1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
|
# Heat template which intstantiates a 1+1 HA Perimeta instance with 4 or 5
# vNICs.
#
# This is designed to be included in a higher level template.
#
# This template puts the Perimeta configuration in place using userdata
# injected via OpenStack's ConfigDrive mechanism.
#
# Host anti-affinity is achieved using different availability zones for
# the Perimeta instance or server group anti-affinity if they are in the
# same availability zone.
#
# Template requires Juno or above and has been tested on Kilo.
#
heat_template_version: 2014-10-16
description: >
HOT template to instantiate a Perimeta 1+1 HA instance with 4vNICs as part of a nested template
parameters:
vnf_id:
type: string
description: VNF ID of this deployment
vm_role:
type: string
description: Role of these VMs
vf_module_id:
type: string
description: Unique ID for this VF Module instance
system_names:
type: comma_delimited_list
description: List of system names of Perimeta instances. Name of a specific instance is indexed by perimeta_instance_index
vm_a_names:
type: comma_delimited_list
description: List of names of Perimeta VM A instances, indexed by perimeta_instance_index
vm_b_names:
type: comma_delimited_list
description: List of names of Perimeta VM A instances, indexed by perimeta_instance_index
perimeta_instance_index:
type: number
description: Index of instance among multiple instances. Use to retrieve correct parameter for this instance when passed all parameters for all instances.
perimeta_image_name:
type: string
description: Glance image for Perimeta instance
constraints:
- custom_constraint: glance.image
perimeta_flavor_name:
type: string
description: Flavor to use for creating VM instances
constraints:
- custom_constraint: nova.flavor
perimeta_keypair:
type: string
description: Keypair to use for accessing this Perimeta instance
constraints:
- custom_constraint: nova.keypair
availability_zone_0:
# Can be commented out along with references if always using a single availability zone
type: string
description: Availability zone for A instances.
availability_zone_1:
# Can be commented out along with references if always using a single availability zone
type: string
description: Availability zone for B instances. May be the same as A instance.
mgmt_net_id:
type: string
description: Management network id
constraints:
- custom_constraint: neutron.network
mgmt_net_plen:
type: string
description: Prefix length of management network
mgmt_net_default_gateway:
type: string
description: IP address of management default gateway
mgmt_vips:
type: comma_delimited_list
description: List of management virtual IP addresses for all instances.
mgmt_a_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as management IPs of A instances.
mgmt_b_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as management IPs of B instances.
mgmt_sec_groups:
type: comma_delimited_list
description: List of security groups to add on management interfaces.
ha_net_id:
type: string
description: HA network id
constraints:
- custom_constraint: neutron.network
ha_network_plen:
type: number
constraints:
- range: { min: 0, max: 32 }
description: ha_network_plen must be between 0 and 32
ha_a_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as HA IPs of A instances.
ha_b_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as HA IPs of B instances.
ha_sec_groups:
type: comma_delimited_list
description: List of security groups to add on HA interfaces.
trusted_net_id:
type: string
description: Service network 1 network UUID
constraints:
- custom_constraint: neutron.network
trusted_vips:
type: comma_delimited_list
description: List of service network 1 virtual IP addresses for all instances.
trusted_a_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as trusted fixed IPs of A instances.
trusted_b_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as trusted fixed IPs of B instances.
trusted_sec_groups:
type: comma_delimited_list
description: List of security groups to add on trusted interfaces.
untrusted_net_id:
type: string
description: Service network 2 network UUID
constraints:
- custom_constraint: neutron.network
untrusted_vips:
type: comma_delimited_list
description: List of service network 2 virtual IP addresses for all instances.
untrusted_v6_vips:
type: comma_delimited_list
description: List of service network 2 alternate virtual IP addresses for all instances.
untrusted_a_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as untrusted fixed IPs of A instances.
untrusted_a_v6_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as untrusted alternate fixed IPs of A instances.
untrusted_b_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as untrusted fixed IPs of B instances.
untrusted_b_v6_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as untrusted alternate fixed IPs of B instances.
untrusted_sec_groups:
type: comma_delimited_list
description: List of security groups to add on untrusted interfaces.
untrusted_num_vlans:
type: number
description: Number of VLANs to connect to on the untrusted/access network
untrusted_vlan_ids:
type: comma_delimited_list
description: List of VLAN IDs to use on the untrusted/access network
untrusted_vlan_networks:
type: comma_delimited_list
description: List of Contrail VLAN networks to use on the untrusted/access network. The order and number of these must match the VLAN ID list.
serv3_net_id:
type: string
description: Service network 3 network UUID
serv3_vips:
type: comma_delimited_list
description: List of service network 3 virtual IP addresses for all instances.
