Heat¶
Installation and Configuration¶
Devstack will automatically configure heat to support BGPVPN.
Other deployments need to add the directory for the python networking_bgpvpn_heat module
to plugin_dirs in the heat config: /etc/heat/heat.conf.
This directory can be found out with:
dirname $(python -c "import networking_bgpvpn_heat as n;print(n.__file__)")
Examples¶
Heat Orchestration Template (HOT) example 1¶
This template has to be run with admin rights and will create a BGPVPN for the current tenant, along with a Network associated with it:
description: BGPVPN networking example (admin)
heat_template_version: '2013-05-23'
resources:
BGPVPN1:
type: OS::Neutron::BGPVPN
properties:
import_targets: [ "100:1001"]
export_targets: [ "100:1002"]
route_targets: [ "100:1000" ]
name: "default VPN"
Net1:
type: OS::Neutron::Net
SubNet1:
type: OS::Neutron::Subnet
properties:
network: { get_resource: Net1 }
cidr: 192.168.10.0/24
BGPVPN_NET_assoc1:
type: OS::Neutron::BGPVPN-NET-ASSOCIATION
properties:
bgpvpn_id: { get_resource: BGPVPN1 }
network_id: { get_resource: Net1 }
In devstack, this HOT file can be used with cloud admin privileges in the demo project; such privileges can be obtained with the command:
source openrc admin demo
This example can then be run:
$ heat stack-create networks -f bgpvpn_test-00.yaml
+--------------------------------------+------------+--------------------+---------------------+--------------+
| id | stack_name | stack_status | creation_time | updated_time |
+--------------------------------------+------------+--------------------+---------------------+--------------+
| 5a6c2bf1-c5da-4f8f-9838-4c3e59d13d41 | networks | CREATE_IN_PROGRESS | 2016-03-02T08:32:52 | None |
+--------------------------------------+------------+--------------------+---------------------+--------------+
$ heat stack-list
+--------------------------------------+------------+-----------------+---------------------+--------------+
| id | stack_name | stack_status | creation_time | updated_time |
+--------------------------------------+------------+-----------------+---------------------+--------------+
| 5a6c2bf1-c5da-4f8f-9838-4c3e59d13d41 | networks | CREATE_COMPLETE | 2016-03-02T08:32:52 | None |
+--------------------------------------+------------+-----------------+---------------------+--------------+
Heat Orchestration Template (HOT) example 2¶
This is a set of two templates:
one that has to be run with admin rights and will create a BGPVPN for the ‘demo’ tenant:
description: BGPVPN networking example (admin)
heat_template_version: '2013-05-23'
resources:
BGPVPN1:
type: OS::Neutron::BGPVPN
properties:
import_targets: [ "100:1001"]
export_targets: [ "100:1002"]
route_targets: [ "100:1000" ]
name: "default_vpn"
tenant_id: "demo"
$ source openrc admin admin
$ heat stack-create bgpvpn -f bgpvpn_test-04-admin.yaml
one to run as a plain ‘demo’ tenant user, that will:
create a Network and bind it to the ‘default_vpn’ BGPVPN
create a second Network connected to a Router, and bind the Router to the ‘default_vpn’
description: BGPVPN networking example (tenant) heat_template_version: '2013-05-23' resources: Net1: type: OS::Neutron::Net SubNet1: type: OS::Neutron::Subnet properties: network: { get_resource: Net1 } cidr: 192.168.10.0/24 BGPVPN_NET_assoc1: type: OS::Neutron::BGPVPN-NET-ASSOCIATION properties: bgpvpn_id: "default_vpn" network_id: { get_resource: Net1 } Net2: type: OS::Neutron::Net SubNet2: type: OS::Neutron::Subnet properties: network: { get_resource: Net2 } cidr: 192.168.10.0/24 Router: type: OS::Neutron::Router router_interface: type: OS::Neutron::RouterInterface properties: router_id: { get_resource: Router } subnet_id: { get_resource: SubNet2 } BGPVPN_router_assoc1: type: OS::Neutron::BGPVPN-ROUTER-ASSOCIATION properties: bgpvpn_id: "default_vpn" router_id: { get_resource: Router } Net3: type: OS::Neutron::Net SubNet3: type: OS::Neutron::Subnet properties: network: { get_resource: Net3 } cidr: 192.168.10.0/24 Port: type: OS::Neutron::Port properties: network: { get_resource: Net3 } BGPVPN_port_assoc1: type: OS::Neutron::BGPVPN-PORT-ASSOCIATION properties: bgpvpn_id: "default_vpn" port_id: { get_resource: Port }
$ source openrc demo demo $ heat stack-create networks_bgpvpn -f bgpvpn_test-04-tenant.yaml +--------------------------------------+-----------------+--------------------+---------------------+--------------+ | id | stack_name | stack_status | creation_time | updated_time | +--------------------------------------+-----------------+--------------------+---------------------+--------------+ | a3cf1c1b-ac6c-425c-a4b5-d8ca894539f2 | networks_bgpvpn | CREATE_IN_PROGRESS | 2016-03-02T09:16:39 | None | +--------------------------------------+-----------------+--------------------+---------------------+--------------+ $ openstack bgpvpn list +--------------------------------------+-------------+------+-------------------------------------------+------------------------------------------------+ | id | name | type | networks | routers | +--------------------------------------+-------------+------+-------------------------------------------+------------------------------------------------+ | 473e5218-f4a2-46bd-8086-36d6849ecf8e | default VPN | l3 | [u'5b1af75b-0608-4e03-aac1-2608728be45d'] | [u'cb9c7304-e844-447d-88e9-4a0a2dc14d21'] | +--------------------------------------+-------------+------+-------------------------------------------+------------------------------------------------+
