Fork: 0
jesse.austin / openstack-caracal-ipv4
Transfer to URL with SHA Find file
Newer
Older
openstack-caracal-ipv4 / docs / netbox-vip-queue.md
@JANeumatrix JANeumatrix 20 hours ago 5 KB Updated yaml and doc netbox
Raw Blame History

Post-deployment NetBox VIP imports (queued from workstream 2)

Status: Queued. To be imported after successful cloud deployment + validation, once netbox/ipv4-prefixes-import.py engineer review unblocks the Provider /22 prefix import.

Background: Per D-010 (NetBox-upstream policy), IPAM entries should exist in NetBox before being written into IaC. For v1 testcloud, this rule was relaxed under workstream 2 (2026-05-22) to avoid blocking the rebuild on the engineer review. VIPs were written into bundle.yaml directly. This document captures the corresponding NetBox writes that need to happen post-deploy.

Scope: v1 only (IPv4). v2 IPv6 VIPs are out of scope.

Provider prefix (parent — gating)

Before any IPAddress entries can be created, the parent prefix must exist:

Prefix Site Role Status
10.12.4.0/22 VR0 DC0 provider Active

Created by: netbox/ipv4-prefixes-import.py (per D-010, gated on engineer review).

VIP IPAddress entries

All entries under prefix 10.12.4.0/22, tenant scope = VR0 DC0 Omega Cloud (or appropriate testcloud tenant convention).

IP Status DNS name Description
10.12.4.224/22 Active barbican.omega.dc0.vr0.cloud.neumatrix.local barbican API VIP — Charmed OpenStack hacluster
10.12.4.225/22 Reserved RESERVED for ceph-radosgw HA VIP in v2 (workstream-2 decision; ceph-radosgw HA deferred to v2)
10.12.4.226/22 Active cinder.omega.dc0.vr0.cloud.neumatrix.local cinder API VIP — Charmed OpenStack hacluster
10.12.4.227/22 Active designate.omega.dc0.vr0.cloud.neumatrix.local designate API VIP — Charmed OpenStack hacluster
10.12.4.228/22 Active glance.omega.dc0.vr0.cloud.neumatrix.local glance API VIP — Charmed OpenStack hacluster
10.12.4.229/22 Active keystone.omega.dc0.vr0.cloud.neumatrix.local keystone API VIP — Charmed OpenStack hacluster
10.12.4.230/22 Active magnum.omega.dc0.vr0.cloud.neumatrix.local magnum API VIP — Charmed OpenStack hacluster
10.12.4.231/22 Active neutron.omega.dc0.vr0.cloud.neumatrix.local neutron-api API VIP — Charmed OpenStack hacluster
10.12.4.232/22 Active nova.omega.dc0.vr0.cloud.neumatrix.local nova-cloud-controller API VIP — Charmed OpenStack hacluster
10.12.4.233/22 Active octavia.omega.dc0.vr0.cloud.neumatrix.local octavia API VIP — Charmed OpenStack hacluster
10.12.4.234/22 Active horizon.omega.dc0.vr0.cloud.neumatrix.local openstack-dashboard (Horizon) VIP — Charmed OpenStack hacluster
10.12.4.235/22 Active placement.omega.dc0.vr0.cloud.neumatrix.local placement API VIP — Charmed OpenStack hacluster
10.12.4.236/22 Active vault.omega.dc0.vr0.cloud.neumatrix.local vault VIP — Charmed Vault hacluster (D-006)

Notes:

  • Mask is /22 (the parent prefix mask), not /32 — NetBox convention for endpoint IP addresses within a prefix.
  • The Reserved slot at .225 documents the v2 intent without consuming an active allocation. When v2 work brings ceph-radosgw HA online, this entry's Status flips Reserved → Active and the bundle's # v2-deferred: markers are uncommented.
  • nova-cloud-controller charm → DNS short name nova (catalog service name, not charm name).
  • openstack-dashboard charm → DNS short name horizon (project name).
  • neutron-api charm → DNS short name neutron.

FIP pool — for completeness (not part of workstream 2)

Per D-003, the Provider /22 also carries the Neutron FIP pool. These are NOT individual IPAddress entries; they're modeled as an IP Range under the prefix:

Range Purpose
10.12.4.10 – 10.12.4.223 Neutron FIP pool (created by ipv4-prefixes-import.py)
10.12.4.224 – 10.12.4.254 API VIP pool (the 13 entries above + future)

Neutron allocation_pools for the provider subnet MUST exclude .224–.254 — this is enforced in runbooks/06-tenant-setup.md (or wherever the provider subnet is created).

Execution path (when unblocked)

  1. Confirm engineer review of netbox/ipv4-prefixes-import.py has signed off.
  2. Run netbox/ipv4-prefixes-import.py — creates the Provider /22 prefix + FIP IP Range + API VIP IP Range.
  3. Add the 13 IPAddress entries from the table above. Two paths:
    • Web UI: Per-entry manual creation. Tedious but reviewable.
    • API/script: Extend ipv4-prefixes-import.py with a VIP-addresses section, OR write a separate netbox/ipv4-vips-import.py that reads this document (or a YAML/CSV companion). Idempotent (skip-if-exists).
  4. Sanity check: NetBox prefix view of 10.12.4.0/22 shows all 13 entries.
  5. Cross-check: every active VIP in bundle.yaml has a matching Active entry in NetBox; the Reserved entry at .225 has no corresponding bundle entry (v2-deferred).

Change log

Date Change Reference
2026-05-22 Document created. 12 active VIP allocations queued + 1 v2-reserved slot. Workstream 2 — VIP allocation + hacluster activation