_server_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_param: tun_network_id }
- port_security_enabled: false
- fixed_ips:
- - ip_address: { get_param: tun_network_vmx_ip}
+ - ip_address: { get_param: vmx_data_network_vmx_ip}
server_floating_ip:
type: OS::Neutron::FloatingIP
@@ -115,9 +99,7 @@
control_network_cidr: { get_param: control_network_cidr }
gateway_ip: { get_param: vmx_gateway_ip }
lo_ip: { get_param: vmx_lo_ip }
- floating_port_ip: { get_param: private_floating_network_gateway }
tun_network_cidr: { get_param: tun_network_cidr }
- tun_port_ip: { get_param: tun_network_vmx_ip }
evpn_port_ip: { get_param: evpn_network_vmx_ip }
fpc0:
@@ -129,9 +111,8 @@
re0_ip: { get_attr: [ fpc0_fixed_net, external_ip ] }
all_ports: [ { get_attr: [ fpc0_fixed_net, external_port ] },
{ get_attr: [ fpc0_fixed_net, internal_port ] },
- { get_resource: private_floating_server_port },
- { get_resource: tun_server_port },
- { get_resource: evpn_server_port } ]
+ { get_resource: evpn_server_port },
+ { get_resource: vmx_data_server_port } ]
fpc0_fixed_net:
type: OS::Networking::VmxFpcFixedNet
diff --git a/de/heat-templates/fragments/vSRX.yaml b/de/heat-templates/fragments/vSRX.yaml
index 23d64b4..4b81215 100644
--- a/de/heat-templates/fragments/vSRX.yaml
+++ b/de/heat-templates/fragments/vSRX.yaml
@@ -1,21 +1,17 @@
heat_template_version: queens
parameters:
- private_floating_network_id:
+ vsrx_control_network_id:
type: string
- private_floating_network_gateway:
+ vsrx_control_network_vsrx_ip:
type: string
- accessible_network:
+ vsrx_data_network_id:
type: string
- control_network_vsrx_ip:
- type: string
- data_network_vsrx_ip:
- type: string
- tun_network:
+ vsrx_data_network_vsrx_ip:
type: string
vsrx_image:
type: string
- default: mos-vsrx-acc-fl-tun
+ default: mos-vsrx-2nets-ctl-data
vsrx_flavor:
type: string
default: oc_vsrx
@@ -27,35 +23,27 @@
resources:
- accessible_server_port:
+ vsrx_control_network_vsrx_port:
type: OS::Neutron::Port
properties:
- network_id: { get_param: accessible_network }
+ network_id: { get_param: vsrx_control_network_id }
port_security_enabled: false
fixed_ips:
- - ip_address: {get_param: control_network_vsrx_ip }
+ - ip_address: {get_param: vsrx_control_network_vsrx_ip }
- private_floating_server_port:
+ vsrx_data_network_vsrx_port:
type: OS::Neutron::Port
properties:
- network_id: { get_param: private_floating_network_id }
+ network_id: { get_param: vsrx_data_network_id }
port_security_enabled: false
fixed_ips:
- - ip_address: { get_param: private_floating_network_gateway}
-
- tun_server_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_param: tun_network }
- port_security_enabled: false
- fixed_ips:
- - ip_address: { get_param: data_network_vsrx_ip}
+ - ip_address: {get_param: vsrx_data_network_vsrx_ip }
server_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: { get_param: public_net_id }
- port_id: { get_resource: accessible_server_port }
+ port_id: { get_resource: vsrx_control_network_vsrx_port }
vsrx_instance:
type: OS::Nova::Server
@@ -65,9 +53,8 @@
image: { get_param: vsrx_image }
flavor: { get_param: vsrx_flavor }
networks:
- - port: { get_resource: accessible_server_port }
- - port: { get_resource: private_floating_server_port }
- - port: { get_resource: tun_server_port }
+ - port: { get_resource: vsrx_control_network_vsrx_port }
+ - port: { get_resource: vsrx_data_network_vsrx_port }
outputs:
server_public_ip:
diff --git a/de/heat-templates/fragments/vmx-components/vms/re.yaml b/de/heat-templates/fragments/vmx-components/vms/re.yaml
index 5454916..c7094e0 100755
--- a/de/heat-templates/fragments/vmx-components/vms/re.yaml
+++ b/de/heat-templates/fragments/vmx-components/vms/re.yaml
@@ -6,11 +6,9 @@
re_pfe_network: {description: ID of RE-PFE network, type: string}
junos_flav: {description: Type of Image, type: string}
junos_img: {description: Junos RE image, type: string}
- gateway_ip: {description: ip of gateway, type: string}
+ gateway_ip: {description: ip of gateway in accessible network, type: string}
lo_ip: {description: ip of lo interface, type: string}
- floating_port_ip: { type: string }
tun_network_cidr: { type: string }
- tun_port_ip: { description: ip of interface from data (tunnel) network, type: string }
evpn_port_ip: { description: ip of interface from network for evpn test, type: string }
resources:
diff --git a/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf b/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf
index 9fe0dc7..437dc13 100755
--- a/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf
+++ b/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf
@@ -1,3 +1,5 @@
+# This file just demonstrates actual vmx configuration.
