Merge ~sombrafam/stsstack-bundles:master into stsstack-bundles:master
- Git
- lp:~sombrafam/stsstack-bundles
- master
- Merge into master
Proposed by
Erlon R. Cruz
Status: | Rejected |
---|---|
Rejected by: | Edward Hope-Morley |
Proposed branch: | ~sombrafam/stsstack-bundles:master |
Merge into: | stsstack-bundles:master |
Diff against target: |
421 lines (+79/-50) 23 files modified
.gitignore (+2/-0) common/generate_bundle_base (+1/-0) common/helpers (+11/-0) openstack/pipeline/02configure (+5/-5) openstack/pipeline/03build (+15/-0) overlays/ceph-rgw-ha.yaml (+1/-1) overlays/cinder-ha.yaml (+1/-1) overlays/designate-ha.yaml (+1/-1) overlays/glance-ha.yaml (+1/-1) overlays/heat-ha.yaml (+1/-1) overlays/k8s-lb-ha-hacluster.yaml (+1/-1) overlays/k8s-lb-ha-keepalived.yaml (+4/-4) overlays/keystone-ha.yaml (+1/-1) overlays/mysql-ha.yaml (+1/-1) overlays/neutron-api-ha.yaml (+1/-1) overlays/nova-cloud-controller-ha.yaml (+1/-1) overlays/octavia-ha.yaml (+1/-1) overlays/openstack-dashboard-ha.yaml (+1/-1) overlays/swift-ha.yaml (+1/-1) overlays/telemetry-ha.yaml (+3/-3) overlays/vault-ha.yaml (+1/-1) ssl/create_ca_cert.sh.template (+2/-2) ssl/openssl-server.cnf.template (+22/-22) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Edward Hope-Morley | Disapprove | ||
Felipe Reyes | Needs Fixing | ||
Review via email: mp+380509@code.launchpad.net |
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
Felipe Reyes (freyes) : | # |
review:
Needs Fixing
Unmerged commits
- ca9dfa2... by Erlon R. Cruz
-
Adds option to allow multiple HA deployments
Currently when you create a HA deployment, the VIP will be
10.5.100.X for the HA services. In the case that you setup
another model also with HA, the services VIPs will be the
same and will conflict one each other.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/.gitignore b/.gitignore |
2 | index 197c3ec..4265c4b 100644 |
3 | --- a/.gitignore |
4 | +++ b/.gitignore |
5 | @@ -1,3 +1,5 @@ |
6 | b |
7 | bundles |
8 | ssl/*/ |
9 | +ssl/openssl-server.cnf.template_ |
10 | +ssl/create_ca_cert.sh |
11 | diff --git a/common/generate_bundle_base b/common/generate_bundle_base |
12 | index 7b62655..0cbe789 100644 |
13 | --- a/common/generate_bundle_base |
14 | +++ b/common/generate_bundle_base |
15 | @@ -141,6 +141,7 @@ if ((${#MOD_OVERLAYS[@]})); then |
16 | ((${#overlay_opts[@]}==0)) && overlay_opts+=("") # left padding |
17 | overlay_opts+=( --overlay $bundles_dir/o/$overlay ) |
18 | render $bundles_dir/o/$overlay |
19 | + render_ips $bundles_dir/o/$overlay ${MOD_PARAMS[__HA_VIP_OCTECT__]} |
20 | overlays_deduped[$overlay]=true |
21 | msgs+=( " + $overlay\n" ) |
22 | # Copy overla resources to bundles dir (if exists) |
23 | diff --git a/common/helpers b/common/helpers |
24 | index 9a9c7a6..889de01 100644 |
25 | --- a/common/helpers |
26 | +++ b/common/helpers |
27 | @@ -80,6 +80,10 @@ OPTIONS: |
