summaryrefslogtreecommitdiffstats
path: root/roles/openstack-stack/templates/heat_stack.yaml.j2
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openstack-stack/templates/heat_stack.yaml.j2')
-rw-r--r--roles/openstack-stack/templates/heat_stack.yaml.j250
1 files changed, 29 insertions, 21 deletions
diff --git a/roles/openstack-stack/templates/heat_stack.yaml.j2 b/roles/openstack-stack/templates/heat_stack.yaml.j2
index 524f466ff..3623035c6 100644
--- a/roles/openstack-stack/templates/heat_stack.yaml.j2
+++ b/roles/openstack-stack/templates/heat_stack.yaml.j2
@@ -439,7 +439,7 @@ resources:
port_range_min: 53
port_range_max: 53
remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24"
-{% if num_masters > 1 %}
+{% if num_masters > 1 or ui_ssh_tunnel|bool %}
lb-secgrp:
type: OS::Neutron::SecurityGroup
properties:
@@ -450,14 +450,21 @@ resources:
protocol: tcp
port_range_min: {{ openshift_master_api_port | default(8443) }}
port_range_max: {{ openshift_master_api_port | default(8443) }}
- remote_ip_prefix: {{ lb_ingress_cidr }}
- {% if openshift_master_console_port is defined and openshift_master_console_port != openshift_master_api_port %}
+ remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }}
+{% if ui_ssh_tunnel|bool %}
+ - direction: ingress
+ protocol: tcp
+ port_range_min: {{ openshift_master_api_port | default(8443) }}
+ port_range_max: {{ openshift_master_api_port | default(8443) }}
+ remote_ip_prefix: {{ ssh_ingress_cidr }}
+{% endif %}
+{% if openshift_master_console_port is defined and openshift_master_console_port != openshift_master_api_port %}
- direction: ingress
protocol: tcp
port_range_min: {{ openshift_master_console_port | default(8443) }}
port_range_max: {{ openshift_master_console_port | default(8443) }}
- remote_ip_prefix: {{ lb_ingress_cidr }}
- {% endif %}
+ remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }}
+{% endif %}
{% endif %}
etcd:
@@ -476,7 +483,7 @@ resources:
template: k8s_type-%index%.cluster_id
params:
cluster_id: {{ stack_name }}
- k8s_type: etcd
+ k8s_type: {{ etcd_hostname }}
cluster_env: {{ public_dns_domain }}
cluster_id: {{ stack_name }}
group:
@@ -486,7 +493,7 @@ resources:
k8s_type: etcds
cluster_id: {{ stack_name }}
type: etcd
- image: {{ openstack_image }}
+ image: {{ openstack_etcd_image }}
flavor: {{ etcd_flavor }}
key_name: {{ ssh_public_key }}
net: { get_resource: net }
@@ -519,7 +526,7 @@ resources:
template: k8s_type-%index%.cluster_id
params:
cluster_id: {{ stack_name }}
- k8s_type: lb
+ k8s_type: {{ lb_hostname }}
cluster_env: {{ public_dns_domain }}
cluster_id: {{ stack_name }}
group:
@@ -529,7 +536,7 @@ resources:
k8s_type: lb
cluster_id: {{ stack_name }}
type: lb
- image: {{ openstack_image }}
+ image: {{ openstack_lb_image }}
flavor: {{ lb_flavor }}
key_name: {{ ssh_public_key }}
net: { get_resource: net }
@@ -564,7 +571,7 @@ resources:
template: k8s_type-%index%.cluster_id
params:
cluster_id: {{ stack_name }}
- k8s_type: master
+ k8s_type: {{ master_hostname }}
cluster_env: {{ public_dns_domain }}
cluster_id: {{ stack_name }}
group:
@@ -574,7 +581,7 @@ resources:
k8s_type: masters
cluster_id: {{ stack_name }}
type: master
- image: {{ openstack_image }}
+ image: {{ openstack_master_image }}
flavor: {{ master_flavor }}
key_name: {{ ssh_public_key }}
net: { get_resource: net }
@@ -617,11 +624,10 @@ resources:
properties:
name:
str_replace:
- template: subtype-k8s_type-%index%.cluster_id
+ template: sub_type_k8s_type-%index%.cluster_id
params:
cluster_id: {{ stack_name }}
- k8s_type: node
- subtype: app
+ sub_type_k8s_type: {{ node_hostname }}
cluster_env: {{ public_dns_domain }}
cluster_id: {{ stack_name }}
group:
@@ -636,7 +642,7 @@ resources:
{% for k, v in openshift_cluster_node_labels.app.iteritems() %}
{{ k|e }}: {{ v|e }}
{% endfor %}
- image: {{ openstack_image }}
+ image: {{ openstack_node_image }}
flavor: {{ node_flavor }}
key_name: {{ ssh_public_key }}
net: { get_resource: net }
@@ -665,11 +671,10 @@ resources:
properties:
name:
str_replace:
- template: subtypek8s_type-%index%.cluster_id
+ template: sub_type_k8s_type-%index%.cluster_id
params:
cluster_id: {{ stack_name }}
- k8s_type: node
- subtype: infra
+ sub_type_k8s_type: {{ infra_hostname }}
cluster_env: {{ public_dns_domain }}
cluster_id: {{ stack_name }}
group:
@@ -684,7 +689,7 @@ resources:
{% for k, v in openshift_cluster_node_labels.infra.iteritems() %}
{{ k|e }}: {{ v|e }}
{% endfor %}
- image: {{ openstack_image }}
+ image: {{ openstack_infra_image }}
flavor: {{ infra_flavor }}
key_name: {{ ssh_public_key }}
net: { get_resource: net }
@@ -696,6 +701,9 @@ resources:
{% else %}
- { get_resource: node-secgrp }
{% endif %}
+{% if ui_ssh_tunnel|bool and num_masters < 2 %}
+ - { get_resource: lb-secgrp }
+{% endif %}
- { get_resource: infra-secgrp }
- { get_resource: common-secgrp }
floating_network: {{ external_network }}
@@ -720,7 +728,7 @@ resources:
template: k8s_type-%index%.cluster_id
params:
cluster_id: {{ stack_name }}
- k8s_type: dns
+ k8s_type: {{ dns_hostname }}
cluster_env: {{ public_dns_domain }}
cluster_id: {{ stack_name }}
group:
@@ -730,7 +738,7 @@ resources:
k8s_type: dns
cluster_id: {{ stack_name }}
type: dns
- image: {{ openstack_image }}
+ image: {{ openstack_dns_image }}
flavor: {{ dns_flavor }}
key_name: {{ ssh_public_key }}
net: { get_resource: net }
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-15 13:45:31 +0000