+# This file is not used inside vmx.
groups {
re0 {
system {
@@ -70,23 +72,16 @@
}
ge-0/0/0 {
unit 0 {
- family inet {
- address $floating_port_ip/24;
+ family bridge {
+ interface-mode access;
+ vlan-id 100;
}
}
}
ge-0/0/1 {
unit 0 {
family inet {
- address $tun_port_ip/24;
- }
- }
- }
- ge-0/0/2 {
- unit 0 {
- family bridge {
- interface-mode access;
- vlan-id 100;
+ address $vmx_data_network_vmx_ip/32;
}
}
}
@@ -132,7 +127,7 @@
VIRTUAL_SWITCH {
vtep-source-interface lo0.0;
instance-type virtual-switch;
- interface ge-0/0/2.0;
+ interface ge-0/0/0.0;
route-distinguisher 64512:100;
vrf-target target:64512:100;
protocols {
@@ -175,3 +170,13 @@
chassis {
network-services enhanced-ip;
}
+routing-instances {
+ mgmt_junos {
+ description mgmt_vrf;
+ routing-options {
+ static {
+ route 0.0.0.0/0 next-hop %gateway%;
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/de/heat-templates/scripts/functions.sh b/de/heat-templates/scripts/functions.sh
index 18e4eaf..104a442 100644
--- a/de/heat-templates/scripts/functions.sh
+++ b/de/heat-templates/scripts/functions.sh
@@ -9,6 +9,7 @@
declare -r -g _FUNCTIONS_SCRIPT=1
PUBLIC_INTERFACE_NETMASK=$(echo ${PUBLIC_INTERFACE_CIDR} | cut -d'/' -f2)
+EXTERNAL_SERVICES_INTERFACE_NETMASK=$(echo ${EXTERNAL_SEVICES_INTERFACE_CIDR} | cut -d'/' -f2)
STORAGE_BACKEND_NETWORK_NETMASK=$(echo ${STORAGE_BACKEND_NETWORK} | cut -d'/' -f2)
STORAGE_FRONTEND_NETWORK_NETMASK=$(echo ${STORAGE_FRONTEND_NETWORK} | cut -d'/' -f2)
IRONIC_BAREMETAL_INTERFACE_IP=${IRONIC_BAREMETAL_INTERFACE_IP:-$ironic_baremetal_interface_ip}
@@ -741,6 +742,11 @@
sed -i "$((${public_address_match_ip_line}-1)),$((${public_address_match_ip_line}))d" ${cloud_netplan_cfg}
fi
+external_services_address_match_ip_line=$(grep -nm1 "${EXTERNAL_SEVICES_INTERFACE_IP}/${EXTERNAL_SEVICES_INTERFACE_NETMASK}" ${cloud_netplan_cfg} | cut -d: -f1)
+if [ -n "${external_services_address_match_ip_line}" ] ; then
+ sed -i "$((${external_services_address_match_ip_line}-1)),$((${external_services_address_match_ip_line}))d" ${cloud_netplan_cfg}
+fi
+
cat << EOF >> ${cloud_netplan_cfg}
bridges:
br-public:
@@ -749,19 +755,19 @@
- ${PUBLIC_INTERFACE}
- veth-br
EOF
-if [[ ${NODE_METADATA} == *"tempest"* ]] || [[ "${TUNGSTENFABRIC_ENABLED,,}" == true ]]; then
+if [[ "${TUNGSTENFABRIC_ENABLED,,}" != true ]]; then
+ if [[ ${NODE_METADATA} == *"tempest"* ]]; then
cat << EOF >> ${cloud_netplan_cfg}
addresses:
- ${PUBLIC_NODE_IP_ADDRESS}/${PUBLIC_NODE_IP_NETMASK}
EOF
-fi
-if [[ ${NODE_METADATA} == *"tempest"* ]]; then
# Assign more ips for neutron dynamic routing PRODX-31417
- for i in {71..76}; do
+ for i in {71..76}; do
cat << EOF >> ${cloud_netplan_cfg}
- ${PUBLIC_NODE_IP_ADDRESS%.*}.${i}/${PUBLIC_NODE_IP_NETMASK}
