summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--environments/neutron-ml2-cisco-nexus-ucsm.yaml26
-rw-r--r--puppet/controller-puppet.yaml1
-rw-r--r--puppet/extraconfig/pre_deploy/controller/network-cisco.yaml141
-rw-r--r--puppet/hieradata/controller.yaml3
-rw-r--r--puppet/manifests/overcloud_controller.pp8
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp47
6 files changed, 226 insertions, 0 deletions
diff --git a/environments/neutron-ml2-cisco-nexus-ucsm.yaml b/environments/neutron-ml2-cisco-nexus-ucsm.yaml
new file mode 100644
index 00000000..c291634c
--- /dev/null
+++ b/environments/neutron-ml2-cisco-nexus-ucsm.yaml
@@ -0,0 +1,26 @@
+# A Heat environment file which can be used to enable a
+# a Cisco Neutron plugin.
+resource_registry:
+ OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/network-cisco.yaml
+
+parameter_defaults:
+ NetworkUCSMIp: '127.0.0.1'
+ NetworkUCSMUsername: 'admin'
+ NetworkUCSMPassword: 'password'
+ NetworkUCSMHostList: 'host1:profile1, host2:profile2'
+ NetworkUCSMSupportedPciDevs: ''
+ NetworkNexusConfig: {}
+ NetworkNexusManagedPhysicalNetwork: ''
+ NetworkNexusVlanNamePrefix: 'q-'
+ NetworkNexusSviRoundRobin: 'false'
+ NetworkNexusProviderVlanNamePrefix: 'p-'
+ NetworkNexusPersistentSwitchConfig: 'false'
+ NetworkNexusSwitchHeartbeatTime: 0
+ NetworkNexusSwitchReplayCount: 3
+ NetworkNexusProviderVlanAutoCreate: 'true'
+ NetworkNexusProviderVlanAutoTrunk: 'true'
+ NetworkNexusVxlanGlobalConfig: 'true'
+ NetworkNexusHostKeyChecks: 'false'
+ NetworkNexusVxlanVniRanges: '0:0'
+ NetworkNexusVxlanMcastRanges: '0.0.0.0:0.0.0.0'
+
diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml
index f1849e3e..f47463ab 100644
--- a/puppet/controller-puppet.yaml
+++ b/puppet/controller-puppet.yaml
@@ -910,6 +910,7 @@ resources:
- '"%{::osfamily}"'
- common
- cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
+ - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
datafiles:
controller_extraconfig:
mapped_data: {get_param: ControllerExtraConfig}
diff --git a/puppet/extraconfig/pre_deploy/controller/network-cisco.yaml b/puppet/extraconfig/pre_deploy/controller/network-cisco.yaml
new file mode 100644
index 00000000..ed3bf291
--- /dev/null
+++ b/puppet/extraconfig/pre_deploy/controller/network-cisco.yaml
@@ -0,0 +1,141 @@
+heat_template_version: 2015-04-30
+
+description: Configure hieradata for Network Cisco configuration
+
+parameters:
+ server:
+ description: ID of the controller node to apply this config to
+ type: string
+
+ NetworkUCSMIp:
+ type: string
+ description: Cisco UCSM IP
+ default: 127.0.0.1
+ NetworkUCSMUsername:
+ type: string
+ description: Cisco UCSM username
+ default: admin
+ NetworkUCSMPassword:
+ type: string
+ description: Cisco UCSM password
+ default: password
+ NetworkUCSMHostList:
+ type: string
+ description: Cisco UCSM hostname
+ default: 127.0.0.1
+ NetworkUCSMSupportedPciDevs:
+ type: string
+ description: Cisco UCSM SR-IOV and VM-FEX vendors supported
+ default: ''
+ NetworkNexusConfig:
+ type: json
+ description: Nexus switch configuration
+ default: {}
+ NetworkNexusManagedPhysicalNetwork:
+ type: string
+ description: The name of the physical_network
+ default: ''
+ NetworkNexusVlanNamePrefix:
+ type: string
+ description: A short prefix to prepend to the VLAN name
+ default: 'q-'
+ NetworkNexusSviRoundRobin:
+ type: boolean
+ description: A flag to enable round robin scheduling
+ default: false
+ NetworkNexusProviderVlanNamePrefix:
+ type: string
+ description: A short prefix to prepend to the VLAN name
+ default: 'p-'
+ NetworkNexusPersistentSwitchConfig:
+ type: string
+ description: To make Nexus device persistent
+ default: false
+ NetworkNexusSwitchHeartbeatTime:
+ type: number
+ description: Time interval to check the state of the Nexus device
+ default: 0
+ NetworkNexusSwitchReplayCount:
+ type: number
+ description: Number of times to attempt config replay
+ default: 3
+ NetworkNexusProviderVlanAutoCreate:
+ type: boolean
+ description: A flag whether to manage the creation and removal of VLANs
+ default: true
+ NetworkNexusProviderVlanAutoTrunk:
+ type: boolean
+ description: A flag whether to manage the trunk ports on the Nexus
+ default: true
+ NetworkNexusVxlanGlobalConfig:
+ type: boolean
+ description: A flag whether to manage the VXLAN global settings
+ default: true
+ NetworkNexusHostKeyChecks:
+ type: boolean
+ description: enable strict host key checks when connecting to Nexus switches
+ default: false
+ NetworkNexusVxlanVniRanges:
+ type: string
+ description: VXLAN Network IDs that are available for tenant network
+ default: ''
+ NetworkNexusVxlanMcastRanges:
+ type: string
+ description: Multicast groups for the VXLAN interface.
