Heat

Installation and Configuration

Devstack will automatically configure heat to support BGPVPN.

Other deployments need to add the directory for the python networking_bgpvpn_heat module to plugin_dirs in the heat config: /etc/heat/heat.conf.

This directory can be found out with:

dirname $(python -c "import networking_bgpvpn_heat as n;print(n.__file__)")

Examples

Heat Orchestration Template (HOT) example 1

This template has to be run with admin rights and will create a BGPVPN for the current tenant, along with a Network associated with it:

description: BGPVPN networking example (admin)
heat_template_version: '2013-05-23'

resources:

  BGPVPN1:
    type: OS::Neutron::BGPVPN
    properties:
        import_targets: [ "100:1001"]
        export_targets: [ "100:1002"]
        route_targets: [ "100:1000" ]
        name: "default VPN"

  Net1:
    type: OS::Neutron::Net

  SubNet1:
    type: OS::Neutron::Subnet
    properties:
       network: { get_resource: Net1 }
       cidr: 192.168.10.0/24

  BGPVPN_NET_assoc1:
    type: OS::Neutron::BGPVPN-NET-ASSOCIATION
    properties:
        bgpvpn_id: { get_resource: BGPVPN1 }
        network_id: { get_resource: Net1 }

In devstack, this HOT file can be used with cloud admin privileges in the demo project; such privileges can be obtained with the command:

source openrc admin demo

This example can then be run:

$ heat stack-create networks -f bgpvpn_test-00.yaml
+--------------------------------------+------------+--------------------+---------------------+--------------+
| id                                   | stack_name | stack_status       | creation_time       | updated_time |
+--------------------------------------+------------+--------------------+---------------------+--------------+
| 5a6c2bf1-c5da-4f8f-9838-4c3e59d13d41 | networks   | CREATE_IN_PROGRESS | 2016-03-02T08:32:52 | None         |
+--------------------------------------+------------+--------------------+---------------------+--------------+

$ heat stack-list
+--------------------------------------+------------+-----------------+---------------------+--------------+
| id                                   | stack_name | stack_status    | creation_time       | updated_time |
+--------------------------------------+------------+-----------------+---------------------+--------------+
| 5a6c2bf1-c5da-4f8f-9838-4c3e59d13d41 | networks   | CREATE_COMPLETE | 2016-03-02T08:32:52 | None         |
+--------------------------------------+------------+-----------------+---------------------+--------------+

Heat Orchestration Template (HOT) example 2

This is a set of two templates:

  • one that has to be run with admin rights and will create a BGPVPN for the ‘demo’ tenant:

description: BGPVPN networking example (admin)
heat_template_version: '2013-05-23'

resources:
  BGPVPN1:
    type: OS::Neutron::BGPVPN
    properties:
        import_targets: [ "100:1001"]
        export_targets: [ "100:1002"]
        route_targets: [ "100:1000" ]
        name: "default_vpn"
        tenant_id: "demo"
$ source openrc admin admin
$ heat stack-create bgpvpn -f bgpvpn_test-04-admin.yaml
  • one to run as a plain ‘demo’ tenant user, that will:

    • create a Network and bind it to the ‘default_vpn’ BGPVPN

    • create a second Network connected to a Router, and bind the Router to the ‘default_vpn’

    description: BGPVPN networking example (tenant)
    heat_template_version: '2013-05-23'
    
    resources:
        Net1:
            type: OS::Neutron::Net
    
        SubNet1:
            type: OS::Neutron::Subnet
            properties:
               network: { get_resource: Net1 }
               cidr: 192.168.10.0/24
    
        BGPVPN_NET_assoc1:
            type: OS::Neutron::BGPVPN-NET-ASSOCIATION
            properties:
                bgpvpn_id: "default_vpn"
                network_id: { get_resource: Net1 }
    
        Net2:
            type: OS::Neutron::Net
    
        SubNet2:
            type: OS::Neutron::Subnet
            properties:
               network: { get_resource: Net2 }
               cidr: 192.168.10.0/24
    
        Router:
            type: OS::Neutron::Router
    
        router_interface:
            type: OS::Neutron::RouterInterface
            properties:
               router_id: { get_resource: Router }
               subnet_id: { get_resource: SubNet2 }
    
        BGPVPN_router_assoc1:
            type: OS::Neutron::BGPVPN-ROUTER-ASSOCIATION
            properties:
                bgpvpn_id: "default_vpn"
                router_id: { get_resource: Router }
    
        Net3:
            type: OS::Neutron::Net
    
        SubNet3:
            type: OS::Neutron::Subnet
            properties:
               network: { get_resource: Net3 }
               cidr: 192.168.10.0/24
        Port:
            type: OS::Neutron::Port
            properties:
               network: { get_resource: Net3 }
        BGPVPN_port_assoc1:
            type: OS::Neutron::BGPVPN-PORT-ASSOCIATION
            properties:
                bgpvpn_id: "default_vpn"
                port_id: { get_resource: Port }
    
    $ source openrc demo demo
    $ heat stack-create networks_bgpvpn -f bgpvpn_test-04-tenant.yaml
    +--------------------------------------+-----------------+--------------------+---------------------+--------------+
    | id                                   | stack_name      | stack_status       | creation_time       | updated_time |
    +--------------------------------------+-----------------+--------------------+---------------------+--------------+
    | a3cf1c1b-ac6c-425c-a4b5-d8ca894539f2 | networks_bgpvpn | CREATE_IN_PROGRESS | 2016-03-02T09:16:39 | None         |
    +--------------------------------------+-----------------+--------------------+---------------------+--------------+
    
    $ openstack bgpvpn list
    +--------------------------------------+-------------+------+-------------------------------------------+------------------------------------------------+
    | id                                   | name        | type | networks                                  | routers                                        |
    +--------------------------------------+-------------+------+-------------------------------------------+------------------------------------------------+
    | 473e5218-f4a2-46bd-8086-36d6849ecf8e | default VPN | l3   | [u'5b1af75b-0608-4e03-aac1-2608728be45d'] | [u'cb9c7304-e844-447d-88e9-4a0a2dc14d21']      |
    +--------------------------------------+-------------+------+-------------------------------------------+------------------------------------------------+