From 4ed9aef6f8ed0850e70b498e780d0d8e22bc277f Mon Sep 17 00:00:00 2001 From: Tomas Sedovic Date: Mon, 23 Oct 2017 12:57:29 +0200 Subject: Add openshift_openstack role and move tasks there All the tasks that were previously in playbooks are now under `roles/openshift_openstack`. The `openshift-cluster` directory now only contains playbooks that include tasks from that role. This makes the structure much closer to that of the AWS provider. --- .../templates/heat_stack.yaml.j2 | 888 +++++++++++++++++++++ 1 file changed, 888 insertions(+) create mode 100644 roles/openshift_openstack/templates/heat_stack.yaml.j2 (limited to 'roles/openshift_openstack/templates/heat_stack.yaml.j2') diff --git a/roles/openshift_openstack/templates/heat_stack.yaml.j2 b/roles/openshift_openstack/templates/heat_stack.yaml.j2 new file mode 100644 index 000000000..2359842a5 --- /dev/null +++ b/roles/openshift_openstack/templates/heat_stack.yaml.j2 @@ -0,0 +1,888 @@ +heat_template_version: 2016-10-14 + +description: OpenShift cluster + +parameters: + +outputs: + + etcd_names: + description: Name of the etcds + value: { get_attr: [ etcd, name ] } + + etcd_ips: + description: IPs of the etcds + value: { get_attr: [ etcd, private_ip ] } + + etcd_floating_ips: + description: Floating IPs of the etcds + value: { get_attr: [ etcd, floating_ip ] } + + master_names: + description: Name of the masters + value: { get_attr: [ masters, name ] } + + master_ips: + description: IPs of the masters + value: { get_attr: [ masters, private_ip ] } + + master_floating_ips: + description: Floating IPs of the masters + value: { get_attr: [ masters, floating_ip ] } + + node_names: + description: Name of the nodes + value: { get_attr: [ compute_nodes, name ] } + + node_ips: + description: IPs of the nodes + value: { get_attr: [ compute_nodes, private_ip ] } + + node_floating_ips: + description: Floating IPs of the nodes + value: { get_attr: [ compute_nodes, floating_ip ] } + + infra_names: + description: Name of the nodes + value: { get_attr: [ infra_nodes, name ] } + + infra_ips: + description: IPs of the nodes + value: { get_attr: [ infra_nodes, private_ip ] } + + infra_floating_ips: + description: Floating IPs of the nodes + value: { get_attr: [ infra_nodes, floating_ip ] } + +{% if num_dns|int > 0 %} + dns_name: + description: Name of the DNS + value: + get_attr: + - dns + - name + + dns_floating_ips: + description: Floating IPs of the DNS + value: { get_attr: [ dns, floating_ip ] } + + dns_private_ips: + description: Private IPs of the DNS + value: { get_attr: [ dns, private_ip ] } +{% endif %} + +conditions: + no_floating: {% if provider_network or use_bastion|bool %}true{% else %}false{% endif %} + +resources: + +{% if not provider_network %} + net: + type: OS::Neutron::Net + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: {{ stack_name }} + + subnet: + type: OS::Neutron::Subnet + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-subnet + params: + cluster_id: {{ stack_name }} + network: { get_resource: net } + cidr: + str_replace: + template: subnet_24_prefix.0/24 + params: + subnet_24_prefix: {{ subnet_prefix }} + allocation_pools: + - start: + str_replace: + template: subnet_24_prefix.3 + params: + subnet_24_prefix: {{ subnet_prefix }} + end: + str_replace: + template: subnet_24_prefix.254 + params: + subnet_24_prefix: {{ subnet_prefix }} + dns_nameservers: +{% for nameserver in dns_nameservers %} + - {{ nameserver }} +{% endfor %} + +{% if openshift_use_flannel|default(False)|bool %} + data_net: + type: OS::Neutron::Net + properties: + name: openshift-ansible-{{ stack_name }}-data-net + port_security_enabled: false + + data_subnet: + type: OS::Neutron::Subnet + properties: + name: openshift-ansible-{{ stack_name }}-data-subnet + network: { get_resource: data_net } + cidr: {{ osm_cluster_network_cidr|default('10.128.0.0/14') }} + gateway_ip: null +{% endif %} + + router: + type: OS::Neutron::Router + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-router + params: + cluster_id: {{ stack_name }} + external_gateway_info: + network: {{ external_network }} + + interface: + type: OS::Neutron::RouterInterface + properties: + router_id: { get_resource: router } + subnet_id: { get_resource: subnet } + +{% endif %} + +# keypair: +# type: OS::Nova::KeyPair +# properties: +# name: +# str_replace: +# template: openshift-ansible-cluster_id-keypair +# params: +# cluster_id: {{ stack_name }} +# public_key: {{ ssh_public_key }} + + common-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-common-secgrp + params: + cluster_id: {{ stack_name }} + description: + str_replace: + template: Basic ssh/icmp security group for cluster_id OpenShift cluster + params: + cluster_id: {{ stack_name }} + rules: + - direction: ingress + protocol: tcp + port_range_min: 22 + port_range_max: 22 + remote_ip_prefix: {{ ssh_ingress_cidr }} +{% if use_bastion|bool %} + - direction: ingress + protocol: tcp + port_range_min: 22 + port_range_max: 22 + remote_ip_prefix: {{ bastion_ingress_cidr }} +{% endif %} + - direction: ingress + protocol: icmp + remote_ip_prefix: {{ ssh_ingress_cidr }} + +{% if openstack_flat_secgrp|default(False)|bool %} + flat-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-flat-secgrp + params: + cluster_id: {{ stack_name }} + description: + str_replace: + template: Security group for cluster_id OpenShift cluster + params: + cluster_id: {{ stack_name }} + rules: + - direction: ingress + protocol: tcp + port_range_min: 4001 + port_range_max: 4001 + - direction: ingress + protocol: tcp + port_range_min: {{ openshift_master_api_port|default(8443) }} + port_range_max: {{ openshift_master_api_port|default(8443) }} + - direction: ingress + protocol: tcp + port_range_min: {{ openshift_master_console_port|default(8443) }} + port_range_max: {{ openshift_master_console_port|default(8443) }} + - direction: ingress + protocol: tcp + port_range_min: 8053 + port_range_max: 8053 + - direction: ingress + protocol: udp + port_range_min: 8053 + port_range_max: 8053 + - direction: ingress + protocol: tcp + port_range_min: 24224 + port_range_max: 24224 + - direction: ingress + protocol: udp + port_range_min: 24224 + port_range_max: 24224 + - direction: ingress + protocol: tcp + port_range_min: 2224 + port_range_max: 2224 + - direction: ingress + protocol: udp + port_range_min: 5404 + port_range_max: 5405 + - direction: ingress + protocol: tcp + port_range_min: 9090 + port_range_max: 9090 + - direction: ingress + protocol: tcp + port_range_min: 2379 + port_range_max: 2380 + remote_mode: remote_group_id + - direction: ingress + protocol: tcp + port_range_min: 10250 + port_range_max: 10250 + remote_mode: remote_group_id + - direction: ingress + protocol: udp + port_range_min: 10250 + port_range_max: 10250 + remote_mode: remote_group_id + - direction: ingress + protocol: tcp + port_range_min: 10255 + port_range_max: 10255 + remote_mode: remote_group_id + - direction: ingress + protocol: udp + port_range_min: 10255 + port_range_max: 10255 + remote_mode: remote_group_id + - direction: ingress + protocol: udp + port_range_min: 4789 + port_range_max: 4789 + remote_mode: remote_group_id + - direction: ingress + protocol: tcp + port_range_min: 30000 + port_range_max: 32767 + remote_ip_prefix: {{ node_ingress_cidr }} + - direction: ingress + protocol: tcp + port_range_min: 30000 + port_range_max: 32767 + remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" +{% else %} + master-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-master-secgrp + params: + cluster_id: {{ stack_name }} + description: + str_replace: + template: Security group for cluster_id OpenShift cluster master + params: + cluster_id: {{ stack_name }} + rules: + - direction: ingress + protocol: tcp + port_range_min: 