With Release 3.0, contrail-heat resources/templates are being auto-generated fro

1. With Release 3.0, contrail-heat resources/templates are being auto-generated from the Schema.
2.  
3. The generated resources/templates are part of the python-contrail package and located in
4. /usr/lib/python2.7/dist-packages/vnc_api/gen/heat/ directory. This directory has three sub-directories
5.  
6. 1. resources/
7. This sub-directory contains all the resources for the contrail-heat plugin. It runs in the context
8. of the heat-engine service.
9. 2. templates/
10. This sub-directory contains template for each resource. They are sample templates with every possible
11. parameter in the schema. They should be used as a reference when you build up more complex templates
12. for your network design.
13. 3. env/
14. This sub-directories contains environment for input to each template.
15.  
16. Installation of contrail-heat
17. -----------------------------
18. Install the contrail-heat and python-contrail(vnc_api) package on the node running the openstack-heat.
19. contrail-heat resources use the vnc_api to communicate to the contrail-controller.
20.  
21. Configuration to use contrail-heat
22. ----------------------------------
23. Following changes are needed to the /etc/heat/heat.conf
24.  
25. 1. In the [DEFAULT] section, provide the plugin_dirs options
26. [DEFAULT]
27. ...
28. plugin_dirs = /usr/lib/python2.7/dist-packages/vnc_api/gen/heat/resources
29. ...
30.  
31. 2. Add a new section [clients_contrail] as follows
32. [clients_contrail]
33. user = <user_name>
34. password = <password>
35. tenant = <tenant_name>
36. api_server = <Ip address of contrail-controller>
37. api_base_url = /
38.  
39. ANY change in the heat.conf file or the resources under the plugin_dirs need the
40. service heat-engine to be restarted "service heat-engine restart"
41.  
42. The Heat Plugin Resources
43. -------------------------
44. Here is a list of all the generated plugin resources supported by contrail-heat.
45.  
46. access_control_list_heat.py
47. analytics_node_heat.py
48. api_access_list_heat.py
49. bgp_as_a_service_heat.py
50. bgp_router_heat.py
51. config_node_heat.py
52. config_root_heat.py
53. customer_attachment_heat.py
54. database_node_heat.py
55. discovery_service_assignment_heat.py
56. domain_heat.py
57. dsa_rule_heat.py
58. floating_ip_heat.py
59. floating_ip_pool_heat.py
60. global_system_config_heat.py
61. global_vrouter_config_heat.py
62. instance_ip_heat.py
63. interface_route_table_heat.py
64. loadbalancer_healthmonitor_heat.py
65. loadbalancer_heat.py
66. loadbalancer_listener_heat.py
67. loadbalancer_member_heat.py
68. loadbalancer_pool_heat.py
69. logical_interface_heat.py
70. logical_router_heat.py
71. namespace_heat.py
72. network_ipam_heat.py
73. network_policy_heat.py
74. physical_interface_heat.py
75. physical_router_heat.py
76. port_tuple_heat.py
77. project_heat.py
78. provider_attachment_heat.py
79. qos_forwarding_class_heat.py
80. qos_queue_heat.py
81. route_aggregate_heat.py
82. route_table_heat.py
83. route_target_heat.py
84. routing_instance_heat.py
85. routing_policy_heat.py
86. security_group_heat.py
87. service_appliance_heat.py
88. service_appliance_set_heat.py
89. service_health_check_heat.py
90. service_instance_heat.py
91. service_template_heat.py
92. subnet_heat.py
93. virtual_DNS_heat.py
94. virtual_DNS_record_heat.py
95. virtual_ip_heat.py
96. virtual_machine_heat.py
97. virtual_machine_interface_heat.py
98. virtual_network_heat.py
99. virtual_router_heat.py
100.  
101. Contrail Heat templates migration from R2.x to R3.0
102. ---------------------------------------------------
103. The contrail-heat resources in R2.X were hand coded and did not follow any process to name
104. the parameters in the resources defintion. The new R3.0 contrail-heat resources are
105. auto-generated from the schema and resource defintion follows the schema parameter defintion.
106. As a result, the templates from release R2.X are no longer compatible with the new R3.0 templates.
107. We will have to redo the templates in R3.0.
108.  
109. While coding any template for R3.0 release, look at the
110. /usr/lib/python2.7/dist-packages/vnc_api/gen/heat/template
111. Here you will find sample template defintion of each resource with each possible parameter.
112.  
113. Here is an example of virtual-network resource. We will convert it to the new template format.
114.  
115. Old Template
116. ------------
117.  
118. private_net:
119. type: OS::Contrail::VirtualNetwork
120. properties:
121. name: { get_param: net_name }
122. shared: { get_param: shared }
123. external: { get_param: external }
124. route_targets: { "Fn::Split" : [ ",", Ref: route_targets ] }
125. forwarding_mode: { get_param: forwarding_mode }
126. allow_transit: { get_param: allow_transit }
127. flood_unknown_unicast: {get_param: flood_unknown_unicast }
128.  