28 | By default the development (cs:~openstack-charmers-next) version of |
29 | Openstack charms are used where available. Use this flag if you want to |
30 | use the stable (released) charms i.e. cs:<charm>. |
31 | + --ha-vip-octet) |
32 | + On HA deployments, use VIPs 10.5.<octet>.x in order to avoid conflict |
33 | + between multiple deployments from different models. Must be |
34 | + 99 < vip < 150. |
35 | |
36 | OVERLAYS: |
37 | You can optionally add one or more feature overlay. These are |
38 | @@ -566,3 +570,10 @@ get_local_upstream_dns () |
39 | (($?==0)) && echo $server && return 0 |
40 | echo "10.198.200.1" # stsstack upstream dns |
41 | } |
42 | + |
43 | +render_ips () { |
44 | + local file="$1" |
45 | + local octet="$2" |
46 | + |
47 | + sed -i "s,__HA_VIP_OCTECT__,$octet,g" $1 |
48 | +} |
49 | \ No newline at end of file |
50 | diff --git a/openstack/pipeline/02configure b/openstack/pipeline/02configure |
51 | index 705be31..4e98681 100644 |
52 | --- a/openstack/pipeline/02configure |
53 | +++ b/openstack/pipeline/02configure |
54 | @@ -30,6 +30,7 @@ MOD_PARAMS[__AMPHORA_SSH_PUB_KEY__]='' |
55 | MOD_PARAMS[__GSSS_SWIFT_ENABLED__]=false # glance-simplestreams-sync can optionally store index data in swift |
56 | MOD_PARAMS[__LDAP_SERVER__]='' |
57 | MOD_PARAMS[__OVERLAY_NETWORK_TYPE__]='gre' # this is the charm default |
58 | +MOD_PARAMS[__HA_VIP_OCTECT__]='100' # By default VIPs points to 10.5.100.x |
59 | |
60 | # Try to use current model (or newly requested one) as subdomain name |
61 | model_subdomain=`get_juju_model` |
62 | @@ -85,6 +86,10 @@ get_amphora_ssh_pub_key () |
63 | while (($# > 0)) |
64 | do |
65 | case "$1" in |
66 | + --ha-vip-octet) #__OPT__type:<int> |
67 | + MOD_PARAMS[__HA_VIP_OCTECT__]=$2 |
68 | + shift |
69 | + ;; |
70 | --num-compute) #__OPT__type:<int> |
71 | MOD_PARAMS[__NUM_COMPUTE_UNITS__]=$2 |
72 | shift |
73 | @@ -337,11 +342,6 @@ do |
74 | MOD_OVERLAYS+=( "rsyslog.yaml" ) |
75 | ;; |
76 | --ssl) |
77 | - (cd ssl; ./create_ca_cert.sh openstack;) |
78 | - ssl_results="ssl/openstack/results" |
79 | - MOD_PARAMS[__SSL_CA__]=`base64 ${ssl_results}/cacert.pem| tr -d '\n'` |
80 | - MOD_PARAMS[__SSL_CERT__]=`base64 ${ssl_results}/servercert.pem| tr -d '\n'` |
81 | - MOD_PARAMS[__SSL_KEY__]=`base64 ${ssl_results}/serverkey.pem| tr -d '\n'` |
82 | # Make everything HA with 1 unit (unless --ha has already been set) |
83 | if ! has_opt '--ha[:0-9]*$'; then |
84 | set -- $@ --ha:1 && cache $@ |
85 | diff --git a/openstack/pipeline/03build b/openstack/pipeline/03build |
86 | index c616606..72eea05 100644 |
87 | --- a/openstack/pipeline/03build |
88 | +++ b/openstack/pipeline/03build |
89 | @@ -1,6 +1,21 @@ |
90 | #!/bin/bash |
91 | export INTERNAL_BUNDLE_CONFIG_RENDERER= |
92 | export INTERNAL_BUNDLE_CONFIG= |
93 | + |
94 | +if has_opt --ssl; then |
95 | + cp ./ssl/openssl-server.cnf.template ./ssl/openssl-server.cnf.template_ |
