diff options
| -rw-r--r-- | environments/neutron-ovs-dpdk.yaml | 18 | ||||
| -rw-r--r-- | network/config/bond-with-vlans/compute-dpdk.yaml | 192 | ||||
| -rw-r--r-- | network/service_net_map.yaml | 6 | ||||
| -rw-r--r-- | overcloud-resource-registry-puppet.yaml | 1 | ||||
| -rw-r--r-- | overcloud.yaml | 1 | ||||
| -rw-r--r-- | puppet/all-nodes-config.yaml | 14 | ||||
| -rw-r--r-- | puppet/services/ceph-base.yaml | 8 | ||||
| -rw-r--r-- | puppet/services/heat-base.yaml | 10 | ||||
| -rw-r--r-- | puppet/services/heat-engine.yaml | 2 | ||||
| -rw-r--r-- | puppet/services/ironic-api.yaml | 16 | ||||
| -rw-r--r-- | puppet/services/ironic-conductor.yaml | 17 | ||||
| -rw-r--r-- | puppet/services/neutron-base.yaml | 10 | ||||
| -rw-r--r-- | puppet/services/neutron-ovs-dpdk-agent.yaml | 6 | ||||
| -rwxr-xr-x | tools/yaml-validate.py | 5 |
14 files changed, 264 insertions, 42 deletions
diff --git a/environments/neutron-ovs-dpdk.yaml b/environments/neutron-ovs-dpdk.yaml new file mode 100644 index 00000000..004b8ac0 --- /dev/null +++ b/environments/neutron-ovs-dpdk.yaml @@ -0,0 +1,18 @@ +## A Heat environment that can be used to deploy DPDK with OVS +resource_registry: + OS::TripleO::Services::ComputeNeutronOvsAgent: ../puppet/services/neutron-ovs-dpdk-agent.yaml + +parameter_defaults: + ## NeutronDpdkCoreList and NeutronDpdkMemoryChannels are REQUIRED settings. + ## Attempting to deploy DPDK without appropriate values will cause deployment to fail or lead to unstable deployments. + #NeutronDpdkCoreList: "" + #NeutronDpdkMemoryChannels: "" + + NeutronDatapathType: "netdev" + NeutronVhostuserSocketDir: "/var/run/openvswitch" + + #NeutronDpdkSocketMemory: "" + #NeutronDpdkDriverType: "vfio-pci" + #NovaReservedHostMemory: 4096 + #NovaVcpuPinSet: "" + diff --git a/network/config/bond-with-vlans/compute-dpdk.yaml b/network/config/bond-with-vlans/compute-dpdk.yaml new file mode 100644 index 00000000..3fc764be --- /dev/null +++ b/network/config/bond-with-vlans/compute-dpdk.yaml @@ -0,0 +1,192 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config with 2 bonded nics on a bridge + with VLANs attached for the compute role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + BondInterfaceOvsOptions: + default: '' + description: The ovs_options string for the bond interface. Set things like + lacp=active and/or bond_mode=balance-slb using this option. + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + ExternalInterfaceDefaultRoute: # Not used by default in this template + default: '10.0.0.1' + description: The default route of the external network. + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + type: interface + name: nic1 + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + - + type: ovs_bridge + name: {get_input: bridge_name} + members: + - + type: ovs_bond + name: bond1 + ovs_options: {get_param: BondInterfaceOvsOptions} + members: + - + type: interface + name: nic2 + primary: true + - + type: interface + name: nic3 + - + type: vlan + device: bond1 + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + - + type: vlan + device: bond1 + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the Control Plane. + #- + # type: vlan + # device: bond1 + # vlan_id: {get_param: ManagementNetworkVlanID} + # addresses: + # - + # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} + - + type: ovs_user_bridge + name: br-link + members: + - + type: ovs_dpdk_bond + name: dpdkbond0 + members: + - + type: ovs_dpdk_port + name: dpdk0 + members: + - + type: interface + name: nic4 + - + type: ovs_dpdk_port + name: dpdk1 + members: + - + type: interface + name: nic5 + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/network/service_net_map.yaml b/network/service_net_map.yaml index e30a6304..4cfff402 100644 --- a/network/service_net_map.yaml +++ b/network/service_net_map.yaml @@ -23,7 +23,8 @@ parameters: CinderIscsiNetwork: storage GlanceApiNetwork: storage GlanceRegistryNetwork: internal_api - IronicApiNetwork: internal_api + IronicApiNetwork: ctlplane + IronicNetwork: ctlplane KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints KeystonePublicApiNetwork: internal_api ManilaApiNetwork: internal_api @@ -41,7 +42,7 @@ parameters: RedisNetwork: internal_api MysqlNetwork: internal_api CephClusterNetwork: storage_mgmt - CephPublicNetwork: storage + CephMonNetwork: storage ControllerHostnameResolveNetwork: internal_api ComputeHostnameResolveNetwork: internal_api BlockStorageHostnameResolveNetwork: internal_api @@ -59,6 +60,7 @@ parameters: default: MongoDbNetwork: MongodbNetwork RabbitMqNetwork: RabbitmqNetwork + CephPublicNetwork: CephMonNetwork description: Mapping older deprecated service names, intended for internal use only, this will be removed in future. type: json diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index c9870982..a1a8d921 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -167,7 +167,6 @@ resource_registry: OS::TripleO::Services::NeutronCorePluginOpencontrail: puppet/services/neutron-plugin-opencontrail.yaml OS::TripleO::Services::NeutronCorePluginMidonet: puppet/services/neutron-midonet.yaml OS::TripleO::Services::NeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml - # ComputeNeutronOvsAgent can be overriden to puppet/services/neutron-ovs-dpdk-agent.yaml also to enable DPDK OS::TripleO::Services::ComputeNeutronOvsAgent: puppet/services/neutron-ovs-agent.yaml OS::TripleO::Services::Pacemaker: OS::Heat::None OS::TripleO::Services::NeutronSriovAgent: OS::Heat::None diff --git a/overcloud.yaml b/overcloud.yaml index 82fdedc3..4bdd0b82 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -624,7 +624,6 @@ resources: memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]} keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]} - ceph_mon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CephPublicNetwork]}]} ceph_mon_node_names: {get_attr: [Controller, hostname]} DeployIdentifier: {get_param: DeployIdentifier} UpdateIdentifier: {get_param: UpdateIdentifier} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index 644c1938..a43e9645 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -22,8 +22,6 @@ parameters: type: comma_delimited_list keystone_admin_api_node_ips: type: comma_delimited_list - ceph_mon_node_ips: - type: comma_delimited_list ceph_mon_node_names: type: comma_delimited_list DeployIdentifier: @@ -126,18 +124,6 @@ resources: list_join: - ',' - {get_param: ceph_mon_node_names} - tripleo::profile::base::ceph::ceph_mon_host: - list_join: - - ',' - - {get_param: ceph_mon_node_ips} - tripleo::profile::base::ceph::ceph_mon_host_v6: - str_replace: - template: "'[IPS_LIST]'" - params: - IPS_LIST: - list_join: - - '],[' - - {get_param: ceph_mon_node_ips} # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string ceilometer::rabbit_hosts: *rabbit_nodes_array diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index 4d98546d..ce8d9158 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -20,9 +20,6 @@ parameters: CephClusterFSID: type: string description: The Ceph cluster FSID. Must be a UUID. - CephIPv6: - default: False - type: boolean CinderRbdPoolName: default: volumes type: string @@ -72,7 +69,6 @@ outputs: value: service_name: ceph_base config_settings: - tripleo::profile::base::ceph::ceph_ipv6: {get_param: CephIPv6} tripleo::profile::base::ceph::enable_ceph_storage: {get_param: ControllerEnableCephStorage} ceph::profile::params::osd_pool_default_min_size: 1 ceph::profile::params::osds: {/srv/data: {}} @@ -93,8 +89,8 @@ outputs: str_replace: template: "NETWORK_subnet" params: - NETWORK: {get_param: [ServiceNetMap, CephPublicNetwork]} - ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephPublicNetwork]} + NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]} + ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]} ceph::profile::params::client_keys: str_replace: template: "{ diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml index 226d2a51..7eb58f56 100644 --- a/puppet/services/heat-base.yaml +++ b/puppet/services/heat-base.yaml @@ -32,6 +32,10 @@ parameters: via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json + HeatPassword: + description: The password for the Heat service and db account, used by the Heat services. + type: string + hidden: true DefaultPasswords: default: {} type: json @@ -60,11 +64,13 @@ outputs: key: 'context_is_admin' value: 'role:admin' heat::rabbit_heartbeat_timeout_threshold: 60 - heat::keystone_tenant: 'service' + heat::keystone::authtoken::project_name: 'service' + heat::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + heat::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + heat::keystone::authtoken::password: {get_param: HeatPassword} heat::keystone::domain::domain_name: 'heat_stack' heat::keystone::domain::domain_admin: 'heat_stack_domain_admin' heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost' - heat::auth_plugin: 'password' heat::cron::purge_deleted::age: 30 heat::cron::purge_deleted::age_type: 'days' heat::cron::purge_deleted::maxdelay: 3600 diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index b230ec1d..1b4f8e7f 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -71,8 +71,6 @@ outputs: - {get_param: [EndpointMap, MysqlInternal, host]} - '/heat' heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]} - heat::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - heat::keystone_password: {get_param: HeatPassword} heat::db::mysql::password: {get_param: HeatPassword} heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword} heat::db::mysql::user: heat diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index d0516e1b..96ba7aa1 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -39,18 +39,18 @@ outputs: config_settings: map_merge: - get_attr: [IronicBase, role_data, config_settings] - # NOTE(dtantsur): the