EOF
- done
+ done
+ fi
fi
# Remove Tunnel interface from netplan
diff --git a/de/heat-templates/scripts/launch.sh b/de/heat-templates/scripts/launch.sh
index 21bd205..ef03877 100644
--- a/de/heat-templates/scripts/launch.sh
+++ b/de/heat-templates/scripts/launch.sh
@@ -15,6 +15,8 @@
PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-$private_floating_interface}
PUBLIC_INTERFACE_IP=${PUBLIC_INTERFACE_IP:-$private_floating_interface_ip}
PUBLIC_INTERFACE_CIDR=${PUBLIC_INTERFACE_CIDR:-$private_floating_network_cidr}
+EXTERNAL_SEVICES_INTERFACE_IP=${EXTERNAL_SEVICES_INTERFACE_IP:-$external_services_interface_ip}
+EXTERNAL_SEVICES_INTERFACE_CIDR=${EXTERNAL_SEVICES_INTERFACE_CIDR:-$external_services_network_cidr}
DEFAULT_INTERFACE=${DEFAULT_INTERFACE:-$default_interface}
STORAGE_BACKEND_INTERFACE=${STORAGE_BACKEND_INTERFACE:-$storage_backend_interface}
STORAGE_BACKEND_INTERFACE_IP=${STORAGE_BACKEND_INTERFACE_IP:-$storage_backend_network_interface_ip}
diff --git a/de/heat-templates/top.yaml b/de/heat-templates/top.yaml
index d179f8c..552edd2 100644
--- a/de/heat-templates/top.yaml
+++ b/de/heat-templates/top.yaml
@@ -24,10 +24,26 @@
- "destination": "10.100.100.1/32"
"nexthop": "172.16.1.1"
default: []
- control_network_ext_router_ip:
+ external_control_network_cidr:
type: string
- description: IP address of vsrx/vmx in control network
- default: ''
+ description: The CIDR of control network, connected to vmx or vsrx.
+ default: '10.199.0.0/24'
+ external_control_gateway_ip:
+ type: string
+ description: Default GW for management access to vmx
+ default: '10.199.0.1'
+ external_router_control_ip:
+ type: string
+ description: Ip of vmx or vsrx in control network
+ default: '10.199.0.5'
+ external_data_network_cidr:
+ type: string
+ description: The CIDR of network, connected to vmx or vsrx. which is used for data traffic (tunnels, etc.)
+ default: '10.200.0.0/24'
+ external_router_data_ip:
+ type: string
+ description: IP address of vsrx/vmx in data network
+ default: '10.200.0.5'
docker_default_address_pool:
type: string
description: Default address pool for Docker ucp specific local networks
@@ -184,22 +200,18 @@
vmx_junos_img:
type: string
description: Name of image to use for servers
- default: "vmx-x86-64-17.1R1.8"
+ default: "vmx-re-2nets-x86-64-17.1R1.8"
vmx_junos_flav:
type: string
description: Name of image to use for servers
default: "vcp.lite"
- vmx_gateway_ip:
- type: string
- description: Default GW for vmx
- default: '10.10.0.1'
- vmx_lo_ip:
- type: string
- description: Ip of lo interface for vmx
- default: '10.199.199.199'
tun_network_cidr:
type: string
+ description: CIDR of network which is in Openstack for tunnels traffic.