96 | + cp ./ssl/create_ca_cert.sh.template ./ssl/create_ca_cert.sh.template_ |
97 | + render_ips ./ssl/openssl-server.cnf.template_ ${MOD_PARAMS[__HA_VIP_OCTECT__]} |
98 | + render_ips ./ssl/create_ca_cert.sh.template_ ${MOD_PARAMS[__HA_VIP_OCTECT__]} |
99 | + mv ./ssl/create_ca_cert.sh.template_ ./ssl/create_ca_cert.sh && chmod +x ./ssl/create_ca_cert.sh |
100 | + ssl_results="ssl/openstack/results" |
101 | + rm -rf $ssl_results |
102 | + (cd ssl; ./create_ca_cert.sh openstack;) |
103 | + MOD_PARAMS[__SSL_CA__]=`base64 ${ssl_results}/cacert.pem| tr -d '\n'` |
104 | + MOD_PARAMS[__SSL_CERT__]=`base64 ${ssl_results}/servercert.pem| tr -d '\n'` |
105 | + MOD_PARAMS[__SSL_KEY__]=`base64 ${ssl_results}/serverkey.pem| tr -d '\n'` |
106 | +fi |
107 | + |
108 | if ((${#MOD_PARAMS[@]})); then |
109 | export INTERNAL_BUNDLE_CONFIG_RENDERER=`mktemp` |
110 | export INTERNAL_BUNDLE_CONFIG=`mktemp` |
111 | diff --git a/overlays/ceph-rgw-ha.yaml b/overlays/ceph-rgw-ha.yaml |
112 | index fa5ed46..7670e7a 100644 |
113 | --- a/overlays/ceph-rgw-ha.yaml |
114 | +++ b/overlays/ceph-rgw-ha.yaml |
115 | @@ -2,7 +2,7 @@ applications: |
116 | ceph-rgw: |
117 | num_units: __NUM_CEPH_RGW_UNITS__ |
118 | options: |
119 | - vip: 10.5.100.14 |
120 | + vip: 10.5.__HA_VIP_OCTECT__.14 |
121 | ceph-rgw-hacluster: |
122 | charm: cs:~openstack-charmers-next/hacluster |
123 | num_units: 0 |
124 | diff --git a/overlays/cinder-ha.yaml b/overlays/cinder-ha.yaml |
125 | index a105706..a2a6322 100644 |
126 | --- a/overlays/cinder-ha.yaml |
127 | +++ b/overlays/cinder-ha.yaml |
128 | @@ -2,7 +2,7 @@ applications: |
129 | cinder: |
130 | num_units: __NUM_CINDER_UNITS__ |
131 | options: |
132 | - vip: 10.5.100.4 |
133 | + vip: 10.5.__HA_VIP_OCTECT__.4 |
134 | cinder-hacluster: |
135 | charm: cs:~openstack-charmers-next/hacluster |
136 | options: |
137 | diff --git a/overlays/designate-ha.yaml b/overlays/designate-ha.yaml |
138 | index cef2d86..9ccd381 100644 |
139 | --- a/overlays/designate-ha.yaml |
140 | +++ b/overlays/designate-ha.yaml |
141 | @@ -2,7 +2,7 @@ applications: |
142 | designate: |
143 | num_units: __NUM_DESIGNATE_UNITS__ |
144 | options: |
145 | - vip: 10.5.100.13 |
146 | + vip: 10.5.__HA_VIP_OCTECT__.13 |
147 | designate-bind: |
148 | num_units: 2 |
149 | designate-hacluster: |
150 | diff --git a/overlays/glance-ha.yaml b/overlays/glance-ha.yaml |
151 | index 7c646de..9b13a1a 100644 |
152 | --- a/overlays/glance-ha.yaml |
153 | +++ b/overlays/glance-ha.yaml |
154 | @@ -2,7 +2,7 @@ applications: |
155 | glance: |
156 | num_units: __NUM_GLANCE_UNITS__ |
157 | options: |
158 | - vip: 10.5.100.3 |
159 | + vip: 10.5.__HA_VIP_OCTECT__.3 |
160 | glance-hacluster: |
161 | charm: cs:~openstack-charmers-next/hacluster |
162 | options: |
163 | diff --git a/overlays/heat-ha.yaml b/overlays/heat-ha.yaml |
164 | index 1817869..0483d00 100644 |
165 | --- a/overlays/heat-ha.yaml |
166 | +++ b/overlays/heat-ha.yaml |