serv3_a_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as serv3 fixed IPs of A instances.
serv3_b_ips:
type: comma_delimited_list
description: List of fixed IP addresses to use as serv3 fixed IPs of B instances.
serv3_sec_groups:
type: comma_delimited_list
description: List of security groups to add on serv3 interfaces.
unused_net_id:
type: string
description: Service network unused port network UUID
perimeta_param_server_group:
type: string
description: Server group to use for these VMs - ignored
perimeta_config:
type: string
description: Orchestration template configuration for instance.
resources:
# Perimeta management ports
perimeta_b_mgmt_0_port:
type: OS::Neutron::Port
properties:
name:
str_replace:
template: $VM_mgmt_port
params:
$VM: { get_param: [ vm_b_names, { get_param: perimeta_instance_index } ] }
network_id: { get_param: mgmt_net_id }
fixed_ips:
- ip_address: { get_param: [ mgmt_b_ips, { get_param: perimeta_instance_index } ] }
security_groups: { get_param: mgmt_sec_groups }
allowed_address_pairs:
- ip_address: { get_param: [ mgmt_vips, { get_param: perimeta_instance_index } ] }
# Perimeta HA ports
perimeta_b_ha_0_port:
type: OS::Neutron::Port
properties:
name:
str_replace:
template: $VM_ha_port
params:
$VM: { get_param: [ vm_b_names, { get_param: perimeta_instance_index } ] }
network_id: { get_param: ha_net_id }
fixed_ips:
- ip_address: { get_param: [ ha_b_ips, { get_param: perimeta_instance_index } ] }
security_groups: { get_param: ha_sec_groups }
# Perimeta core/trusted service network ports
#
# Dual stack core network - if only IPv4 required, comment out second entry
# in fixed_ips and allowed_addrsess_pairs parameters.
perimeta_b_trusted_0_port:
type: OS::Neutron::Port
properties:
name:
str_replace:
template: $VM_trusted_port
params:
$VM: { get_param: [ vm_b_names, { get_param: perimeta_instance_index } ] }
network_id: { get_param: trusted_net_id }
fixed_ips:
- ip_address: { get_param: [ trusted_b_ips, { get_param: perimeta_instance_index } ] }
security_groups: { get_param: trusted_sec_groups }
allowed_address_pairs:
- ip_address: { get_param: [ trusted_vips, { get_param: perimeta_instance_index } ] }
# Perimeta access/untrusted service network ports
#
# Dual stack access network - if only IPv4 required, comment out second entry
# in fixed_ips and allowed_addrsess_pairs parameters.
perimeta_b_untrusted_0_port:
type: OS::Neutron::Port
properties:
name:
str_replace:
template: $VM_untrusted_port
params:
$VM: { get_param: [ vm_b_names, { get_param: perimeta_instance_index } ] }
network_id: { get_param: untrusted_net_id }
fixed_ips:
- ip_address: { get_param: [ untrusted_b_ips, { get_param: perimeta_instance_index } ] }
- ip_address: { get_param: [ untrusted_b_v6_ips, { get_param: perimeta_instance_index } ] }
security_groups: { get_param: untrusted_sec_groups }
allowed_address_pairs:
- ip_address: { get_param: [ untrusted_vips, { get_param: perimeta_instance_index } ] }
- ip_address: { get_param: [ untrusted_v6_vips, { get_param: perimeta_instance_index } ] }
# Contrail VLAN subinterfaces
perimeta_b_untrusted_0_vlan_ports:
type: OS::Heat::ResourceGroup
properties:
count: { get_param: untrusted_num_vlans }
resource_def:
type: vlan_subinterface_dual.yaml
properties:
subinterface_instance_index: "%index%"
subinterface_name_prefix:
str_replace:
template: $VM_untrusted_port_vlan_
params:
$VM: { get_param: [ vm_b_names, { get_param: perimeta_instance_index } ] }
parent_interface: { get_resource: perimeta_b_untrusted_0_port }
mac_address: { get_attr: [ perimeta_b_untrusted_0_port, mac_address ] }
ip_address: { get_param: [ untrusted_b_ips, { get_param: perimeta_instance_index } ] }
ipv6_address: { get_param: [ untrusted_b_v6_ips, { get_param: perimeta_instance_index } ] }
virtual_ip_address: { get_param: [ untrusted_vips, { get_param: perimeta_instance_index } ] }
virtual_ipv6_address: { get_param: [ untrusted_v6_vips, { get_param: perimeta_instance_index } ] }