my_ip parameter is heavily overloaded in - # ironic. It's used as a default value for e.g. TFTP server IP, - # glance and neutron endpoints, virtual console IP. We override - # the TFTP server IP in ironic-conductor.yaml as it should not be - # the VIP, but rather a real IP of the controller. - - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} - ironic::api::authtoken::password: {get_param: IronicPassword} + - ironic::api::authtoken::password: {get_param: IronicPassword} ironic::api::authtoken::project_name: 'service' ironic::api::authtoken::username: 'ironic' ironic::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - ironic::api::host_ip: {get_input: ironic_api_network} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ironic::api::host_ip: {get_param: [ServiceNetMap, IronicApiNetwork]} ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]} # This is used to build links in responses ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml index 27479f79..4008f977 100644 --- a/puppet/services/ironic-conductor.yaml +++ b/puppet/services/ironic-conductor.yaml @@ -44,12 +44,23 @@ outputs: ironic::conductor::api_url: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]} ironic::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} ironic::enabled_drivers: {get_param: IronicEnabledDrivers} - # Prevent tftp_server from defaulting to my_ip setting, which is - # controller VIP, not a real IP. - ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network} + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ironic::drivers::pxe::tftp_server: {get_param: [ServiceNetMap, IronicNetwork]} tripleo.ironic_conductor.firewall_rules: '134 ironic conductor TFTP': dport: 69 proto: udp + # NOTE(dtantsur): the my_ip parameter is heavily overloaded in + # ironic. It's used as a default value for e.g. TFTP server IP, + # glance and neutron endpoints, virtual console IP. We override + # the TFTP server IP in ironic-conductor.yaml as it should not be + # the VIP, but rather a real IP of the host. + ironic::my_ip: {get_param: [ServiceNetMap, IronicNetwork]} + step_config: | include ::tripleo::profile::base::ironic::conductor diff --git a/puppet/services/neutron-base.yaml b/puppet/services/neutron-base.yaml index 39ffea24..4eb417c0 100644 --- a/puppet/services/neutron-base.yaml +++ b/puppet/services/neutron-base.yaml @@ -48,6 +48,15 @@ parameters: description: > Remove configuration that is not generated by TripleO. Setting to false may result in configuration remnants after updates/upgrades. + NeutronGlobalPhysnetMtu: + type: number + default: 1500 + description: | + MTU of the underlying physical network. Neutron uses this value to + calculate MTU for all virtual network components. For flat and VLAN + networks, neutron uses this value without modification. For overlay + networks such as VXLAN, neutron automatically subtracts the overlay + protocol overhead from this value. ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -87,3 +96,4 @@ outputs: neutron::host: '"%{::fqdn}"' #NOTE: extra quoting is needed neutron::db::database_db_max_retries: -1 neutron::db::database_max_retries: -1 + neutron::global_physnet_mtu: {get_param: NeutronGlobalPhysnetMtu} diff --git a/puppet/services/neutron-ovs-dpdk-agent.yaml b/puppet/services/neutron-ovs-dpdk-agent.yaml index 1f1e14ab..8ee98a3d 100644 --- a/puppet/services/neutron-ovs-dpdk-agent.yaml +++ b/puppet/services/neutron-ovs-dpdk-agent.yaml @@ -19,13 +19,15 @@ parameters: via parameter_defaults in the resource registry. type: json NeutronDpdkCoreList: - default: "" description: List of cores to be used for DPDK Poll Mode Driver type: string + constraints: + - allowed_pattern: "[0-9,-]+" NeutronDpdkMemoryChannels: - default: "" description: Number of memory channels to be used for DPDK type: string + constraints: + - allowed_pattern: "[0-9]+" NeutronDpdkSocketMemory: default: "" description: Memory allocated for each socket diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index d75aeb4f..7b3d3473 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -17,6 +17,8 @@ import traceback import yaml +required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords'] + def exit_usage(): print('Usage %s <yaml file or directory>' % sys.argv[0]) sys.exit(1) @@ -40,7 +42,6 @@ def validate_service(filename, tpl): % filename) return 1 if 'parameters' in tpl: - required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords'] for param in required_params: if param not in tpl['parameters']: print('ERROR: parameter %s is required for %s.' @@ -64,6 +65,8 @@ def validate(filename): return 1 # yaml is OK, now walk the parameters and output a warning for unused ones for p in tpl.get('parameters', {}): + if p in required_params: + continue str_p = '\'%s\'' % p in_resources = str_p in str(tpl.get('resources', {})) in_outputs = str_p in str(tpl.get('outputs', {})) |