167 | @@ -2,7 +2,7 @@ applications: |
168 | heat: |
169 | num_units: __NUM_HEAT_UNITS__ |
170 | options: |
171 | - vip: 10.5.100.9 |
172 | + vip: 10.5.__HA_VIP_OCTECT__.9 |
173 | heat-hacluster: |
174 | charm: cs:~openstack-charmers-next/hacluster |
175 | options: |
176 | diff --git a/overlays/k8s-lb-ha-hacluster.yaml b/overlays/k8s-lb-ha-hacluster.yaml |
177 | index 74a3e63..216dfd0 100644 |
178 | --- a/overlays/k8s-lb-ha-hacluster.yaml |
179 | +++ b/overlays/k8s-lb-ha-hacluster.yaml |
180 | @@ -3,7 +3,7 @@ |
181 | applications: |
182 | kubeapi-load-balancer: |
183 | options: |
184 | - ha-cluster-vip: 10.5.100.1 |
185 | + ha-cluster-vip: 10.5.__HA_VIP_OCTECT__.1 |
186 | kubeapi-lb-hacluster: |
187 | charm: cs:~openstack-charmers-next/hacluster |
188 | options: |
189 | diff --git a/overlays/k8s-lb-ha-keepalived.yaml b/overlays/k8s-lb-ha-keepalived.yaml |
190 | index 7c88438..3799dde 100644 |
191 | --- a/overlays/k8s-lb-ha-keepalived.yaml |
192 | +++ b/overlays/k8s-lb-ha-keepalived.yaml |
193 | @@ -4,14 +4,14 @@ applications: |
194 | kubeapi-lb-keepalived: |
195 | charm: cs:~containers/keepalived |
196 | options: |
197 | - virtual_ip: 10.5.100.1 |
198 | - vip_hostname: 10.5.100.1 |
199 | + virtual_ip: 10.5.__HA_VIP_OCTECT__.1 |
200 | + vip_hostname: 10.5.__HA_VIP_OCTECT__.1 |
201 | kubeapi-load-balancer: |
202 | options: |
203 | - extra_sans: 10.5.100.1 |
204 | + extra_sans: 10.5.__HA_VIP_OCTECT__.1 |
205 | kubernetes-master: |
206 | options: |
207 | - extra_sans: 10.5.100.1 |
208 | + extra_sans: 10.5.__HA_VIP_OCTECT__.1 |
209 | relations: |
210 | - [ kubeapi-lb-keepalived:juju-info, kubeapi-load-balancer:juju-info ] |
211 | - [ kubeapi-lb-keepalived:lb-sink, kubeapi-load-balancer:website ] |
212 | diff --git a/overlays/keystone-ha.yaml b/overlays/keystone-ha.yaml |
213 | index 512b295..a553a8a 100644 |
214 | --- a/overlays/keystone-ha.yaml |
215 | +++ b/overlays/keystone-ha.yaml |
216 | @@ -2,7 +2,7 @@ applications: |
217 | keystone: |
218 | num_units: __NUM_KEYSTONE_UNITS__ |
219 | options: |
220 | - vip: 10.5.100.1 |
221 | + vip: 10.5.__HA_VIP_OCTECT__.1 |
222 | keystone-hacluster: |
223 | charm: cs:~openstack-charmers-next/hacluster |
224 | options: |
225 | diff --git a/overlays/mysql-ha.yaml b/overlays/mysql-ha.yaml |
226 | index 4c955d0..30b200a 100644 |
227 | --- a/overlays/mysql-ha.yaml |
228 | +++ b/overlays/mysql-ha.yaml |
229 | @@ -2,7 +2,7 @@ applications: |
230 | mysql: |
231 | num_units: __NUM_MYSQL_UNITS__ |
232 | options: |
233 | - vip: 10.5.100.7 |
234 | + vip: 10.5.__HA_VIP_OCTECT__.7 |
235 | min-cluster-size: __NUM_MYSQL_UNITS__ |
236 | mysql-hacluster: |
237 | charm: cs:~openstack-charmers-next/hacluster |
238 | diff --git a/overlays/neutron-api-ha.yaml b/overlays/neutron-api-ha.yaml |
239 | index d42dc2e..ecd5ee5 100644 |
240 | --- a/overlays/neutron-api-ha.yaml |
241 | +++ b/overlays/neutron-api-ha.yaml |