vlan_ids: { get_param: untrusted_vlan_ids }
vlan_networks: { get_param: untrusted_vlan_networks }
# Perimeta Rf service network ports (SSC only)
#
# Dual stack access network - if only IPv4 required, comment out second entry
# in fixed_ips and allowed_addrsess_pairs parameters.
perimeta_b_serv3_0_port:
type: OS::Neutron::Port
properties:
name:
str_replace:
template: $VM_serv3_port
params:
$VM: { get_param: [ vm_b_names, { get_param: perimeta_instance_index } ] }
network_id: { get_param: serv3_net_id }
fixed_ips:
- ip_address: { get_param: [ serv3_b_ips, { get_param: perimeta_instance_index } ] }
security_groups: { get_param: serv3_sec_groups }
allowed_address_pairs:
- ip_address: { get_param: [ serv3_vips, { get_param: perimeta_instance_index } ] }
perimeta_b_unused_0_port:
type: OS::Neutron::Port
properties:
name:
str_replace:
template: $VM_unused_port
params:
$VM: { get_param: [ vm_b_names, { get_param: perimeta_instance_index } ] }
network: { get_param: unused_net_id }
# Add any additional service ports here.
perimeta_b_server_0:
type: OS::Nova::Server
properties:
name: { get_param: [ vm_b_names, { get_param: perimeta_instance_index } ] }
image: { get_param: perimeta_image_name }
flavor: { get_param: perimeta_flavor_name }
key_name: { get_param: perimeta_keypair }
scheduler_hints: { group: { get_param: perimeta_param_server_group } }
metadata:
'vnf_id': { get_param: vnf_id }
'vm_role':
str_replace:
template: $ROLE_b
params:
$ROLE: { get_param: vm_role }
'vf_module_id': { get_param: vf_module_id }
networks:
- port: { get_resource: perimeta_b_mgmt_0_port }
- port: { get_resource: perimeta_b_ha_0_port }
- port: { get_resource: perimeta_b_trusted_0_port }
- port: { get_resource: perimeta_b_untrusted_0_port }
- port: { get_resource: perimeta_b_serv3_0_port }
- port: { get_resource: perimeta_b_unused_0_port }
availability_zone: { get_param: availability_zone_1 }
config_drive: True
user_data_format: RAW
user_data:
str_replace:
template: |
{
"vnic_assignment": {
"IBG1mgmt": {"mac": "$MGMT_MACADDR"},
"IPG1": {"mac": "$HA_MACADDR"},
"RPG1": {"mac": "$TRUSTED_MACADDR"},
"RPG2": {"mac": "$UNTRUSTED_MACADDR"},
"RPG3": {"mac": "$SERV3_MACADDR"},
"RPG4": {"mac": "$SERV4_MACADDR"}
},
"ip_ha_local": "$LOCAL_HA_IP_ADDR",
"ip_ha_remote": "$REMOTE_HA_IP_ADDR",
"ip_ha_plen": "$HA_NETWORK_PLEN"
//"ip_mgmt_local": "$LOCAL_MGMT_IP_ADDR",
//"ip_mgmt_remote": "$REMOTE_MGMT_IP_ADDR",
//"ip_mgmt_plen": "$MGMT_NETWORK_PLEN",
//"ip_mgmt_gway": "$MGMT_NETWORK_DEFAULT_GATEWAY"
}
params:
$MGMT_MACADDR: { get_attr: [perimeta_b_mgmt_0_port, mac_address] }
$HA_MACADDR: { get_attr: [perimeta_b_ha_0_port, mac_address] }
$TRUSTED_MACADDR: { get_attr: [perimeta_b_trusted_0_port, mac_address] }
$UNTRUSTED_MACADDR: { get_attr: [perimeta_b_untrusted_0_port, mac_address] }
$SERV3_MACADDR: { get_attr: [perimeta_b_serv3_0_port, mac_address] }
$SERV4_MACADDR: { get_attr: [perimeta_b_unused_0_port, mac_address] }
$LOCAL_HA_IP_ADDR: { get_param: [ ha_b_ips, { get_param: perimeta_instance_index } ] }
$REMOTE_HA_IP_ADDR: { get_param: [ ha_a_ips, { get_param: perimeta_instance_index } ] }
$HA_NETWORK_PLEN: { get_param: ha_network_plen }
$LOCAL_MGMT_IP_ADDR: { get_param: [ mgmt_b_ips, { get_param: perimeta_instance_index } ] }
$REMOTE_MGMT_IP_ADDR: { get_param: [ mgmt_a_ips, { get_param: perimeta_instance_index } ] }
$MGMT_NETWORK_PLEN: { get_param: mgmt_net_plen }
$MGMT_NETWORK_DEFAULT_GATEWAY: { get_param: mgmt_net_default_gateway }
outputs:
server_group_used:
description: Server group used for these VMs
value: { get_param: perimeta_param_server_group }
|