default: '10.15.0.0/24'
+ tun_network_gateway:
+ type: string
+ default: '10.15.0.1'
# When tun interface is added to ovs bridge inside vm,
# and arp responder is enabled on undercloud,
# ip adresses from tun network pool can't be used for
@@ -213,10 +225,6 @@
tun_network_pool_end:
type: string
default: '10.15.0.99'
- tun_network_ext_router_ip:
- type: string
- description: IP address of vsrx/vmx in data network
- default: ''
tun_network_host_routes:
type: json
description: >
@@ -369,10 +377,14 @@
default: 'false'
vsrx_image:
type: string
- default: mos-vsrx-acc-fl-tun
+ default: mos-vsrx-2nets-ctl-data
vsrx_flavor:
type: string
default: oc_vsrx
+ external_router_lo_ip:
+ type: string
+ description: Ip of lo interface for vsrx or vmx
+ default: '10.199.199.199'
cmp_lvm_loop_device_size:
description: >
The size of loop device for computes to configure LVM on, in gigabytes
@@ -422,9 +434,18 @@
k0s_version:
type: string
default: ''
- external_k8s_service_network_cidr:
+ external_services_network_cidr:
type: string
default: '10.172.1.0/24'
+ external_services_network_gateway:
+ type: string
+ default: '10.172.1.1'
+ external_services_network_ipam_pool_start:
+ type: string
+ default: '10.172.1.2'
+ external_services_network_ipam_pool_end:
+ type: string
+ default: '10.172.1.99'
conditions:
aio_deploy:
@@ -489,10 +510,19 @@
storage_frontend_network_ipam_pool_start: { get_param: storage_frontend_network_ipam_pool_start }
storage_frontend_network_ipam_pool_end: { get_param: storage_frontend_network_ipam_pool_end }
+ external_services_network:
+ type: MCP2::NetworkExtSrv
+ properties:
+ external_services_network_cidr: { get_param: external_services_network_cidr }
+ external_services_network_ipam_pool_start: { get_param: external_services_network_ipam_pool_start }
+ external_services_network_ipam_pool_end: { get_param: external_services_network_ipam_pool_end }
+
accessible_network:
depends_on:
- private_floating_network
- storage_network
+ - tun_network
+ - external_services_network
type: MCP2::NetworkAcc
properties:
public_net_id: { get_param: public_net_id }
@@ -501,20 +531,28 @@
control_network_host_routes: { get_param: control_network_host_routes }
tungstenfabric_enabled: { get_param: tungstenfabric_enabled }
vsrx_enabled: { get_param: vsrx_enabled }
- control_network_ext_router_ip: { get_param: control_network_ext_router_ip }
+ external_control_network_cidr: { get_param: external_control_network_cidr }
+ external_router_lo_ip: { get_param: external_router_lo_ip }
+ external_router_data_ip: { get_param: external_router_data_ip }
+ external_data_network_cidr: { get_param: external_data_network_cidr }
private_floating_network: {get_attr: [private_floating_network, private_floating_network_id]}
private_floating_network_cidr: { get_param: private_floating_network_cidr }
private_floating_network_gateway: { get_param: private_floating_network_gateway }
private_floating_subnet: {get_attr: [private_floating_network, private_floating_subnet_id]}
+ tun_network: {get_attr: [tun_network, tun_network_id]}
+ tun_network_cidr: { get_param: tun_network_cidr }
+ tun_network_gateway: { get_param: tun_network_gateway }
+ tun_subnet: {get_attr: [tun_network, tun_subnet_id]}
storage_frontend_network: {get_attr: [storage_network, storage_frontend_network_id]}
storage_frontend_network_gateway: { get_param: storage_frontend_network_gateway }
storage_frontend_subnet: {get_attr: [storage_network, storage_frontend_subnet_id]}
+ external_services_network: {get_attr: [external_services_network, external_services_network_id]}
+ external_services_network_gateway: { get_param: external_services_network_gateway }
+ external_services_subnet: {get_attr: [external_services_network, external_services_subnet_id]}
vmx:
depends_on:
- - private_floating_network
- accessible_network
- - tun_network
condition: vmx_deploy
type: MCP2::VMX
properties:
@@ -522,16 +560,14 @@
linux_flav: { get_param: vmx_linux_flav }
junos_img: { get_param: vmx_junos_img }
junos_flav: { get_param: vmx_junos_flav }
- vmx_gateway_ip: { get_param: vmx_gateway_ip }
- vmx_lo_ip: { get_param: vmx_lo_ip }
- accessible_network_id: { get_attr: [ accessible_network, public_network ] }
- control_network_cidr: { get_param: control_network_cidr }
- control_network_vmx_ip: { get_param: control_network_ext_router_ip }
- tun_network_id: { get_attr: [ tun_network, tun_network_id ] }
- tun_network_vmx_ip: { get_param: tun_network_ext_router_ip }
+ vmx_gateway_ip: { get_param: external_control_gateway_ip }
+ vmx_lo_ip: { get_param: external_router_lo_ip }
+ accessible_network_id: { get_attr: [ accessible_network, external_router_control_network ] }
