Hi all,
I'm trying to create a heat template automating the
creation of group-based policy resources when deploying
stacks. The template takes an L3 policy as an input
argument and then creates an L2 policy, a policy target
group and a policy target. I use GBP together with Cisco
APIC on OpenStack Mitaka.
(Slightly simplified) Heat template:
parameters:
l3p_main:
type: string
description: L3 policy name to use for main network
interface
resources:
l2p_main:
type: OS::GroupBasedPolicy::L2Policy
properties:
name: { list_join: [ '_', [ { get_param:
'OS::stack_name' }, 'l2p' ] ] }
l3_policy_id: { get_param: l3p_main }
shared: false
ptg_main:
type: OS::GroupBasedPolicy::PolicyTargetGroup
properties:
name: { list_join: [ '_', [ { get_param:
'OS::stack_name' }, 'ptg' ] ] }
l2_policy_id: { get_resource: l2p_main }
shared: false
pt_main:
type: OS::GroupBasedPolicy::PolicyTarget
properties:
name: { list_join: [ '_', [ { get_param:
'OS::stack_name' }, 'pt' ] ] }
policy_target_group_id: { get_resource: ptg_main
}
server:
type: OS::Nova::Server
properties:
networks:
- port: { get_attr: [ pt_main, port_id ] }
The stack create fails with the following error message
(taken from openstack stack show ... CLI command):
| stack_status | CREATE_FAILED
|
| stack_status_reason | Resource CREATE failed:
BadRequest: resources.server: Port
49638f39-3e13-4813-b69f-efa2b3001c11 requires a FixedIP in
order to be used. (HTTP 400) (Request-ID:
req-4b6c465b-bb54-4eef-ae0b-d17e4a626c66) |
Inspecting the neutron port referred to by the policy
target which was created gives the following:
$ neutron port-show
49638f39-3e13-4813-b69f-efa2b3001c11
+-----------------------+--------------------------------------+
| Field | Value
|
+-----------------------+--------------------------------------+
| admin_state_up | True
|
| allowed_address_pairs |
|
| binding:vnic_type | normal
|
| created_at | 2017-07-11T21:11:54
|
| description |
|
| device_id |
|
| device_owner |
|
| extra_dhcp_opts |
|
| fixed_ips |
| <-- empty
| id |
49638f39-3e13-4813-b69f-efa2b3001c11 |
| mac_address | fa:16:3e:93:b2:25
|
| name | pt_foo_bar_test_pt
|
| network_id |
72455662-1210-4aac-af70-8b19a974e0ea |
| security_groups |
a3dd6bdc-bf85-4340-b305-166defc8e41c |
| status | DOWN
|
| tenant_id |
c0351d9a317f4b16b79ba7fa1fec4e0b |
| updated_at | 2017-07-11T21:11:54
|
+-----------------------+--------------------------------------+
If I instead create a policy target manually with the GBP
CLI client like this:
gbp pt-create --policy-target-group hello_ptg
hello_test_pt
The generated port looks like this:
$ openstack port show
74ea24e4-8925-4173-ba13-6b0fd319c18e
+-----------------------+------------------------------------------------------------------------------+
| Field | Value
|
+-----------------------+------------------------------------------------------------------------------+
| admin_state_up | UP
|
| allowed_address_pairs |
|
| binding_vnic_type | normal
|
| created_at | 2017-06-27T12:57:01
|
| description | None
|
| device_id |
|
| device_owner |
|
| extra_dhcp_opts |
|
| fixed_ips | ip_address='10.156.248.60',
subnet_id='31a163d5-4004-484e-9899-f60b2d9c0b47' | <--
filled in
| id |
74ea24e4-8925-4173-ba13-6b0fd319c18e
|
| mac_address | fa:16:3e:c5:58:6e
|
| name | pt_hello_test_pt
|
| network_id |
73e0fb36-8490-49c0-99e5-5033900c999b
|
| project_id |
c0351d9a317f4b16b79ba7fa1fec4e0b
|
| security_groups |
a3dd6bdc-bf85-4340-b305-166defc8e41c
|
| status | DOWN
|
| updated_at | 2017-06-27T12:57:01
|
+-----------------------+------------------------------------------------------------------------------+
How can I get a Neutron port populated with a fixed IP
auto-generated when creating policy targets from Heat?
Regards,
Lukas
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
