From 255fff02b7de8dd5161f3dbd55ebddd211179246 Mon Sep 17 00:00:00 2001 From: Jim Rollenhagen Date: Tue, 18 Dec 2018 10:45:27 -0500 Subject: [PATCH] Allow neutron services to use independent hostnames This allows neutron service endpoints to use custom hostnames, and adds the following variables: * neutron_internal_fqdn * neutron_external_fqdn These default to the old values of kolla_internal_fqdn or kolla_external_fqdn. This also adds a neutron_server_listen_port option, which defaults to neutron_server_port for backward compatibility. This option allow the user to differentiate between the port the service listens on, and the port the service is reachable on. This is useful for external load balancers which live on the same host as the service itself. Change-Id: I87d7387326b6eaa6adae1600b48d480319d10676 Implements: blueprint service-hostnames --- ansible/group_vars/all.yml | 3 +++ ansible/roles/ironic/templates/ironic.conf.j2 | 2 +- ansible/roles/manila/templates/manila-share.conf.j2 | 2 +- ansible/roles/neutron/defaults/main.yml | 8 +++++--- ansible/roles/neutron/tasks/precheck.yml | 2 +- ansible/roles/neutron/templates/neutron.conf.j2 | 2 +- ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2 | 2 +- ansible/roles/nova/templates/nova.conf.j2 | 2 +- 8 files changed, 14 insertions(+), 9 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index aecfbfcf85..bdc4b242de 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -273,7 +273,10 @@ mongodb_web_port: "28017" murano_api_port: "8082" +neutron_internal_fqdn: "{{ kolla_internal_fqdn }}" +neutron_external_fqdn: "{{ kolla_external_fqdn }}" neutron_server_port: "9696" +neutron_server_listen_port: "{{ neutron_server_port }}" nova_internal_fqdn: "{{ kolla_internal_fqdn }}" nova_external_fqdn: "{{ kolla_external_fqdn }}" diff --git a/ansible/roles/ironic/templates/ironic.conf.j2 b/ansible/roles/ironic/templates/ironic.conf.j2 index 81c373e17b..9915d28516 100644 --- a/ansible/roles/ironic/templates/ironic.conf.j2 +++ b/ansible/roles/ironic/templates/ironic.conf.j2 @@ -82,7 +82,7 @@ username = {{ ironic_keystone_user }} password = {{ ironic_keystone_password }} [neutron] -url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }} +url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }} auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password project_domain_id = default diff --git a/ansible/roles/manila/templates/manila-share.conf.j2 b/ansible/roles/manila/templates/manila-share.conf.j2 index 9899b09806..7180a1edd7 100644 --- a/ansible/roles/manila/templates/manila-share.conf.j2 +++ b/ansible/roles/manila/templates/manila-share.conf.j2 @@ -38,7 +38,7 @@ memcache_secret_key = {{ memcache_secret_key }} memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [neutron] -url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }} +url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }} uth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }} auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }} auth_type = password diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml index cbb9f6a64b..cc0408e3a8 100644 --- a/ansible/roles/neutron/defaults/main.yml +++ b/ansible/roles/neutron/defaults/main.yml @@ -19,6 +19,7 @@ neutron_services: mode: "http" external: false port: "{{ neutron_server_port }}" + listen_port: "{{ neutron_server_listen_port }}" frontend_http_extra: - "option http-tunnel" neutron_server_external: @@ -26,6 +27,7 @@ neutron_services: mode: "http" external: true port: "{{ neutron_server_port }}" + listen_port: "{{ neutron_server_listen_port }}" neutron-openvswitch-agent: container_name: "neutron_openvswitch_agent" image: "{{ neutron_openvswitch_agent_image_full }}" @@ -305,9 +307,9 @@ max_l3_agents_per_router: 3 # valid value is: ["v1", "v2"] neutron_fwaas_version: "v1" -neutron_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}" -neutron_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}" -neutron_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ neutron_server_port }}" +neutron_admin_endpoint: "{{ admin_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}" +neutron_internal_endpoint: "{{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }}" +neutron_public_endpoint: "{{ public_protocol }}://{{ neutron_external_fqdn }}:{{ neutron_server_port }}" neutron_logging_debug: "{{ openstack_logging_debug }}" diff --git a/ansible/roles/neutron/tasks/precheck.yml b/ansible/roles/neutron/tasks/precheck.yml index 850e6ec13c..a0a1c7f319 100644 --- a/ansible/roles/neutron/tasks/precheck.yml +++ b/ansible/roles/neutron/tasks/precheck.yml @@ -8,7 +8,7 @@ - name: Checking free port for Neutron Server wait_for: host: "{{ api_interface_address }}" - port: "{{ neutron_server_port }}" + port: "{{ neutron_server_listen_port }}" connect_timeout: 1 timeout: 1 state: stopped diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index 3e8dbf2809..7560d10b00 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -9,7 +9,7 @@ log_dir = /var/log/kolla/neutron use_stderr = False bind_host = {{ api_interface_address }} -bind_port = {{ neutron_server_port }} +bind_port = {{ neutron_server_listen_port }} api_paste_config = /usr/share/neutron/api-paste.ini endpoint_type = internalURL diff --git a/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2 b/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2 index 7cd9515d76..54ab387174 100644 --- a/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2 +++ b/ansible/roles/nova-hyperv/templates/nova_hyperv.conf.j2 @@ -48,7 +48,7 @@ enabled = true html5_proxy_base_url = {{ public_protocol }}://{{ kolla_internal_vip_address }}:{{ rdp_port }} [neutron] -url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }} +url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }} auth_strategy = keystone project_domain_name = default project_name = service diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index 45e5bc7728..b7871bc83b 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -139,7 +139,7 @@ os_region_name = {{ openstack_region_name }} {% endif %} [neutron] -url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }} +url = {{ internal_protocol }}://{{ neutron_internal_fqdn }}:{{ neutron_server_port }} metadata_proxy_shared_secret = {{ metadata_secret }} service_metadata_proxy = true {% if neutron_plugin_agent == 'vmware_nsxv3' %}