4001 + port_range_max: 4001 + - direction: ingress + protocol: tcp + port_range_min: {{ openshift_master_api_port|default(8443) }} + port_range_max: {{ openshift_master_api_port|default(8443) }} + - direction: ingress + protocol: tcp + port_range_min: {{ openshift_master_console_port|default(8443) }} + port_range_max: {{ openshift_master_console_port|default(8443) }} + - direction: ingress + protocol: tcp + port_range_min: 8053 + port_range_max: 8053 + - direction: ingress + protocol: udp + port_range_min: 8053 + port_range_max: 8053 + - direction: ingress + protocol: tcp + port_range_min: 24224 + port_range_max: 24224 + - direction: ingress + protocol: udp + port_range_min: 24224 + port_range_max: 24224 + - direction: ingress + protocol: tcp + port_range_min: 2224 + port_range_max: 2224 + - direction: ingress + protocol: udp + port_range_min: 5404 + port_range_max: 5405 + - direction: ingress + protocol: tcp + port_range_min: 9090 + port_range_max: 9090 +{% if openshift_use_flannel|default(False)|bool %} + - direction: ingress + protocol: tcp + port_range_min: 2379 + port_range_max: 2379 +{% endif %} + + etcd-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-etcd-secgrp + params: + cluster_id: {{ stack_name }} + description: + str_replace: + template: Security group for cluster_id etcd cluster + params: + cluster_id: {{ stack_name }} + rules: + - direction: ingress + protocol: tcp + port_range_min: 2379 + port_range_max: 2379 + remote_mode: remote_group_id + remote_group_id: { get_resource: master-secgrp } + - direction: ingress + protocol: tcp + port_range_min: 2380 + port_range_max: 2380 + remote_mode: remote_group_id + + node-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-node-secgrp + params: + cluster_id: {{ stack_name }} + description: + str_replace: + template: Security group for cluster_id OpenShift cluster nodes + params: + cluster_id: {{ stack_name }} + rules: + - direction: ingress + protocol: tcp + port_range_min: 10250 + port_range_max: 10250 + remote_mode: remote_group_id + - direction: ingress + protocol: tcp + port_range_min: 10255 + port_range_max: 10255 + remote_mode: remote_group_id + - direction: ingress + protocol: udp + port_range_min: 10255 + port_range_max: 10255 + remote_mode: remote_group_id + - direction: ingress + protocol: udp + port_range_min: 4789 + port_range_max: 4789 + remote_mode: remote_group_id + - direction: ingress + protocol: tcp + port_range_min: 30000 + port_range_max: 32767 + remote_ip_prefix: {{ node_ingress_cidr }} + - direction: ingress + protocol: tcp + port_range_min: 30000 + port_range_max: 32767 + remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" +{% endif %} + + infra-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-infra-secgrp + params: + cluster_id: {{ stack_name }} + description: + str_replace: + template: Security group for cluster_id OpenShift infrastructure cluster nodes + params: + cluster_id: {{ stack_name }} + rules: + - direction: ingress + protocol: tcp + port_range_min: 80 + port_range_max: 80 + - direction: ingress + protocol: tcp + port_range_min: 443 + port_range_max: 443 + +{% if num_dns|int > 0 %} + dns-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-dns-secgrp + params: + cluster_id: {{ stack_name }} + description: + str_replace: + template: Security group for cluster_id cluster DNS + params: + cluster_id: {{ stack_name }} + rules: + - direction: ingress + protocol: udp + port_range_min: 53 + port_range_max: 53 + remote_ip_prefix: {{ node_ingress_cidr }} + - direction: ingress + protocol: udp + port_range_min: 53 + port_range_max: 53 + remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" + - direction: ingress + protocol: tcp + port_range_min: 53 + port_range_max: 53 + remote_ip_prefix: {{ node_ingress_cidr }} + - direction: ingress + protocol: tcp + port_range_min: 53 + port_range_max: 53 + remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" +{% endif %} + +{% if num_masters|int > 1 or ui_ssh_tunnel|bool %} + lb-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: openshift-ansible-{{ stack_name }}-lb-secgrp + description: Security group for {{ stack_name }} cluster Load Balancer + rules: + - direction: ingress + protocol: tcp + port_range_min: {{ openshift_master_api_port | default(8443) }} + port_range_max: {{ openshift_master_api_port | default(8443) }} + remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} +{% if ui_ssh_tunnel|bool %} + - direction: ingress + protocol: tcp + port_range_min: {{ openshift_master_api_port | default(8443) }} + port_range_max: {{ openshift_master_api_port | default(8443) }} + remote_ip_prefix: {{ ssh_ingress_cidr }} +{% endif %} +{% if openshift_master_console_port is defined and openshift_master_console_port != openshift_master_api_port %} + - direction: ingress + protocol: tcp + port_range_min: {{ openshift_master_console_port | default(8443) }} + port_range_max: {{ openshift_master_console_port | default(8443) }} + remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} +{% endif %} +{% endif %} + + etcd: + type: OS::Heat::ResourceGroup + properties: + count: {{ num_etcd }} + resource_def: + type: server.yaml + properties: + name: + str_replace: + template: k8s_type-%index%.cluster_id + params: + cluster_id: {{ stack_name }} + k8s_type: {{ etcd_hostname | default('etcd') }} + cluster_env: {{ public_dns_domain }} + cluster_id: {{ stack_name }} + group: + str_replace: + template: k8s_type.cluster_id + params: + k8s_type: etcds + cluster_id: {{ stack_name }} + type: etcd + image: {{ openstack_etcd_image | default(openstack_image) }} + flavor: {{ etcd_flavor }} + key_name: {{ ssh_public_key }} +{% if provider_network %} + net: {{ provider_network }} + net_name: {{ provider_network }} +{% else %} + net: { get_resource: net } + subnet: { get_resource: subnet } + net_name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: {{ stack_name }} +{% endif %} + secgrp: + - { get_resource: {% if openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}etcd-secgrp{% endif %} } + - { get_resource: common-secgrp } + floating_network: + if: + - no_floating + - null + - {{ external_network }} +{% if use_bastion|bool or provider_network %} + attach_float_net: false +{% endif %} + volume_size: {{ etcd_volume_size }} +{% if not provider_network %} + depends_on: + - interface +{% endif %} + +{% if master_server_group_policies|length > 0 %} + master_server_group: + type: OS::Nova::ServerGroup + properties: + name: master_server_group + policies: {{ master_server_group_policies }} +{% endif %} +{% if infra_server_group_policies|length > 0 %} + infra_server_group: + type: OS::Nova::ServerGroup + properties: + name: infra_server_group + policies: {{ infra_server_group_policies }} +{% endif %} +{% if num_masters|int > 1 %} + loadbalancer: + type: OS::Heat::ResourceGroup + properties: + count: 1 + resource_def: + type: server.yaml + properties: + name: + str_replace: + template: k8s_type-%index%.cluster_id + params: + cluster_id: {{ stack_name }} + k8s_type: {{ lb_hostname | default('lb') }} + cluster_env: {{ public_dns_domain }} + cluster_id: {{ stack_name }} + group: + str_replace: + template: k8s_type.cluster_id + params: + k8s_type: lb + cluster_id: {{ stack_name }} + type: lb + image: {{ openstack_lb_image | default(openstack_image) }} + flavor: {{ lb_flavor }} + key_name: {{ ssh_public_key }} +{% if provider_network %} + net: {{ provider_network }} + net_name: {{ provider_network }} +{% else %} + net: { get_resource: net } + subnet: { get_resource: subnet } + net_name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: {{ stack_name }} +{% endif %} + secgrp: + - { get_resource: lb-secgrp } + - { get_resource: common-secgrp } +{% if not provider_network %} + floating_network: {{ external_network }} +{% endif %} + volume_size: {{ lb_volume_size }} +{% if not provider_network %} + depends_on: + - interface +{% endif %} +{% endif %} + + masters: + type: OS::Heat::ResourceGroup + properties: + count: {{ num_masters }} + resource_def: + type: server.yaml + properties: + name: + str_replace: + template: k8s_type-%index%.cluster_id + params: + cluster_id: {{ stack_name }} + k8s_type: {{ master_hostname | default('master')}} + cluster_env: {{ public_dns_domain }} + cluster_id: {{ stack_name }} + group: + str_replace: + template: k8s_type.cluster_id + params: + k8s_type: masters + cluster_id: {{ stack_name }} + type: master + image: {{ openstack_master_image | default(openstack_image) }} + flavor: {{ master_flavor }} + key_name: {{ ssh_public_key }} +{% if provider_network %} + net: {{ provider_network }} + net_name: {{ provider_network }} +{% else %} + net: { get_resource: net } + subnet: { get_resource: subnet } + net_name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: {{ stack_name }} +{% if openshift_use_flannel|default(False)|bool %} + attach_data_net: true + data_net: { get_resource: data_net } + data_subnet: { get_resource: data_subnet } +{% endif %} +{% endif %} + secgrp: +{% if openstack_flat_secgrp|default(False)|bool %} + - { get_resource: flat-secgrp } +{% else %} + - { get_resource: master-secgrp } + - { get_resource: node-secgrp } +{% if num_etcd|int == 0 %} + - { get_resource: etcd-secgrp } +{% endif %} +{% endif %} + - { get_resource: common-secgrp } + floating_network: + if: + - no_floating + - null + - {{ external_network }} +{% if use_bastion|bool or provider_network %} + attach_float_net: false +{% endif %} + volume_size: {{ master_volume_size }} +{% if master_server_group_policies|length > 0 %} + scheduler_hints: + group: { get_resource: master_server_group } +{% endif %} +{% if not provider_network %} + depends_on: + - interface +{% endif %} + + compute_nodes: + type: OS::Heat::ResourceGroup + properties: + count: {{ num_nodes }} + removal_policies: + - resource_list: {{ nodes_to_remove }} + resource_def: + type: server.yaml + properties: + name: + str_replace: + template: sub_type_k8s_type-%index%.cluster_id + params: + cluster_id: {{ stack_name }} + sub_type_k8s_type: {{ node_hostname | default('app-node') }} + cluster_env: {{ public_dns_domain }} + cluster_id: {{ stack_name }} + group: + str_replace: + template: k8s_type.cluster_id + params: + k8s_type: nodes + cluster_id: {{ stack_name }} + type: node + subtype: app + node_labels: +{% for k, v in openshift_cluster_node_labels.app.iteritems() %} + {{ k|e }}: {{ v|e }} +{% endfor %} + image: {{ openstack_node_image | default(openstack_image) }} + flavor: {{ node_flavor }} + key_name: {{ ssh_public_key }} +{% if provider_network %} + net: {{ provider_network }} + net_name: {{ provider_network }} +{% else %} + net: { get_resource: net } + subnet: { get_resource: subnet } + net_name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: {{ stack_name }} +{% if openshift_use_flannel|default(False)|bool %} + attach_data_net: true + data_net: { get_resource: data_net } + data_subnet: { get_resource: data_subnet } +{% endif %} +{% endif %} + secgrp: + - { get_resource: {% if openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}node-secgrp{% endif %} } + - { get_resource: common-secgrp } + floating_network: + if: + - no_floating + - null + - {{ external_network }} +{% if use_bastion|bool or provider_network %} + attach_float_net: false +{% endif %} + volume_size: {{ node_volume_size }} +{% if not provider_network %} + depends_on: + - interface +{% endif %} + + infra_nodes: + type: OS::Heat::ResourceGroup + properties: + count: {{ num_infra }} + resource_def: + type: server.yaml + properties: + name: + str_replace: + template: sub_type_k8s_type-%index%.cluster_id + params: + cluster_id: {{ stack_name }} + sub_type_k8s_type: {{ infra_hostname | default('infranode') }} + cluster_env: {{ public_dns_domain }} + cluster_id: {{ stack_name }} + group: + str_replace: + template: k8s_type.cluster_id + params: + k8s_type: infra + cluster_id: {{ stack_name }} + type: node + subtype: infra + node_labels: +{% for k, v in openshift_cluster_node_labels.infra.iteritems() %} + {{ k|e }}: {{ v|e }} +{% endfor %} + image: {{ openstack_infra_image | default(openstack_image) }} + flavor: {{ infra_flavor }} + key_name: {{ ssh_public_key }} +{% if provider_network %} + net: {{ provider_network }} + net_name: {{ provider_network }} +{% else %} + net: { get_resource: net } + subnet: { get_resource: subnet } + net_name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: {{ stack_name }} +{% if openshift_use_flannel|default(False)|bool %} + attach_data_net: true + data_net: { get_resource: data_net } + data_subnet: { get_resource: data_subnet } +{% endif %} +{% endif %} + secgrp: +# TODO(bogdando) filter only required node rules into infra-secgrp +{% if openstack_flat_secgrp|default(False)|bool %} + - { get_resource: flat-secgrp } +{% else %} + - { get_resource: node-secgrp } +{% endif %} +{% if ui_ssh_tunnel|bool and num_masters|int < 2 %} + - { get_resource: lb-secgrp } +{% endif %} + - { get_resource: infra-secgrp } + - { get_resource: common-secgrp } +{% if not provider_network %} + floating_network: {{ external_network }} +{% endif %} + volume_size: {{ infra_volume_size }} +{% if infra_server_group_policies|length > 0 %} + scheduler_hints: + group: { get_resource: infra_server_group } +{% endif %} +{% if not provider_network %} + depends_on: + - interface +{% endif %} + +{% if num_dns|int > 0 %} + dns: + type: OS::Heat::ResourceGroup + properties: + count: {{ num_dns }} + resource_def: + type: server.yaml + properties: + name: + str_replace: + template: k8s_type-%index%.cluster_id + params: + cluster_id: {{ stack_name }} + k8s_type: {{ dns_hostname | default('dns') }} + cluster_env: {{ public_dns_domain }} + cluster_id: {{ stack_name }} + group: + str_replace: + template: k8s_type.cluster_id + params: + k8s_type: dns + cluster_id: {{ stack_name }} + type: dns + image: {{ openstack_dns_image | default(openstack_image) }} + flavor: {{ dns_flavor }} + key_name: {{ ssh_public_key }} +{% if provider_network %} + net: {{ provider_network }} + net_name: {{ provider_network }} +{% else %} + net: { get_resource: net } + subnet: { get_resource: subnet } + net_name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: {{ stack_name }} +{% endif %} + secgrp: + - { get_resource: dns-secgrp } + - { get_resource: common-secgrp } +{% if not provider_network %} + floating_network: {{ external_network }} +{% endif %} + volume_size: {{ dns_volume_size }} +{% if not provider_network %} + depends_on: + - interface +{% endif %} +{% endif %} -- cgit v1.2.1 From 79f29bc825286c4f69073827a5b6d71f71f47c91 Mon Sep 17 00:00:00 2001 From: Tomas Sedovic Date: Wed, 1 Nov 2017 16:43:13 +0100 Subject: Add the DNS updates and rename the openstack vars Most of the vars in `roles/openshift_openstack/defaults/main.yml` are now prefixed with `openstack_`. --- .../templates/heat_stack.yaml.j2 | 190 ++++++++++----------- 1 file changed, 95 insertions(+), 95 deletions(-) (limited to 'roles/openshift_openstack/templates/heat_stack.yaml.j2') diff --git a/roles/openshift_openstack/templates/heat_stack.yaml.j2 b/roles/openshift_openstack/templates/heat_stack.yaml.j2 index 2359842a5..28634f9a4 100644 --- a/roles/openshift_openstack/templates/heat_stack.yaml.j2 +++ b/roles/openshift_openstack/templates/heat_stack.yaml.j2 @@ -54,7 +54,7 @@ outputs: description: Floating IPs of the nodes value: { get_attr: [ infra_nodes, floating_ip ] } -{% if num_dns|int > 0 %} +{% if openstack_num_dns|int > 0 %} dns_name: description: Name of the DNS value: @@ -72,11 +72,11 @@ outputs: {% endif %} conditions: - no_floating: {% if provider_network or use_bastion|bool %}true{% else %}false{% endif %} + no_floating: {% if openstack_provider_network_name or openstack_use_bastion|bool %}true{% else %}false{% endif %} resources: -{% if not provider_network %} +{% if not openstack_provider_network_name %} net: type: OS::Neutron::Net properties: @@ -99,20 +99,20 @@ resources: str_replace: template: subnet_24_prefix.0/24 params: - subnet_24_prefix: {{ subnet_prefix }} + subnet_24_prefix: {{ openstack_subnet_prefix }} allocation_pools: - start: str_replace: template: subnet_24_prefix.3 params: - subnet_24_prefix: {{ subnet_prefix }} + subnet_24_prefix: {{ openstack_subnet_prefix }} end: str_replace: template: subnet_24_prefix.254 params: - subnet_24_prefix: {{ subnet_prefix }} + subnet_24_prefix: {{ openstack_subnet_prefix }} dns_nameservers: -{% for nameserver in dns_nameservers %} +{% for nameserver in openstack_dns_nameservers %} - {{ nameserver }} {% endfor %} @@ -141,7 +141,7 @@ resources: params: cluster_id: {{ stack_name }} external_gateway_info: - network: {{ external_network }} + network: {{ openstack_external_network_name }} interface: type: OS::Neutron::RouterInterface @@ -159,7 +159,7 @@ resources: # template: openshift-ansible-cluster_id-keypair # params: # cluster_id: {{ stack_name }} -# public_key: {{ ssh_public_key }} +# public_key: {{ openstack_keypair_name }} common-secgrp: type: OS::Neutron::SecurityGroup @@ -180,7 +180,7 @@ resources: port_range_min: 22 port_range_max: 22 remote_ip_prefix: {{ ssh_ingress_cidr }} -{% if use_bastion|bool %} +{% if openstack_use_bastion|bool %} - direction: ingress protocol: tcp port_range_min: 22 @@ -443,7 +443,7 @@ resources: port_range_min: 443 port_range_max: 443 -{% if num_dns|int > 0 %} +{% if openstack_num_dns|int > 0 %} dns-secgrp: type: OS::Neutron::SecurityGroup properties: @@ -480,7 +480,7 @@ resources: remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" {% endif %} -{% if num_masters|int > 1 or ui_ssh_tunnel|bool %} +{% if openstack_num_masters|int > 1 or openshift_ui_ssh_tunnel|bool %} lb-secgrp: type: OS::Neutron::SecurityGroup properties: @@ -492,7 +492,7 @@ resources: port_range_min: {{ openshift_master_api_port | default(8443) }} port_range_max: {{ openshift_master_api_port | default(8443) }} remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} -{% if ui_ssh_tunnel|bool %} +{% if openshift_ui_ssh_tunnel|bool %} - direction: ingress protocol: tcp port_range_min: {{ openshift_master_api_port | default(8443) }} @@ -511,7 +511,7 @@ resources: etcd: type: OS::Heat::ResourceGroup properties: - count: {{ num_etcd }} + count: {{ openstack_num_etcd }} resource_def: type: server.yaml properties: @@ -520,7 +520,7 @@ resources: template: k8s_type-%index%.cluster_id params: cluster_id: {{ stack_name }} - k8s_type: {{ etcd_hostname | default('etcd') }} + k8s_type: {{ openstack_etcd_hostname }} cluster_env: {{ public_dns_domain }} cluster_id: {{ stack_name }} group: @@ -530,12 +530,12 @@ resources: k8s_type: etcds cluster_id: {{ stack_name }} type: etcd - image: {{ openstack_etcd_image | default(openstack_image) }} - flavor: {{ etcd_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} + image: {{ openstack_etcd_image }} + flavor: {{ openstack_etcd_flavor }} + key_name: {{ openstack_keypair_name }} +{% if openstack_provider_network_name %} + net: {{ openstack_provider_network_name }} + net_name: {{ openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -552,31 +552,31 @@ resources: if: - no_floating - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} + - {{ openstack_external_network_name }} +{% if openstack_use_bastion|bool or openstack_provider_network_name %} attach_float_net: false {% endif %} - volume_size: {{ etcd_volume_size }} -{% if not provider_network %} + volume_size: {{ openstack_etcd_volume_size }} +{% if not openstack_provider_network_name %} depends_on: - interface {% endif %} -{% if master_server_group_policies|length > 0 %} +{% if openstack_master_server_group_policies|length > 0 %} master_server_group: type: OS::Nova::ServerGroup properties: name: master_server_group - policies: {{ master_server_group_policies }} + policies: {{ openstack_master_server_group_policies }} {% endif %} -{% if infra_server_group_policies|length > 0 %} +{% if openstack_infra_server_group_policies|length > 0 %} infra_server_group: type: OS::Nova::ServerGroup properties: name: infra_server_group - policies: {{ infra_server_group_policies }} + policies: {{ openstack_infra_server_group_policies }} {% endif %} -{% if num_masters|int > 1 %} +{% if openstack_num_masters|int > 1 %} loadbalancer: type: OS::Heat::ResourceGroup properties: @@ -589,7 +589,7 @@ resources: template: k8s_type-%index%.cluster_id params: cluster_id: {{ stack_name }} - k8s_type: {{ lb_hostname | default('lb') }} + k8s_type: {{ openstack_lb_hostname }} cluster_env: {{ public_dns_domain }} cluster_id: {{ stack_name }} group: @@ -599,12 +599,12 @@ resources: k8s_type: lb cluster_id: {{ stack_name }} type: lb - image: {{ openstack_lb_image | default(openstack_image) }} - flavor: {{ lb_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} + image: {{ openstack_lb_image }} + flavor: {{ openstack_lb_flavor }} + key_name: {{ openstack_keypair_name }} +{% if openstack_provider_network_name %} + net: {{ openstack_provider_network_name }} + net_name: {{ openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -617,11 +617,11 @@ resources: secgrp: - { get_resource: lb-secgrp } - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} +{% if not openstack_provider_network_name %} + floating_network: {{ openstack_external_network_name }} {% endif %} - volume_size: {{ lb_volume_size }} -{% if not provider_network %} + volume_size: {{ openstack_lb_volume_size }} +{% if not openstack_provider_network_name %} depends_on: - interface {% endif %} @@ -630,7 +630,7 @@ resources: masters: type: OS::Heat::ResourceGroup properties: - count: {{ num_masters }} + count: {{ openstack_num_masters }} resource_def: type: server.yaml properties: @@ -639,7 +639,7 @@ resources: template: k8s_type-%index%.cluster_id params: cluster_id: {{ stack_name }} - k8s_type: {{ master_hostname | default('master')}} + k8s_type: {{ openstack_master_hostname }} cluster_env: {{ public_dns_domain }} cluster_id: {{ stack_name }} group: @@ -649,12 +649,12 @@ resources: k8s_type: masters cluster_id: {{ stack_name }} type: master - image: {{ openstack_master_image | default(openstack_image) }} - flavor: {{ master_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} + image: {{ openstack_master_image }} + flavor: {{ openstack_master_flavor }} + key_name: {{ openstack_keypair_name }} +{% if openstack_provider_network_name %} + net: {{ openstack_provider_network_name }} + net_name: {{ openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -675,7 +675,7 @@ resources: {% else %} - { get_resource: master-secgrp } - { get_resource: node-secgrp } -{% if num_etcd|int == 0 %} +{% if openstack_num_etcd|int == 0 %} - { get_resource: etcd-secgrp } {% endif %} {% endif %} @@ -684,16 +684,16 @@ resources: if: - no_floating - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} + - {{ openstack_external_network_name }} +{% if openstack_use_bastion|bool or openstack_provider_network_name %} attach_float_net: false {% endif %} - volume_size: {{ master_volume_size }} -{% if master_server_group_policies|length > 0 %} + volume_size: {{ openstack_master_volume_size }} +{% if openstack_master_server_group_policies|length > 0 %} scheduler_hints: group: { get_resource: master_server_group } {% endif %} -{% if not provider_network %} +{% if not openstack_provider_network_name %} depends_on: - interface {% endif %} @@ -701,9 +701,9 @@ resources: compute_nodes: type: OS::Heat::ResourceGroup properties: - count: {{ num_nodes }} + count: {{ openstack_num_nodes }} removal_policies: - - resource_list: {{ nodes_to_remove }} + - resource_list: {{ openstack_nodes_to_remove }} resource_def: type: server.yaml properties: @@ -712,7 +712,7 @@ resources: template: sub_type_k8s_type-%index%.cluster_id params: cluster_id: {{ stack_name }} - sub_type_k8s_type: {{ node_hostname | default('app-node') }} + sub_type_k8s_type: {{ openstack_node_hostname }} cluster_env: {{ public_dns_domain }} cluster_id: {{ stack_name }} group: @@ -727,12 +727,12 @@ resources: {% for k, v in openshift_cluster_node_labels.app.iteritems() %} {{ k|e }}: {{ v|e }} {% endfor %} - image: {{ openstack_node_image | default(openstack_image) }} - flavor: {{ node_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} + image: {{ openstack_node_image }} + flavor: {{ openstack_node_flavor }} + key_name: {{ openstack_keypair_name }} +{% if openstack_provider_network_name %} + net: {{ openstack_provider_network_name }} + net_name: {{ openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -754,12 +754,12 @@ resources: if: - no_floating - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} + - {{ openstack_external_network_name }} +{% if openstack_use_bastion|bool or openstack_provider_network_name %} attach_float_net: false {% endif %} - volume_size: {{ node_volume_size }} -{% if not provider_network %} + volume_size: {{ openstack_node_volume_size }} +{% if not openstack_provider_network_name %} depends_on: - interface {% endif %} @@ -767,7 +767,7 @@ resources: infra_nodes: type: OS::Heat::ResourceGroup properties: - count: {{ num_infra }} + count: {{ openstack_num_infra }} resource_def: type: server.yaml properties: @@ -776,7 +776,7 @@ resources: template: sub_type_k8s_type-%index%.cluster_id params: cluster_id: {{ stack_name }} - sub_type_k8s_type: {{ infra_hostname | default('infranode') }} + sub_type_k8s_type: {{ openstack_infra_hostname }} cluster_env: {{ public_dns_domain }} cluster_id: {{ stack_name }} group: @@ -791,12 +791,12 @@ resources: {% for k, v in openshift_cluster_node_labels.infra.iteritems() %} {{ k|e }}: {{ v|e }} {% endfor %} - image: {{ openstack_infra_image | default(openstack_image) }} - flavor: {{ infra_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} + image: {{ openstack_infra_image }} + flavor: {{ openstack_infra_flavor }} + key_name: {{ openstack_keypair_name }} +{% if openstack_provider_network_name %} + net: {{ openstack_provider_network_name }} + net_name: {{ openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -818,29 +818,29 @@ resources: {% else %} - { get_resource: node-secgrp } {% endif %} -{% if ui_ssh_tunnel|bool and num_masters|int < 2 %} +{% if openshift_ui_ssh_tunnel|bool and openstack_num_masters|int < 2 %} - { get_resource: lb-secgrp } {% endif %} - { get_resource: infra-secgrp } - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} +{% if not openstack_provider_network_name %} + floating_network: {{ openstack_external_network_name }} {% endif %} - volume_size: {{ infra_volume_size }} -{% if infra_server_group_policies|length > 0 %} + volume_size: {{ openstack_infra_volume_size }} +{% if openstack_infra_server_group_policies|length > 0 %} scheduler_hints: group: { get_resource: infra_server_group } {% endif %} -{% if not provider_network %} +{% if not openstack_provider_network_name %} depends_on: - interface {% endif %} -{% if num_dns|int > 0 %} +{% if openstack_num_dns|int > 0 %} dns: type: OS::Heat::ResourceGroup properties: - count: {{ num_dns }} + count: {{ openstack_num_dns }} resource_def: type: server.yaml properties: @@ -849,7 +849,7 @@ resources: template: k8s_type-%index%.cluster_id params: cluster_id: {{ stack_name }} - k8s_type: {{ dns_hostname | default('dns') }} + k8s_type: {{ openstack_dns_hostname }} cluster_env: {{ public_dns_domain }} cluster_id: {{ stack_name }} group: @@ -859,12 +859,12 @@ resources: k8s_type: dns cluster_id: {{ stack_name }} type: dns - image: {{ openstack_dns_image | default(openstack_image) }} - flavor: {{ dns_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} + image: {{ openstack_dns_image }} + flavor: {{ openstack_dns_flavor }} + key_name: {{ openstack_keypair_name }} +{% if openstack_provider_network_name %} + net: {{ openstack_provider_network_name }} + net_name: {{ openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -877,11 +877,11 @@ resources: secgrp: - { get_resource: dns-secgrp } - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} +{% if not openstack_provider_network_name %} + floating_network: {{ openstack_external_network_name }} {% endif %} - volume_size: {{ dns_volume_size }} -{% if not provider_network %} + volume_size: {{ openstack_dns_volume_size }} +{% if not openstack_provider_network_name %} depends_on: - interface {% endif %} -- cgit v1.2.1 From b95170503613bb97c00175324b31ed91f6f41ea1 Mon Sep 17 00:00:00 2001 From: Tomas Sedovic Date: Thu, 2 Nov 2017 11:03:39 +0100 Subject: Namespace the OpenStack vars This makes sure that all the variables used in the `openshift_openstack` role are prefixed with `openshift_openstack_` as is the convention. --- .../templates/heat_stack.yaml.j2 | 336 ++++++++++----------- 1 file changed, 168 insertions(+), 168 deletions(-) (limited to 'roles/openshift_openstack/templates/heat_stack.yaml.j2') diff --git a/roles/openshift_openstack/templates/heat_stack.yaml.j2 b/roles/openshift_openstack/templates/heat_stack.yaml.j2 index 28634f9a4..bfa65b460 100644 --- a/roles/openshift_openstack/templates/heat_stack.yaml.j2 +++ b/roles/openshift_openstack/templates/heat_stack.yaml.j2 @@ -54,7 +54,7 @@ outputs: description: Floating IPs of the nodes value: { get_attr: [ infra_nodes, floating_ip ] } -{% if openstack_num_dns|int > 0 %} +{% if openshift_openstack_num_dns|int > 0 %} dns_name: description: Name of the DNS value: @@ -72,11 +72,11 @@ outputs: {% endif %} conditions: - no_floating: {% if openstack_provider_network_name or openstack_use_bastion|bool %}true{% else %}false{% endif %} + no_floating: {% if openshift_openstack_provider_network_name or openshift_openstack_use_bastion|bool %}true{% else %}false{% endif %} resources: -{% if not openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name %} net: type: OS::Neutron::Net properties: @@ -84,7 +84,7 @@ resources: str_replace: template: openshift-ansible-cluster_id-net params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} subnet: type: OS::Neutron::Subnet @@ -93,26 +93,26 @@ resources: str_replace: template: openshift-ansible-cluster_id-subnet params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} network: { get_resource: net } cidr: str_replace: template: subnet_24_prefix.0/24 params: - subnet_24_prefix: {{ openstack_subnet_prefix }} + subnet_24_prefix: {{ openshift_openstack_subnet_prefix }} allocation_pools: - start: str_replace: template: subnet_24_prefix.3 params: - subnet_24_prefix: {{ openstack_subnet_prefix }} + subnet_24_prefix: {{ openshift_openstack_subnet_prefix }} end: str_replace: template: subnet_24_prefix.254 params: - subnet_24_prefix: {{ openstack_subnet_prefix }} + subnet_24_prefix: {{ openshift_openstack_subnet_prefix }} dns_nameservers: -{% for nameserver in openstack_dns_nameservers %} +{% for nameserver in openshift_openstack_dns_nameservers %} - {{ nameserver }} {% endfor %} @@ -120,13 +120,13 @@ resources: data_net: type: OS::Neutron::Net properties: - name: openshift-ansible-{{ stack_name }}-data-net + name: openshift-ansible-{{ openshift_openstack_stack_name }}-data-net port_security_enabled: false data_subnet: type: OS::Neutron::Subnet properties: - name: openshift-ansible-{{ stack_name }}-data-subnet + name: openshift-ansible-{{ openshift_openstack_stack_name }}-data-subnet network: { get_resource: data_net } cidr: {{ osm_cluster_network_cidr|default('10.128.0.0/14') }} gateway_ip: null @@ -139,9 +139,9 @@ resources: str_replace: template: openshift-ansible-cluster_id-router params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} external_gateway_info: - network: {{ openstack_external_network_name }} + network: {{ openshift_openstack_external_network_name }} interface: type: OS::Neutron::RouterInterface @@ -158,8 +158,8 @@ resources: # str_replace: # template: openshift-ansible-cluster_id-keypair # params: -# cluster_id: {{ stack_name }} -# public_key: {{ openstack_keypair_name }} +# cluster_id: {{ openshift_openstack_stack_name }} +# public_key: {{ openshift_openstack_keypair_name }} common-secgrp: type: OS::Neutron::SecurityGroup @@ -168,30 +168,30 @@ resources: str_replace: template: openshift-ansible-cluster_id-common-secgrp params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} description: str_replace: template: Basic ssh/icmp security group for cluster_id OpenShift cluster params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} rules: - direction: ingress protocol: tcp port_range_min: 22 port_range_max: 22 - remote_ip_prefix: {{ ssh_ingress_cidr }} -{% if openstack_use_bastion|bool %} + remote_ip_prefix: {{ openshift_openstack_ssh_ingress_cidr }} +{% if openshift_openstack_use_bastion|bool %} - direction: ingress protocol: tcp port_range_min: 22 port_range_max: 22 - remote_ip_prefix: {{ bastion_ingress_cidr }} + remote_ip_prefix: {{ openshift_openstack_bastion_ingress_cidr }} {% endif %} - direction: ingress protocol: icmp - remote_ip_prefix: {{ ssh_ingress_cidr }} + remote_ip_prefix: {{ openshift_openstack_ssh_ingress_cidr }} -{% if openstack_flat_secgrp|default(False)|bool %} +{% if openshift_openstack_flat_secgrp|default(False)|bool %} flat-secgrp: type: OS::Neutron::SecurityGroup properties: @@ -199,12 +199,12 @@ resources: str_replace: template: openshift-ansible-cluster_id-flat-secgrp params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} description: str_replace: template: Security group for cluster_id OpenShift cluster params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} rules: - direction: ingress protocol: tcp @@ -280,12 +280,12 @@ resources: protocol: tcp port_range_min: 30000 port_range_max: 32767 - remote_ip_prefix: {{ node_ingress_cidr }} + remote_ip_prefix: {{ openshift_openstack_node_ingress_cidr }} - direction: ingress protocol: tcp port_range_min: 30000 port_range_max: 32767 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" + remote_ip_prefix: "{{ openshift_openstack_subnet_prefix }}.0/24" {% else %} master-secgrp: type: OS::Neutron::SecurityGroup @@ -294,12 +294,12 @@ resources: str_replace: template: openshift-ansible-cluster_id-master-secgrp params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} description: str_replace: template: Security group for cluster_id OpenShift cluster master params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} rules: - direction: ingress protocol: tcp @@ -355,12 +355,12 @@ resources: str_replace: template: openshift-ansible-cluster_id-etcd-secgrp params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} description: str_replace: template: Security group for cluster_id etcd cluster params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} rules: - direction: ingress protocol: tcp @@ -381,12 +381,12 @@ resources: str_replace: template: openshift-ansible-cluster_id-node-secgrp params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} description: str_replace: template: Security group for cluster_id OpenShift cluster nodes params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} rules: - direction: ingress protocol: tcp @@ -412,12 +412,12 @@ resources: protocol: tcp port_range_min: 30000 port_range_max: 32767 - remote_ip_prefix: {{ node_ingress_cidr }} + remote_ip_prefix: {{ openshift_openstack_node_ingress_cidr }} - direction: ingress protocol: tcp port_range_min: 30000 port_range_max: 32767 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" + remote_ip_prefix: "{{ openshift_openstack_subnet_prefix }}.0/24" {% endif %} infra-secgrp: @@ -427,12 +427,12 @@ resources: str_replace: template: openshift-ansible-cluster_id-infra-secgrp params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} description: str_replace: template: Security group for cluster_id OpenShift infrastructure cluster nodes params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} rules: - direction: ingress protocol: tcp @@ -443,7 +443,7 @@ resources: port_range_min: 443 port_range_max: 443 -{% if openstack_num_dns|int > 0 %} +{% if openshift_openstack_num_dns|int > 0 %} dns-secgrp: type: OS::Neutron::SecurityGroup properties: @@ -451,67 +451,67 @@ resources: str_replace: template: openshift-ansible-cluster_id-dns-secgrp params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} description: str_replace: template: Security group for cluster_id cluster DNS params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} rules: - direction: ingress protocol: udp port_range_min: 53 port_range_max: 53 - remote_ip_prefix: {{ node_ingress_cidr }} + remote_ip_prefix: {{ openshift_openstack_node_ingress_cidr }} - direction: ingress protocol: udp port_range_min: 53 port_range_max: 53 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" + remote_ip_prefix: "{{ openshift_openstack_subnet_prefix }}.0/24" - direction: ingress protocol: tcp port_range_min: 53 port_range_max: 53 - remote_ip_prefix: {{ node_ingress_cidr }} + remote_ip_prefix: {{ openshift_openstack_node_ingress_cidr }} - direction: ingress protocol: tcp port_range_min: 53 port_range_max: 53 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" + remote_ip_prefix: "{{ openshift_openstack_subnet_prefix }}.0/24" {% endif %} -{% if openstack_num_masters|int > 1 or openshift_ui_ssh_tunnel|bool %} +{% if openshift_openstack_num_masters|int > 1 or openshift_openstack_ui_ssh_tunnel|bool %} lb-secgrp: type: OS::Neutron::SecurityGroup properties: - name: openshift-ansible-{{ stack_name }}-lb-secgrp - description: Security group for {{ stack_name }} cluster Load Balancer + name: openshift-ansible-{{ openshift_openstack_stack_name }}-lb-secgrp + description: Security group for {{ openshift_openstack_stack_name }} cluster Load Balancer rules: - direction: ingress protocol: tcp port_range_min: {{ openshift_master_api_port | default(8443) }} port_range_max: {{ openshift_master_api_port | default(8443) }} - remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} -{% if openshift_ui_ssh_tunnel|bool %} + remote_ip_prefix: {{ openshift_openstack_lb_ingress_cidr | default(openshift_openstack_bastion_ingress_cidr) }} +{% if openshift_openstack_ui_ssh_tunnel|bool %} - direction: ingress protocol: tcp port_range_min: {{ openshift_master_api_port | default(8443) }} port_range_max: {{ openshift_master_api_port | default(8443) }} - remote_ip_prefix: {{ ssh_ingress_cidr }} + remote_ip_prefix: {{ openshift_openstack_ssh_ingress_cidr }} {% endif %} {% if openshift_master_console_port is defined and openshift_master_console_port != openshift_master_api_port %} - direction: ingress protocol: tcp port_range_min: {{ openshift_master_console_port | default(8443) }} port_range_max: {{ openshift_master_console_port | default(8443) }} - remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} + remote_ip_prefix: {{ openshift_openstack_lb_ingress_cidr | default(openshift_openstack_bastion_ingress_cidr) }} {% endif %} {% endif %} etcd: type: OS::Heat::ResourceGroup properties: - count: {{ openstack_num_etcd }} + count: {{ openshift_openstack_num_etcd }} resource_def: type: server.yaml properties: @@ -519,23 +519,23 @@ resources: str_replace: template: k8s_type-%index%.cluster_id params: - cluster_id: {{ stack_name }} - k8s_type: {{ openstack_etcd_hostname }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} + k8s_type: {{ openshift_openstack_etcd_hostname }} + cluster_env: {{ openshift_openstack_public_dns_domain }} + cluster_id: {{ openshift_openstack_stack_name }} group: str_replace: template: k8s_type.cluster_id params: k8s_type: etcds - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} type: etcd - image: {{ openstack_etcd_image }} - flavor: {{ openstack_etcd_flavor }} - key_name: {{ openstack_keypair_name }} -{% if openstack_provider_network_name %} - net: {{ openstack_provider_network_name }} - net_name: {{ openstack_provider_network_name }} + image: {{ openshift_openstack_etcd_image }} + flavor: {{ openshift_openstack_etcd_flavor }} + key_name: {{ openshift_openstack_keypair_name }} +{% if openshift_openstack_provider_network_name %} + net: {{ openshift_openstack_provider_network_name }} + net_name: {{ openshift_openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -543,40 +543,40 @@ resources: str_replace: template: openshift-ansible-cluster_id-net params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} {% endif %} secgrp: - - { get_resource: {% if openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}etcd-secgrp{% endif %} } + - { get_resource: {% if openshift_openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}etcd-secgrp{% endif %} } - { get_resource: common-secgrp } floating_network: if: - no_floating - null - - {{ openstack_external_network_name }} -{% if openstack_use_bastion|bool or openstack_provider_network_name %} + - {{ openshift_openstack_external_network_name }} +{% if openshift_openstack_use_bastion|bool or openshift_openstack_provider_network_name %} attach_float_net: false {% endif %} - volume_size: {{ openstack_etcd_volume_size }} -{% if not openstack_provider_network_name %} + volume_size: {{ openshift_openstack_etcd_volume_size }} +{% if not openshift_openstack_provider_network_name %} depends_on: - interface {% endif %} -{% if openstack_master_server_group_policies|length > 0 %} +{% if openshift_openstack_master_server_group_policies|length > 0 %} master_server_group: type: OS::Nova::ServerGroup properties: name: master_server_group - policies: {{ openstack_master_server_group_policies }} + policies: {{ openshift_openstack_master_server_group_policies }} {% endif %} -{% if openstack_infra_server_group_policies|length > 0 %} +{% if openshift_openstack_infra_server_group_policies|length > 0 %} infra_server_group: type: OS::Nova::ServerGroup properties: name: infra_server_group - policies: {{ openstack_infra_server_group_policies }} + policies: {{ openshift_openstack_infra_server_group_policies }} {% endif %} -{% if openstack_num_masters|int > 1 %} +{% if openshift_openstack_num_masters|int > 1 %} loadbalancer: type: OS::Heat::ResourceGroup properties: @@ -588,23 +588,23 @@ resources: str_replace: template: k8s_type-%index%.cluster_id params: - cluster_id: {{ stack_name }} - k8s_type: {{ openstack_lb_hostname }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} + k8s_type: {{ openshift_openstack_lb_hostname }} + cluster_env: {{ openshift_openstack_public_dns_domain }} + cluster_id: {{ openshift_openstack_stack_name }} group: str_replace: template: k8s_type.cluster_id params: k8s_type: lb - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} type: lb - image: {{ openstack_lb_image }} - flavor: {{ openstack_lb_flavor }} - key_name: {{ openstack_keypair_name }} -{% if openstack_provider_network_name %} - net: {{ openstack_provider_network_name }} - net_name: {{ openstack_provider_network_name }} + image: {{ openshift_openstack_lb_image }} + flavor: {{ openshift_openstack_lb_flavor }} + key_name: {{ openshift_openstack_keypair_name }} +{% if openshift_openstack_provider_network_name %} + net: {{ openshift_openstack_provider_network_name }} + net_name: {{ openshift_openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -612,16 +612,16 @@ resources: str_replace: template: openshift-ansible-cluster_id-net params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} {% endif %} secgrp: - { get_resource: lb-secgrp } - { get_resource: common-secgrp } -{% if not openstack_provider_network_name %} - floating_network: {{ openstack_external_network_name }} +{% if not openshift_openstack_provider_network_name %} + floating_network: {{ openshift_openstack_external_network_name }} {% endif %} - volume_size: {{ openstack_lb_volume_size }} -{% if not openstack_provider_network_name %} + volume_size: {{ openshift_openstack_lb_volume_size }} +{% if not openshift_openstack_provider_network_name %} depends_on: - interface {% endif %} @@ -630,7 +630,7 @@ resources: masters: type: OS::Heat::ResourceGroup properties: - count: {{ openstack_num_masters }} + count: {{ openshift_openstack_num_masters }} resource_def: type: server.yaml properties: @@ -638,23 +638,23 @@ resources: str_replace: template: k8s_type-%index%.cluster_id params: - cluster_id: {{ stack_name }} - k8s_type: {{ openstack_master_hostname }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} + k8s_type: {{ openshift_openstack_master_hostname }} + cluster_env: {{ openshift_openstack_public_dns_domain }} + cluster_id: {{ openshift_openstack_stack_name }} group: str_replace: template: k8s_type.cluster_id params: k8s_type: masters - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} type: master - image: {{ openstack_master_image }} - flavor: {{ openstack_master_flavor }} - key_name: {{ openstack_keypair_name }} -{% if openstack_provider_network_name %} - net: {{ openstack_provider_network_name }} - net_name: {{ openstack_provider_network_name }} + image: {{ openshift_openstack_master_image }} + flavor: {{ openshift_openstack_master_flavor }} + key_name: {{ openshift_openstack_keypair_name }} +{% if openshift_openstack_provider_network_name %} + net: {{ openshift_openstack_provider_network_name }} + net_name: {{ openshift_openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -662,7 +662,7 @@ resources: str_replace: template: openshift-ansible-cluster_id-net params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} {% if openshift_use_flannel|default(False)|bool %} attach_data_net: true data_net: { get_resource: data_net } @@ -670,12 +670,12 @@ resources: {% endif %} {% endif %} secgrp: -{% if openstack_flat_secgrp|default(False)|bool %} +{% if openshift_openstack_flat_secgrp|default(False)|bool %} - { get_resource: flat-secgrp } {% else %} - { get_resource: master-secgrp } - { get_resource: node-secgrp } -{% if openstack_num_etcd|int == 0 %} +{% if openshift_openstack_num_etcd|int == 0 %} - { get_resource: etcd-secgrp } {% endif %} {% endif %} @@ -684,16 +684,16 @@ resources: if: - no_floating - null - - {{ openstack_external_network_name }} -{% if openstack_use_bastion|bool or openstack_provider_network_name %} + - {{ openshift_openstack_external_network_name }} +{% if openshift_openstack_use_bastion|bool or openshift_openstack_provider_network_name %} attach_float_net: false {% endif %} - volume_size: {{ openstack_master_volume_size }} -{% if openstack_master_server_group_policies|length > 0 %} + volume_size: {{ openshift_openstack_master_volume_size }} +{% if openshift_openstack_master_server_group_policies|length > 0 %} scheduler_hints: group: { get_resource: master_server_group } {% endif %} -{% if not openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name %} depends_on: - interface {% endif %} @@ -701,9 +701,9 @@ resources: compute_nodes: type: OS::Heat::ResourceGroup properties: - count: {{ openstack_num_nodes }} + count: {{ openshift_openstack_num_nodes }} removal_policies: - - resource_list: {{ openstack_nodes_to_remove }} + - resource_list: {{ openshift_openstack_nodes_to_remove }} resource_def: type: server.yaml properties: @@ -711,28 +711,28 @@ resources: str_replace: template: sub_type_k8s_type-%index%.cluster_id params: - cluster_id: {{ stack_name }} - sub_type_k8s_type: {{ openstack_node_hostname }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} + sub_type_k8s_type: {{ openshift_openstack_node_hostname }} + cluster_env: {{ openshift_openstack_public_dns_domain }} + cluster_id: {{ openshift_openstack_stack_name }} group: str_replace: template: k8s_type.cluster_id params: k8s_type: nodes - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} type: node subtype: app node_labels: -{% for k, v in openshift_cluster_node_labels.app.iteritems() %} +{% for k, v in openshift_openstack_cluster_node_labels.app.iteritems() %} {{ k|e }}: {{ v|e }} {% endfor %} - image: {{ openstack_node_image }} - flavor: {{ openstack_node_flavor }} - key_name: {{ openstack_keypair_name }} -{% if openstack_provider_network_name %} - net: {{ openstack_provider_network_name }} - net_name: {{ openstack_provider_network_name }} + image: {{ openshift_openstack_node_image }} + flavor: {{ openshift_openstack_node_flavor }} + key_name: {{ openshift_openstack_keypair_name }} +{% if openshift_openstack_provider_network_name %} + net: {{ openshift_openstack_provider_network_name }} + net_name: {{ openshift_openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -740,7 +740,7 @@ resources: str_replace: template: openshift-ansible-cluster_id-net params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} {% if openshift_use_flannel|default(False)|bool %} attach_data_net: true data_net: { get_resource: data_net } @@ -748,18 +748,18 @@ resources: {% endif %} {% endif %} secgrp: - - { get_resource: {% if openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}node-secgrp{% endif %} } + - { get_resource: {% if openshift_openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}node-secgrp{% endif %} } - { get_resource: common-secgrp } floating_network: if: - no_floating - null - - {{ openstack_external_network_name }} -{% if openstack_use_bastion|bool or openstack_provider_network_name %} + - {{ openshift_openstack_external_network_name }} +{% if openshift_openstack_use_bastion|bool or openshift_openstack_provider_network_name %} attach_float_net: false {% endif %} - volume_size: {{ openstack_node_volume_size }} -{% if not openstack_provider_network_name %} + volume_size: {{ openshift_openstack_node_volume_size }} +{% if not openshift_openstack_provider_network_name %} depends_on: - interface {% endif %} @@ -767,7 +767,7 @@ resources: infra_nodes: type: OS::Heat::ResourceGroup properties: - count: {{ openstack_num_infra }} + count: {{ openshift_openstack_num_infra }} resource_def: type: server.yaml properties: @@ -775,28 +775,28 @@ resources: str_replace: template: sub_type_k8s_type-%index%.cluster_id params: - cluster_id: {{ stack_name }} - sub_type_k8s_type: {{ openstack_infra_hostname }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} + sub_type_k8s_type: {{ openshift_openstack_infra_hostname }} + cluster_env: {{ openshift_openstack_public_dns_domain }} + cluster_id: {{ openshift_openstack_stack_name }} group: str_replace: template: k8s_type.cluster_id params: k8s_type: infra - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} type: node subtype: infra node_labels: -{% for k, v in openshift_cluster_node_labels.infra.iteritems() %} +{% for k, v in openshift_openstack_cluster_node_labels.infra.iteritems() %} {{ k|e }}: {{ v|e }} {% endfor %} - image: {{ openstack_infra_image }} - flavor: {{ openstack_infra_flavor }} - key_name: {{ openstack_keypair_name }} -{% if openstack_provider_network_name %} - net: {{ openstack_provider_network_name }} - net_name: {{ openstack_provider_network_name }} + image: {{ openshift_openstack_infra_image }} + flavor: {{ openshift_openstack_infra_flavor }} + key_name: {{ openshift_openstack_keypair_name }} +{% if openshift_openstack_provider_network_name %} + net: {{ openshift_openstack_provider_network_name }} + net_name: {{ openshift_openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -804,7 +804,7 @@ resources: str_replace: template: openshift-ansible-cluster_id-net params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} {% if openshift_use_flannel|default(False)|bool %} attach_data_net: true data_net: { get_resource: data_net } @@ -813,34 +813,34 @@ resources: {% endif %} secgrp: # TODO(bogdando) filter only required node rules into infra-secgrp -{% if openstack_flat_secgrp|default(False)|bool %} +{% if openshift_openstack_flat_secgrp|default(False)|bool %} - { get_resource: flat-secgrp } {% else %} - { get_resource: node-secgrp } {% endif %} -{% if openshift_ui_ssh_tunnel|bool and openstack_num_masters|int < 2 %} +{% if openshift_openstack_ui_ssh_tunnel|bool and openshift_openstack_num_masters|int < 2 %} - { get_resource: lb-secgrp } {% endif %} - { get_resource: infra-secgrp } - { get_resource: common-secgrp } -{% if not openstack_provider_network_name %} - floating_network: {{ openstack_external_network_name }} +{% if not openshift_openstack_provider_network_name %} + floating_network: {{ openshift_openstack_external_network_name }} {% endif %} - volume_size: {{ openstack_infra_volume_size }} -{% if openstack_infra_server_group_policies|length > 0 %} + volume_size: {{ openshift_openstack_infra_volume_size }} +{% if openshift_openstack_infra_server_group_policies|length > 0 %} scheduler_hints: group: { get_resource: infra_server_group } {% endif %} -{% if not openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name %} depends_on: - interface {% endif %} -{% if openstack_num_dns|int > 0 %} +{% if openshift_openstack_num_dns|int > 0 %} dns: type: OS::Heat::ResourceGroup properties: - count: {{ openstack_num_dns }} + count: {{ openshift_openstack_num_dns }} resource_def: type: server.yaml properties: @@ -848,23 +848,23 @@ resources: str_replace: template: k8s_type-%index%.cluster_id params: - cluster_id: {{ stack_name }} - k8s_type: {{ openstack_dns_hostname }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} + k8s_type: {{ openshift_openstack_dns_hostname }} + cluster_env: {{ openshift_openstack_public_dns_domain }} + cluster_id: {{ openshift_openstack_stack_name }} group: str_replace: template: k8s_type.cluster_id params: k8s_type: dns - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} type: dns - image: {{ openstack_dns_image }} - flavor: {{ openstack_dns_flavor }} - key_name: {{ openstack_keypair_name }} -{% if openstack_provider_network_name %} - net: {{ openstack_provider_network_name }} - net_name: {{ openstack_provider_network_name }} + image: {{ openshift_openstack_dns_image }} + flavor: {{ openshift_openstack_dns_flavor }} + key_name: {{ openshift_openstack_keypair_name }} +{% if openshift_openstack_provider_network_name %} + net: {{ openshift_openstack_provider_network_name }} + net_name: {{ openshift_openstack_provider_network_name }} {% else %} net: { get_resource: net } subnet: { get_resource: subnet } @@ -872,16 +872,16 @@ resources: str_replace: template: openshift-ansible-cluster_id-net params: - cluster_id: {{ stack_name }} + cluster_id: {{ openshift_openstack_stack_name }} {% endif %} secgrp: - { get_resource: dns-secgrp } - { get_resource: common-secgrp } -{% if not openstack_provider_network_name %} - floating_network: {{ openstack_external_network_name }} +{% if not openshift_openstack_provider_network_name %} + floating_network: {{ openshift_openstack_external_network_name }} {% endif %} - volume_size: {{ openstack_dns_volume_size }} -{% if not openstack_provider_network_name %} + volume_size: {{ openshift_openstack_dns_volume_size }} +{% if not openshift_openstack_provider_network_name %} depends_on: - interface {% endif %} -- cgit v1.2.1