242 | @@ -2,7 +2,7 @@ applications: |
243 | neutron-api: |
244 | num_units: __NUM_NEUTRON_API_UNITS__ |
245 | options: |
246 | - vip: 10.5.100.5 |
247 | + vip: 10.5.__HA_VIP_OCTECT__.5 |
248 | neutron-api-hacluster: |
249 | charm: cs:~openstack-charmers-next/hacluster |
250 | options: |
251 | diff --git a/overlays/nova-cloud-controller-ha.yaml b/overlays/nova-cloud-controller-ha.yaml |
252 | index 72d696b..c7386f0 100644 |
253 | --- a/overlays/nova-cloud-controller-ha.yaml |
254 | +++ b/overlays/nova-cloud-controller-ha.yaml |
255 | @@ -2,7 +2,7 @@ applications: |
256 | nova-cloud-controller: |
257 | num_units: __NUM_NOVACC_UNITS__ |
258 | options: |
259 | - vip: 10.5.100.2 |
260 | + vip: 10.5.__HA_VIP_OCTECT__.2 |
261 | nova-cloud-controller-hacluster: |
262 | charm: cs:~openstack-charmers-next/hacluster |
263 | options: |
264 | diff --git a/overlays/octavia-ha.yaml b/overlays/octavia-ha.yaml |
265 | index 331d87b..a077371 100644 |
266 | --- a/overlays/octavia-ha.yaml |
267 | +++ b/overlays/octavia-ha.yaml |
268 | @@ -2,7 +2,7 @@ applications: |
269 | octavia: |
270 | num_units: __NUM_OCTAVIA_UNITS__ |
271 | options: |
272 | - vip: 10.5.100.16 |
273 | + vip: 10.5.__HA_VIP_OCTECT__.16 |
274 | octavia-hacluster: |
275 | charm: cs:~openstack-charmers-next/hacluster |
276 | options: |
277 | diff --git a/overlays/openstack-dashboard-ha.yaml b/overlays/openstack-dashboard-ha.yaml |
278 | index 1a8fba8..d6dedce 100644 |
279 | --- a/overlays/openstack-dashboard-ha.yaml |
280 | +++ b/overlays/openstack-dashboard-ha.yaml |
281 | @@ -2,7 +2,7 @@ applications: |
282 | openstack-dashboard: |
283 | num_units: __NUM_HORIZON_UNITS__ |
284 | options: |
285 | - vip: 10.5.100.6 |
286 | + vip: 10.5.__HA_VIP_OCTECT__.6 |
287 | openstack-dashboard-hacluster: |
288 | charm: cs:~openstack-charmers-next/hacluster |
289 | options: |
290 | diff --git a/overlays/swift-ha.yaml b/overlays/swift-ha.yaml |
291 | index ecf1443..a24ae6f 100644 |
292 | --- a/overlays/swift-ha.yaml |
293 | +++ b/overlays/swift-ha.yaml |
294 | @@ -2,7 +2,7 @@ applications: |
295 | swift-proxy: |
296 | num_units: __NUM_SWIFT_PROXY_UNITS__ |
297 | options: |
298 | - vip: 10.5.100.8 |
299 | + vip: 10.5.__HA_VIP_OCTECT__.8 |
300 | swift-proxy-hacluster: |
301 | charm: cs:~openstack-charmers-next/hacluster |
302 | num_units: 0 |
303 | diff --git a/overlays/telemetry-ha.yaml b/overlays/telemetry-ha.yaml |
304 | index f7fb15c..3603e79 100644 |
305 | --- a/overlays/telemetry-ha.yaml |
306 | +++ b/overlays/telemetry-ha.yaml |
307 | @@ -2,15 +2,15 @@ applications: |
308 | ceilometer: |
309 | num_units: __NUM_TELEMETRY_UNITS__ |
310 | options: |
311 | - vip: 10.5.100.10 |
312 | + vip: 10.5.__HA_VIP_OCTECT__.10 |
313 | aodh: |
314 | num_units: __NUM_TELEMETRY_UNITS__ |
315 | options: |
316 | - vip: 10.5.100.11 |
317 | + vip: 10.5.__HA_VIP_OCTECT__.11 |
318 | gnocchi: |
319 | num_units: __NUM_TELEMETRY_UNITS__ |
320 | options: |