+ default: ''
+
+resources:
+ NetworkCiscoConfig:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ hiera:
+ datafiles:
+ neutron_cisco_data:
+ mapped_data:
+ neutron::plugins::ml2::cisco::ucsm::ucsm_ip: {get_input: UCSM_ip}
+ neutron::plugins::ml2::cisco::ucsm::ucsm_username: {get_input: UCSM_username}
+ neutron::plugins::ml2::cisco::ucsm::ucsm_password: {get_input: UCSM_password}
+ neutron::plugins::ml2::cisco::ucsm::ucsm_host_list: {get_input: UCSM_host_list}
+ neutron::plugins::ml2::cisco::ucsm::supported_pci_devs: {get_input: UCSMSupportedPciDevs}
+ neutron::plugins::ml2::cisco::nexus::nexus_config: {get_input: NexusConfig}
+ neutron::plugins::ml2::cisco::nexus::managed_physical_network: {get_input: NexusManagedPhysicalNetwork}
+ neutron::plugins::ml2::cisco::nexus::vlan_name_prefix: {get_input: NexusVlanNamePrefix}
+ neutron::plugins::ml2::cisco::nexus::svi_round_robin: {get_input: NexusSviRoundRobin}
+ neutron::plugins::ml2::cisco::nexus::provider_vlan_name_prefix: {get_input: NexusProviderVlanNamePrefix}
+ neutron::plugins::ml2::cisco::nexus::persistent_switch_config: {get_input: NexusPersistentSwitchConfig}
+ neutron::plugins::ml2::cisco::nexus::switch_heartbeat_time: {get_input: NexusSwitchHeartbeatTime}
+ neutron::plugins::ml2::cisco::nexus::switch_replay_count: {get_input: NexusSwitchReplayCount}
+ neutron::plugins::ml2::cisco::nexus::provider_vlan_auto_create: {get_input: NexusProviderVlanAutoCreate}
+ neutron::plugins::ml2::cisco::nexus::provider_vlan_auto_trunk: {get_input: NexusProviderVlanAutoTrunk}
+ neutron::plugins::ml2::cisco::nexus::vxlan_global_config: {get_input: NexusVxlanGlobalConfig}
+ neutron::plugins::ml2::cisco::nexus::host_key_checks: {get_input: NexusHostKeyChecks}
+ neutron::plugins::ml2::cisco::type_nexus_vxlan::vni_ranges: {get_input: NexusVxlanVniRanges}
+ neutron::plugins::ml2::cisco::type_nexus_vxlan::mcast_ranges: {get_input: NexusVxlanMcastRanges}
+
+ NetworkCiscoDeployment:
+ type: OS::Heat::StructuredDeployment
+ properties:
+ config: {get_resource: NetworkCiscoConfig}
+ server: {get_param: server}
+ input_values:
+ UCSM_ip: {get_param: NetworkUCSMIp}
+ UCSM_username: {get_param: NetworkUCSMUsername}
+ UCSM_password: {get_param: NetworkUCSMPassword}
+ UCSM_host_list: {get_param: NetworkUCSMHostList}
+ UCSMSupportedPciDevs: {get_param: NetworkUCSMSupportedPciDevs}
+ NexusConfig: {get_param: NetworkNexusConfig}
+ NexusManagedPhysicalNetwork: {get_param: NetworkNexusManagedPhysicalNetwork}
+ NexusVlanNamePrefix: {get_param: NetworkNexusVlanNamePrefix}
+ NexusSviRoundRobin: {get_param: NetworkNexusSviRoundRobin}
+ NexusProviderVlanNamePrefix: {get_param: NetworkNexusProviderVlanNamePrefix}
+ NexusPersistentSwitchConfig: {get_param: NetworkNexusPersistentSwitchConfig}
+ NexusSwitchHeartbeatTime: {get_param: NetworkNexusSwitchHeartbeatTime}
+ NexusSwitchReplayCount: {get_param: NetworkNexusSwitchReplayCount}
+ NexusProviderVlanAutoCreate: {get_param: NetworkNexusProviderVlanAutoCreate}
+ NexusProviderVlanAutoTrunk: {get_param: NetworkNexusProviderVlanAutoTrunk}
+ NexusVxlanGlobalConfig: {get_param: NetworkNexusVxlanGlobalConfig}
+ NexusHostKeyChecks: {get_param: NetworkNexusHostKeyChecks}
+ NexusVxlanVniRanges: {get_param: NetworkNexusVxlanVniRanges}
+ NexusVxlanMcastRanges: {get_param: NetworkNexusVxlanMcastRanges}
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 08ea3ebc..9929cfa6 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -92,6 +92,8 @@ heat::instance_user: ''
# pacemaker
pacemaker::corosync::cluster_name: 'tripleo_cluster'