129. New Template
130. ------------
131.  
132. private_net:
133. type: OS::Contrail::VirtualNetwork
134. properties:
135. name: { get_param: net_name }
136. is_shared: { get_param: shared }
137. router_external: { get_param: external }
138. route_target_list:
139. {
140. route_target_list_route_target: [{ get_param: route_target }],
141. }
142. virtual_network_properties:
143. {
144. virtual_network_properties_allow_transit: { get_param: allow_transit },
145. virtual_network_properties_forwarding_mode: { get_param: forwarding_mode },
146. }
147. flood_unknown_unicast: {get_param: flood_unknown_unicast }
148.  
149.  
150. Another change in R3.0 template is the way one resource is referred by other resource.
151. We will take an explicit example of a netowkr-policy referred by a virtual-network.
152. In Release R2.x we had a resource called attach-policy to link network-policy to
153. the virtual-network. With release R3.0, we now refer the linked resource directly as
154. a parameter, in this example virtual-network would refer to the network-policy directly.
155.  
156. Old Way of linking network-policy to virtual-network
157. ----------------------------------------------------
158.  
159. resources:
160. private_net_1:
161. type: OS::Neutron::Net
162. properties:
163. name: { get_param: private_net_1_name }
164.  
165. private_net_2:
166. type: OS::Neutron::Net
167. properties:
168. name: { get_param: private_net_2_name }
169.  
170. private_policy:
171. type: OS::Contrail::NetworkPolicy
172. properties:
173. name: { get_param: policy_name }
174. entries:
175. policy_rule: [
176. {
177. "direction": { get_param: direction },
178. "protocol": "any",
179. "src_ports": [{"start_port": {get_param: start_src_ports}, "end_port": {get_param: end_src_ports}}],
180. "dst_ports": [{"start_port": {get_param: start_dst_ports}, "end_port": {get_param: end_dst_ports}}],
181. "dst_addresses": [{ "virtual_network": {get_resource: private_net_1}}],
182. "action_list": {"simple_action": {get_param: action}},
183. "src_addresses": [{ "virtual_network": {get_resource: private_net_2}}]
184. },
185. ]
186.  
187. private_policy_attach_net:
188. type: OS::Contrail::AttachPolicy
189. properties:
190. network: { get_resource: private_net_1 }
191. policy: { get_attr: [private_policy, fq_name] }
192.  
193. private_policy_attach_net2:
194. type: OS::Contrail::AttachPolicy
195. properties:
196. network: { get_resource: private_net_2 }
197. policy: { get_attr: [private_policy, fq_name] }
198.  
199.  
200. New Way of linking network-policy to virtual-network
201. ----------------------------------------------------
202.  
203. template_VirtualNetwork_2:
204. type: OS::Contrail::VirtualNetwork
205. depends_on: [ template_NetworkPolicy ]
206. properties:
207. name: { get_param: left_vn }
208. network_policy_refs: [{ list_join: [':', { get_attr: [ template_NetworkPolicy, fq_name ] } ] }]
209. network_policy_refs_data:
210. [{
211. network_policy_refs_data_sequence:
212. {
213. network_policy_refs_data_sequence_major: 0,
214. network_policy_refs_data_sequence_minor: 0,
215. },
216. }]
217.  
218. template_NetworkPolicy:
219. type: OS::Contrail::NetworkPolicy
220. properties:
221. name: { get_param: policy_name }
222. network_policy_entries:
223. {
224. network_policy_entries_policy_rule: [{
225. network_policy_entries_policy_rule_direction: { get_param: direction },
226. network_policy_entries_policy_rule_protocol: { get_param: protocol },
227. network_policy_entries_policy_rule_src_ports: [{
228. network_policy_entries_policy_rule_src_ports_start_port: { get_param: src_port_start },
229. network_policy_entries_policy_rule_src_ports_end_port: { get_param: src_port_end }
230. }],
231. network_policy_entries_policy_rule_dst_ports: [{
232. network_policy_entries_policy_rule_dst_ports_start_port: { get_param: dst_port_start },
233. network_policy_entries_policy_rule_dst_ports_end_port: { get_param: dst_port_end }
234. }],
235. network_policy_entries_policy_rule_dst_addresses: [{
236. network_policy_entries_policy_rule_dst_addresses_virtual_network: { get_param: right_vn_fqdn }
237. }],
238. network_policy_entries_policy_rule_src_addresses: [{
239. network_policy_entries_policy_rule_src_addresses_virtual_network: { get_param: left_vn_fqdn }
240. }],
241. network_policy_entries_policy_rule_action_list: {
242. network_policy_entries_policy_rule_action_list_simple_action: { get_param: simple_action },
243. network_policy_entries_policy_rule_action_list_apply_service: [[{ get_param: service_instance_fq_name }]]
244. },
245. }]
246. }