Ask Your Question
1

How can I do "router add port" from Heat [closed]

asked 2017-05-31 07:27:16 -0500

jkrah gravatar image

updated 2017-06-08 07:50:42 -0500

Just wondering if how I can perform a "router add port" from a heat template..

I have created a ("dmz") router that is patched to my "public" (external / provider?) network .. .. and I am trying to patch a second ("app") router into it. from the cli I have been running..

port create --fixed-ip ip-address=10.0.1.3,subnet=dmz-sub --network dmz-net dmz-app-port
router add port app-router dmz-app-port

.. and it seems to do exactly what I want.. but I cant seem to figure out how to automate it HEAT..

In summary I'm trying to build a simple (single tenant) multi zoned (ie multiple L3 networks) architecture.. ie. Public <-> ROUTER <-> DMZ-LAN <-> ROUTER <-> APP-LAN

Hope this makes some sort of sense.. I'm afraid I am still pretty new to openstack .. tried googling and found other cases where they were using "router add port" on the cli .. but cant seem to find the solution for HEAT template.. Thanks heaps in advance !! :-)

EDIT: here is my template

heat_template_version: 2016-10-14
description: 2 routers test

resources:
########################
# network create dmz-net
# subnet create --subnet-range 10.0.1.0/24 --dhcp --gateway 10.0.1.1 --allocation-pool start=10.0.1.32,end=10.0.1.240 --network dmz-net dmz-sub
# network dmz-net dmz-sub
#    
  dmz-net:
    type: OS::Neutron::Net
    properties:
      name: dmz-net

  dmz-sub:
    type: OS::Neutron::Subnet
    depends_on: dmz-net
    properties:
      name: dmz-sub
      network:  { get_resource: dmz-net }
      cidr: "10.0.1.0/24"
      enable_dhcp: true
      allocation_pools: [{"start": 10.0.1.32, "end": 10.0.1.240 }]
      gateway_ip: "10.0.1.1"

########################
# network create app-net
# subnet create --subnet-range 10.0.2.0/24 --dhcp --gateway 10.0.2.1 --allocation-pool start=10.0.2.32,end=10.0.2.240  --network app-net app-sub
#
  app-net:
    type: OS::Neutron::Net
    properties:
      name: app-net

  app-sub:
    type: OS::Neutron::Subnet
    depends_on: app-net
    properties:
      name: app-sub
      network: { get_resource: app-net }
      cidr: "10.0.2.0/24"
      enable_dhcp: true
      allocation_pools: [{"start": 10.0.2.32, "end": 10.0.2.240 }]
      gateway_ip: "10.0.2.1"

########################
# router create dmz-router
# router set dmz-router --external-gateway public 
# router add subnet dmz-router dmz-sub

### Routers 
  dmz-router:
    type: OS::Neutron::Router
    properties:
      name: dmz-router
      external_gateway_info: { network: public }

  dmz-router-patch:
    description: dmz-router patch into DMZ
    type: OS::Neutron::RouterInterface
    depends_on: [ dmz-router, dmz-sub ]
    properties:
      router: { get_resource: dmz-router } 
      subnet: { get_resource: dmz-sub }

#################
####  APP Router
#router create app-router
#router add subnet app-router app-sub

  app-router:
    type: OS::Neutron::Router
    properties:
      name: app-router

  app-router-patch:
    description: app-router patch into APP
    type: OS::Neutron::RouterInterface
    depends_on: [ app-router, app-net ]
    properties:
      router: { get_resource: app-router }
      subnet: { get_resource: app-sub }

#################
# at this point we have
# public <--[dmz-router (.1)]--> dmz-net   [app-router (.1)]--> app-net
# ie. app-router is not connected to dmz-net  

##################
# port create --fixed-ip ip-address=10.0.1.3,subnet=dmz-sub --network dmz-net dmz-app-port
# router add port app-router dmz-app-port
  dmz-app-port:
    type: OS::Neutron::Port
    depends_on:  app-router-patch
    properties:
      network: { get_resource: dmz-net }
      fixed_ips: [ subnet: { get_resource: dmz-sub } , ip_address: 10.0.1.3 ]

  dmz-app-port-attach:
    type: OS::Neutron::RouterInterface
    depends_on: dmz-app-port
    properties:
      router: { get_resource: app-router }
      port: { get_resource: dmz-app-port }


# 2017-06-03 03:08:33Z [net2.dmz-app-port-attach]: CREATE_FAILED  BadRequest: resources.dmz-app-port-attach: Bad router request: Cannot have multiple IPv4 subnets on router ...
(more)
edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by jkrah
close date 2017-06-08 07:51:04.933406

1 answer

Sort by ยป oldest newest most voted
0

answered 2017-06-01 10:48:52 -0500

zaneb gravatar image

updated 2017-06-05 08:21:15 -0500

Use an OS::Neutron::RouterInterface resource, like so:

  dmz_app_port:
    type: OS::Neutron::Port
    properties:
      network: dmz-net
      fixed_ips:
        - ip_address: 10.0.1.3
          subnet: dmz-sub

  dmz_app_router_if:
    type: OS::Neutron::RouterInterface
    properties:
      router: app-router
      port: {get_resource: dmz_app_port}
edit flag offensive delete link more

Comments

Thanks so much for the reply.. but still no luck I'm afraid..
I'm getting "Unknown Property fixed_ip" from the above syntax I have also been trying the syntax fixed_ips: [ subnet: { get_resource: dmz-sub } , ip_address: 10.0.1.3 ] but tells me Cannot have multiple IPv4 subnets on router port

jkrah gravatar imagejkrah ( 2017-06-02 22:13:39 -0500 )edit

I will revise the question ans include the yaml file .. hopefully that helps.. It seems pretty basic what Im trying to do so I must be just missing something.. thanks again for trying to help :-)

jkrah gravatar imagejkrah ( 2017-06-02 22:15:15 -0500 )edit

Whoops, I fixed the fixed_ips syntax, yours was correct.

zaneb gravatar imagezaneb ( 2017-06-05 08:22:09 -0500 )edit

Actually no, your syntax was incorrect (it was missing {} inside the []), and that was the cause of your problem (it was creating one fixed IP on the dmz-sub subnet and a second with the IP address 10.0.1.3). My updated syntax is correct.

zaneb gravatar imagezaneb ( 2017-06-05 08:34:46 -0500 )edit

Awesome, it works !! thanks so much!! I think I might need to read up a bit more about YAML :-( ..

jkrah gravatar imagejkrah ( 2017-06-06 04:03:12 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2017-05-31 07:27:16 -0500

Seen: 555 times

Last updated: Jun 08 '17