321 | - vip: 10.5.100.12 |
322 | + vip: 10.5.__HA_VIP_OCTECT__.12 |
323 | ceilometer-hacluster: |
324 | charm: cs:~openstack-charmers-next/hacluster |
325 | options: |
326 | diff --git a/overlays/vault-ha.yaml b/overlays/vault-ha.yaml |
327 | index c28687d..bf4be5d 100644 |
328 | --- a/overlays/vault-ha.yaml |
329 | +++ b/overlays/vault-ha.yaml |
330 | @@ -1,7 +1,7 @@ |
331 | applications: |
332 | vault: |
333 | options: |
334 | - vip: 10.5.100.15 |
335 | + vip: 10.5.__HA_VIP_OCTECT__.15 |
336 | vault-hacluster: |
337 | charm: cs:~openstack-charmers-next/hacluster |
338 | options: |
339 | diff --git a/ssl/create_ca_cert.sh b/ssl/create_ca_cert.sh.template |
340 | similarity index 86% |
341 | rename from ssl/create_ca_cert.sh |
342 | rename to ssl/create_ca_cert.sh.template |
343 | old mode 100755 |
344 | new mode 100644 |
345 | index fbebbe0..0d29383 |
346 | --- a/ssl/create_ca_cert.sh |
347 | +++ b/ssl/create_ca_cert.sh.template |
348 | @@ -4,12 +4,12 @@ results_dir=${module}/results |
349 | #rm -rf $results_dir |
350 | mkdir -p $results_dir |
351 | sed -r "s,__RESULTS_PATH__,$results_dir,g" openssl-ca.cnf.template > $module/openssl-ca.cnf |
352 | -sed -r "s,__RESULTS_PATH__,$results_dir,g" openssl-server.cnf.template > $module/openssl-server.cnf |
353 | +sed -r "s,__RESULTS_PATH__,$results_dir,g" openssl-server.cnf.template_ > $module/openssl-server.cnf |
354 | touch $results_dir/index.txt |
355 | echo '01' > $results_dir/serial.txt |
356 | [ -r "$results_dir/cacert.pem" ] || \ |
357 | openssl req -x509 -config $module/openssl-ca.cnf -newkey rsa:4096 -sha256 -nodes -out $results_dir/cacert.pem -outform PEM -subj "/C=GB/ST=England/L=London/O=Ubuntu Cloud/OU=Cloud" |
358 | [ -r "$results_dir/servercert.csr" ] || \ |
359 | - openssl req -config $module/openssl-server.cnf -newkey rsa:2048 -sha256 -nodes -out $results_dir/servercert.csr -outform PEM -subj "/C=GB/ST=England/L=London/O=Ubuntu Cloud/OU=Cloud/CN=10.5.100.1" |
360 | + openssl req -config $module/openssl-server.cnf -newkey rsa:2048 -sha256 -nodes -out $results_dir/servercert.csr -outform PEM -subj "/C=GB/ST=England/L=London/O=Ubuntu Cloud/OU=Cloud/CN=10.5.__HA_VIP_OCTECT__.1" |
361 | [ -r "$results_dir/servercert.pem" ] || \ |
362 | openssl ca -batch -config $module/openssl-ca.cnf -policy signing_policy -extensions signing_req -out $results_dir/servercert.pem -infiles $results_dir/servercert.csr |
363 | diff --git a/ssl/openssl-server.cnf.template b/ssl/openssl-server.cnf.template |
364 | index 39ca7f2..dbd1d5d 100644 |
365 | --- a/ssl/openssl-server.cnf.template |
366 | +++ b/ssl/openssl-server.cnf.template |
367 | @@ -24,8 +24,8 @@ localityName_default = Austin |
368 | organizationName = Cloud |
369 | organizationName_default = Cloud |
370 | |
371 | -commonName = 10.5.100.1 |
372 | -commonName_default = 10.5.100.1 |
373 | +commonName = 10.5.__HA_VIP_OCTECT__.1 |
374 | +commonName_default = 10.5.__HA_VIP_OCTECT__.1 |