pacemaker::corosync::manage_fw: false
+pacemaker::resource_defaults::defaults:
+ resource-stickiness: { value: INFINITY }
# horizon
horizon::allowed_hosts: '*'
@@ -99,6 +101,7 @@ horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
# mysql
mysql::server::manage_config_file: true
+mysql::server::remove_default_accounts: true
tripleo::loadbalancer::keystone_admin: true
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index 6cf01826..b98c3a40 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -246,6 +246,14 @@ if hiera('step') >= 3 {
tunnel_types => split(hiera('neutron_tunnel_types'), ','),
}
+ if 'cisco_ucsm' in hiera('neutron_mechanism_drivers') {
+ include ::neutron::plugins::ml2::cisco::ucsm
+ }
+ if 'cisco_nexus' in hiera('neutron_mechanism_drivers') {
+ include ::neutron::plugins::ml2::cisco::nexus
+ include ::neutron::plugins::ml2::cisco::type_nexus_vxlan
+ }
+
Service['neutron-server'] -> Service['neutron-dhcp-service']
Service['neutron-server'] -> Service['neutron-l3']
Service['neutron-server'] -> Service['neutron-ovs-agent-service']
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 14c01788..3a311655 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -177,6 +177,8 @@ if hiera('step') >= 2 {
if $pacemaker_master {
+ include pacemaker::resource_defaults
+
# FIXME: we should not have to access tripleo::loadbalancer class
# parameters here to configure pacemaker VIPs. The configuration
# of pacemaker VIPs could move into puppet-tripleo or we should
@@ -608,6 +610,14 @@ if hiera('step') >= 3 {
tunnel_types => split(hiera('neutron_tunnel_types'), ','),
}
+ if 'cisco_ucsm' in hiera('neutron_mechanism_drivers') {
+ include ::neutron::plugins::ml2::cisco::ucsm
+ }
+ if 'cisco_nexus' in hiera('neutron_mechanism_drivers') {
+ include ::neutron::plugins::ml2::cisco::nexus
+ include ::neutron::plugins::ml2::cisco::type_nexus_vxlan
+ }
+
include ::cinder
class { '::cinder::api':
sync_db => $sync_db,
@@ -873,6 +883,43 @@ if hiera('step') >= 4 {
clone_params => "interleave=true",
}
+ pacemaker::constraint::base { 'haproxy-then-keystone-constraint':
+ constraint_type => 'order',
+ first_resource => "haproxy-clone",
+ second_resource => "${::keystone::params::service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service['haproxy'],
+ Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ }
+ pacemaker::constraint::base { 'rabbitmq-then-keystone-constraint':
+ constraint_type => 'order',
+ first_resource => "rabbitmq-clone",
+ second_resource => "${::keystone::params::service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Ocf['rabbitmq'],
+ Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ }
+ pacemaker::constraint::base { 'memcached-then-keystone-constraint':
+ constraint_type => 'order',
+ first_resource => "memcached-clone",
+ second_resource => "${::keystone::params::service_name}-clone",
+ first_action => 'start',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Service['memcached'],
+ Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ }
+ pacemaker::constraint::base { 'galera-then-keystone-constraint':
+ constraint_type => 'order',
+ first_resource => "galera-master",
+ second_resource => "${::keystone::params::service_name}-clone",
+ first_action => 'promote',
+ second_action => 'start',
+ require => [Pacemaker::Resource::Ocf['galera'],
+ Pacemaker::Resource::Service[$::keystone::params::service_name]],
+ }
+
# Cinder
pacemaker::resource::service { $::cinder::params::api_service :
clone_params => "interleave=true",