+ vmx_data_network_id: { get_attr: [ accessible_network, external_router_data_network ] }
+ vmx_data_network_vmx_ip: { get_param: external_router_data_ip }
+ control_network_cidr: { get_param: external_control_network_cidr}
+ control_network_vmx_ip: { get_param: external_router_control_ip }
tun_network_cidr: { get_param: tun_network_cidr }
- private_floating_network_id: { get_attr: [private_floating_network, private_floating_network_id] }
- private_floating_network_cidr: { get_param: private_floating_network_cidr }
private_floating_network_gateway: { get_param: private_floating_network_gateway }
evpn_network_cidr: { get_param: evpn_network_cidr }
evpn_network_ipam_pool_start: { get_param: evpn_network_ipam_pool_start }
@@ -541,18 +577,14 @@
vsrx:
depends_on:
- - private_floating_network
- accessible_network
- - tun_network
condition: vsrx_deploy
type: MCP2::VSRX
properties:
- private_floating_network_id: { get_attr: [private_floating_network, private_floating_network_id] }
- private_floating_network_gateway: { get_param: private_floating_network_gateway }
- control_network_vsrx_ip: { get_param: control_network_ext_router_ip }
- accessible_network: { get_attr: [ accessible_network, public_network ] }
- data_network_vsrx_ip: { get_param: tun_network_ext_router_ip }
- tun_network: { get_attr: [ tun_network, tun_network_id ] }
+ vsrx_control_network_id: { get_attr: [ accessible_network, external_router_control_network ] }
+ vsrx_control_network_vsrx_ip: { get_param: external_router_control_ip }
+ vsrx_data_network_id: { get_attr: [ accessible_network, external_router_data_network ] }
+ vsrx_data_network_vsrx_ip: { get_param: external_router_data_ip }
vsrx_image: { get_param: vsrx_image }
vsrx_flavor: { get_param: vsrx_flavor }
public_net_id: { get_param: public_net_id }
@@ -592,6 +624,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
functions_override: { get_param: functions_override }
hardware_metadata: { get_param: hardware_metadata}
single_node: { get_param: single_node}
@@ -632,6 +667,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
hardware_metadata: { get_param: hardware_metadata}
@@ -669,6 +707,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -724,6 +765,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -779,6 +823,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -835,6 +882,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -881,6 +931,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -927,6 +980,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -981,6 +1037,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -1034,6 +1093,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -1087,6 +1149,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -1133,6 +1198,9 @@
accessible_subnet_id: { get_attr: [accessible_network, accessible_subnet_id]}
public_net_id: { get_param: public_net_id }
control_network_cidr: { get_param: control_network_cidr }
+ external_services_network: { get_attr: [external_services_network, external_services_network_id] }
+ external_services_subnet_id: { get_attr: [external_services_network, external_services_subnet_id] }
+ external_services_network_cidr: { get_param: external_services_network_cidr }
ucp_master_host: { get_attr: [ucp, server_private_ip] }
functions_override: { get_param: functions_override }
storage_frontend_interface: { get_param: storage_frontend_interface }
@@ -1148,16 +1216,7 @@
availability_zone: { get_param: availability_zone }
kubectl_version: { get_param: kubectl_version }
devops_utils_refspec: { get_param: devops_utils_refspec }
-
- k8s_external_service_route:
- type: OS::Neutron::ExtraRoute
- depends_on:
- - tsrvs
- condition: { not: aio_deploy }
- properties:
- destination: { get_param: external_k8s_service_network_cidr }
- nexthop: { get_attr: [tsrvs, resource.0, server_private_ip ] }
- router_id: { get_attr: [accessible_network, accessible_router] }
+ tungstenfabric_enabled: { get_param: tungstenfabric_enabled }
outputs:
ucp_ips:
@@ -1278,12 +1337,12 @@
value: { get_param: tungstenfabric_enabled }
tun_network_ext_router_ip:
condition: ext_router_deploy
- description: IP address of vsrx/vmx in data network
- value: { get_param: tun_network_ext_router_ip }
+ description: IP address of gateway in data network
+ value: { get_param: tun_network_gateway }
control_network_ext_router_ip:
condition: ext_router_deploy
- description: IP address of vsrx/vmx in control/accessible network
- value: { get_param: control_network_ext_router_ip }
+ description: IP address of vsrx/vmx in control network
+ value: { get_param: external_router_control_ip }
public_network_ext_router_ip:
condition: ext_router_deploy
description: Public IP of vsrx/vmx instance