375 | |
376 | emailAddress = test@example.com |
377 | emailAddress_default = test@example.com |
378 | @@ -42,23 +42,23 @@ nsComment = "OpenSSL Generated Certificate" |
379 | #################################################################### |
380 | [ alternate_names ] |
381 | # Needs to include any possible VIP addresse we might use in a deployment |
382 | -IP.1 = 10.5.100.1 |
383 | -IP.2 = 10.5.100.2 |
384 | -IP.3 = 10.5.100.3 |
385 | -IP.4 = 10.5.100.4 |
386 | -IP.5 = 10.5.100.5 |
387 | -IP.6 = 10.5.100.6 |
388 | -IP.7 = 10.5.100.7 |
389 | -IP.8 = 10.5.100.8 |
390 | -IP.9 = 10.5.100.9 |
391 | -IP.10 = 10.5.100.10 |
392 | -IP.11 = 10.5.100.11 |
393 | -IP.12 = 10.5.100.12 |
394 | -IP.13 = 10.5.100.13 |
395 | -IP.14 = 10.5.100.14 |
396 | -IP.15 = 10.5.100.15 |
397 | -IP.16 = 10.5.100.16 |
398 | -IP.17 = 10.5.100.17 |
399 | -IP.18 = 10.5.100.18 |
400 | -IP.19 = 10.5.100.19 |
401 | -IP.20 = 10.5.100.20 |
402 | +IP.1 = 10.5.__HA_VIP_OCTECT__.1 |
403 | +IP.2 = 10.5.__HA_VIP_OCTECT__.2 |
404 | +IP.3 = 10.5.__HA_VIP_OCTECT__.3 |
405 | +IP.4 = 10.5.__HA_VIP_OCTECT__.4 |
406 | +IP.5 = 10.5.__HA_VIP_OCTECT__.5 |
407 | +IP.6 = 10.5.__HA_VIP_OCTECT__.6 |
408 | +IP.7 = 10.5.__HA_VIP_OCTECT__.7 |
409 | +IP.8 = 10.5.__HA_VIP_OCTECT__.8 |
410 | +IP.9 = 10.5.__HA_VIP_OCTECT__.9 |
411 | +IP.10 = 10.5.__HA_VIP_OCTECT__.10 |
412 | +IP.11 = 10.5.__HA_VIP_OCTECT__.11 |
413 | +IP.12 = 10.5.__HA_VIP_OCTECT__.12 |
414 | +IP.13 = 10.5.__HA_VIP_OCTECT__.13 |
415 | +IP.14 = 10.5.__HA_VIP_OCTECT__.14 |
416 | +IP.15 = 10.5.__HA_VIP_OCTECT__.15 |
417 | +IP.16 = 10.5.__HA_VIP_OCTECT__.16 |
418 | +IP.17 = 10.5.__HA_VIP_OCTECT__.17 |
419 | +IP.18 = 10.5.__HA_VIP_OCTECT__.18 |
420 | +IP.19 = 10.5.__HA_VIP_OCTECT__.19 |
421 | +IP.20 = 10.5.__HA_VIP_OCTECT__.20 |
Hi Erlon,
Thanks for submitting this patch. The problem that you are trying to fix is a real one i.e. how to have multiple HA deployments that don't use the same addresses. However I don't think that this is a problem we can solve nicely entirely in stsstack-bundles. Remember that this problem is not just for the openstack module, the others can use manual certs too. Also, not all deployments will use the 10.5.x.x range (although that is currently the default network we use for VIPs since it has port security disabled). I would like to explore a way to do all this without having to be specific about octets and addresses. Image a solution where the user can simply say use this network and we create a pool of addresses to as VIPs and they get automatically configured. That way you could use any network and we could also take into account the scenario where we are deploying e.g. octavia and therefore need a network with port security enabled. Lastly, don't forget that if you use Vault for ssl (--vault) then none of those code is used anyway and all the addresses are configured by the charms themselves.