diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/cinder-storage.yaml | 6 | ||||
| -rw-r--r-- | puppet/controller-config-pacemaker.yaml | 5 | ||||
| -rw-r--r-- | puppet/controller-config.yaml | 5 | ||||
| -rw-r--r-- | puppet/controller-post.yaml | 42 | ||||
| -rw-r--r-- | puppet/controller.yaml | 7 | ||||
| -rwxr-xr-x | puppet/extraconfig/pre_deploy/controller/neutron-plumgrid.yaml | 113 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_compute.pp | 14 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_controller.pp | 22 | ||||
| -rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 44 | ||||
| -rw-r--r-- | puppet/manifests/ringbuilder.pp | 8 |
10 files changed, 219 insertions, 47 deletions
diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 878b31c2..b5694802 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -285,7 +285,11 @@ resources: size: {get_param: CinderLVMLoopDeviceSize} cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend} cinder_iscsi_helper: {get_param: CinderISCSIHelper} - cinder_iscsi_ip_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} + cinder_iscsi_ip_address: + str_replace: + template: "'IP'" + params: + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/controller-config-pacemaker.yaml b/puppet/controller-config-pacemaker.yaml index dc81498a..21db825a 100644 --- a/puppet/controller-config-pacemaker.yaml +++ b/puppet/controller-config-pacemaker.yaml @@ -22,7 +22,10 @@ resources: outputs: - name: result config: - get_file: manifests/overcloud_controller_pacemaker.pp + list_join: + - '' + - - get_file: manifests/overcloud_controller_pacemaker.pp + - get_file: manifests/ringbuilder.pp outputs: OS::stack_id: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index f85e1a9e..f7a6a56d 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -22,7 +22,10 @@ resources: outputs: - name: result config: - get_file: manifests/overcloud_controller.pp + list_join: + - '' + - - get_file: manifests/overcloud_controller.pp + - get_file: manifests/ringbuilder.pp outputs: OS::stack_id: diff --git a/puppet/controller-post.yaml b/puppet/controller-post.yaml index 713ad706..04f20b61 100644 --- a/puppet/controller-post.yaml +++ b/puppet/controller-post.yaml @@ -64,39 +64,26 @@ resources: update_identifier: {get_param: NodeConfigIdentifiers} actions: ['CREATE'] # no need for two passes on an UPDATE - ControllerRingbuilderPuppetConfig: - type: OS::Heat::SoftwareConfig - properties: - group: puppet - options: - enable_debug: {get_param: ConfigDebug} - enable_hiera: True - enable_facter: False - inputs: - outputs: - - name: result - config: - get_file: manifests/ringbuilder.pp - - ControllerRingbuilderDeployment_Step3: + ControllerOvercloudServicesDeployment_Step3: type: OS::Heat::StructuredDeployments depends_on: ControllerServicesBaseDeployment_Step2 properties: - name: ControllerRingbuilderDeployment_Step3 + name: ControllerOvercloudServicesDeployment_Step3 servers: {get_param: servers} - config: {get_resource: ControllerRingbuilderPuppetConfig} + config: {get_resource: ControllerPuppetConfig} input_values: + step: 3 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step4: type: OS::Heat::StructuredDeployments - depends_on: ControllerRingbuilderDeployment_Step3 + depends_on: ControllerOvercloudServicesDeployment_Step3 properties: name: ControllerOvercloudServicesDeployment_Step4 servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 3 + step: 4 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step5: @@ -107,7 +94,7 @@ resources: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 4 + step: 5 update_identifier: {get_param: NodeConfigIdentifiers} ControllerOvercloudServicesDeployment_Step6: @@ -118,12 +105,23 @@ resources: servers: {get_param: servers} config: {get_resource: ControllerPuppetConfig} input_values: - step: 5 + step: 6 + update_identifier: {get_param: NodeConfigIdentifiers} + + ControllerOvercloudServicesDeployment_Step7: + type: OS::Heat::StructuredDeployments + depends_on: ControllerOvercloudServicesDeployment_Step6 + properties: + name: ControllerOvercloudServicesDeployment_Step7 + servers: {get_param: servers} + config: {get_resource: ControllerPuppetConfig} + input_values: + step: 7 update_identifier: {get_param: NodeConfigIdentifiers} ControllerPostPuppet: type: OS::TripleO::Tasks::ControllerPostPuppet - depends_on: ControllerOvercloudServicesDeployment_Step6 + depends_on: ControllerOvercloudServicesDeployment_Step7 properties: servers: {get_param: servers} input_values: diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 9878b28d..efdf08bb 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -1248,7 +1248,11 @@ resources: - '/sahara' swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]} - cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} + cinder_iscsi_network: + str_replace: + template: "'IP'" + params: + IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]} cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} @@ -1310,6 +1314,7 @@ resources: - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre - midonet_data #Optionally provided by AllNodesExtraConfig - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre + - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre datafiles: controller_extraconfig: mapped_data: {get_param: ControllerExtraConfig} diff --git a/puppet/extraconfig/pre_deploy/controller/neutron-plumgrid.yaml b/puppet/extraconfig/pre_deploy/controller/neutron-plumgrid.yaml new file mode 100755 index 00000000..7c0a7ad2 --- /dev/null +++ b/puppet/extraconfig/pre_deploy/controller/neutron-plumgrid.yaml @@ -0,0 +1,113 @@ +heat_template_version: 2015-04-30 + +description: Controller hieradata for Neutron PLUMgrid configuration + +parameters: + server: + description: ID of the controller node to apply this config to + type: string + PLUMgridDirectorServer: + description: IP address of the PLUMgrid Director Server + type: string + default: 127.0.0.1 + PLUMgridDirectorServerPort: + description: Port of the PLUMgrid Director Server + type: string + default: 443 + PLUMgridUsername: + description: Username for PLUMgrid platform + type: string + PLUMgridPassword: + description: Password for PLUMgrid platform + type: string + hidden: true + PLUMgridServerTimeOut: + description: Request timeout duration (seconds) to PLUMgrid platform + type: string + default: 99 + PLUMgridNovaMetadataIP: + description: IP address of Nova Metadata + type: string + default: 169.254.169.254 + PLUMgridNovaMetadataPort: + description: Port of Nova Metadata + type: string + default: 8775 + PLUMgridL2GatewayVendor: + description: Vendor for L2 Gateway Switch + type: string + default: vendor + PLUMgridL2GatewayUsername: + description: Username for L2 Gateway Switch + type: string + default: username + PLUMgridL2GatewayPassword: + description: Password for L2 Gateway Switch + type: string + hidden: true + PLUMgridIdentityVersion: + description: Keystone Identity version + type: string + default: v2.0 + PLUMgridConnectorType: + description: Neutron Network Connector Type + type: string + default: distributed + PLUMgridNeutronPluginVersion: + description: PLUMgrid Neutron Plugin version + type: string + default: present + PLUMgridPlumlibVersion: + description: PLUMgrid Plumlib version + type: string + default: present + + +resources: + ControllerPLUMgridConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + hiera: + datafiles: + neutron_plumgrid_data: + mapped_data: + neutron::plugins::plumgrid::director_server: {get_input: plumgrid_director_server} + neutron::plugins::plumgrid::director_server_port: {get_input: plumgrid_director_server_port} + neutron::plugins::plumgrid::username: {get_input: plumgrid_username} + neutron::plugins::plumgrid::password: {get_input: plumgrid_password} + neutron::plugins::plumgrid::nova_metadata_ip: {get_input: plumgrid_nova_metadata_ip} + neutron::plugins::plumgrid::nova_metadata_port: {get_input: plumgrid_nova_metadata_port} + neutron::plugins::plumgrid::l2gateway_vendor: {get_input: plumgrid_l2gateway_vendor} + neutron::plugins::plumgrid::l2gateway_sw_username: {get_input: plumgrid_l2gateway_sw_username} + neutron::plugins::plumgrid::l2gateway_sw_password: {get_input: plumgrid_l2gateway_sw_password} + neutron::plugins::plumgrid::connector_type: {get_input: plumgrid_connector_type} + neutron::plugins::plumgrid::identity_version: {get_input: plumgrid_identity_version} + neutron::plugins::plumgrid::package_ensure: {get_input: plumgrid_neutron_plugin_version} + neutron::plugins::plumgrid::plumlib_package_ensure: {get_input: plumgrid_plumlib_version} + + ControllerPLUMgridDeployment: + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: ControllerPLUMgridConfig} + server: {get_param: server} + input_values: + plumgrid_director_server: {get_param: PLUMgridDirectorServer} + plumgrid_director_server_port: {get_param: PLUMgridDirectorServerPort} + plumgrid_username: {get_param: PLUMgridUsername} + plumgrid_password: {get_param: PLUMgridPassword} + plumgrid_nova_metadata_ip: {get_param: PLUMgridNovaMetadataIP} + plumgrid_nova_metadata_port: {get_param: PLUMgridNovaMetadataPort} + plumgrid_l2gateway_vendor: {get_param: PLUMgridL2GatewayVendor} + plumgrid_l2gateway_sw_username: {get_param: PLUMgridL2GatewayUsername} + plumgrid_l2gateway_sw_password: {get_param: PLUMgridL2GatewayPassword} + plumgrid_identity_version: {get_param: PLUMgridIdentityVersion} + plumgrid_connector_type: {get_param: PLUMgridConnectorType} + plumgrid_neutron_plugin_version: {get_param: PLUMgridNeutronPluginVersion} + plumgrid_plumlib_version: {get_param: PLUMgridPlumlibVersion} + +outputs: + deploy_stdout: + description: Deployment reference, used to trigger puppet apply on changes + value: {get_attr: [ControllerPLUMgridDeployment, deploy_stdout]} diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index 13ae31c5..ee77518e 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -152,6 +152,20 @@ elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencont # require => Class['contrail::vrouter'], #} } +elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' { + # forward all ipv4 traffic + # this is required for the vms to pass through the gateways public interface + sysctl::value { 'net.ipv4.ip_forward': value => '1' } + + # ifc_ctl_pp needs to be invoked by root as part of the vif.py when a VM is powered on + file { '/etc/sudoers.d/ifc_ctl_sudoers': + ensure => file, + owner => root, + group => root, + mode => '0440', + content => "nova ALL=(root) NOPASSWD: /opt/pg/bin/ifc_ctl_pp *\n", + } +} else { include ::neutron::plugins::ml2 diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 5b3e8f77..c6667ae6 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -210,7 +210,7 @@ if hiera('step') >= 2 { } #END STEP 2 -if hiera('step') >= 3 { +if hiera('step') >= 4 { include ::keystone include ::keystone::config @@ -344,13 +344,21 @@ if hiera('step') >= 3 { include ::neutron::server include ::neutron::server::notifications - # If the value of core plugin is set to 'nuage' or 'opencontrail', - # include nuage or opencontrail core plugins, and it does not - # need the l3, dhcp and metadata agents + # If the value of core plugin is set to 'nuage' or'opencontrail' or 'plumgrid', + # include nuage or opencontrail or plumgrid core plugins + # else use the default value of 'ml2' if hiera('neutron::core_plugin') == 'neutron.plugins.nuage.plugin.NuagePlugin' { include ::neutron::plugins::nuage } elsif hiera('neutron::core_plugin') == 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2' { include ::neutron::plugins::opencontrail + } + elsif hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' { + class { '::neutron::plugins::plumgrid' : + connection => hiera('neutron::server::database_connection'), + controller_priv_host => hiera('keystone_admin_api_vip'), + admin_password => hiera('admin_password'), + metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'), + } } else { include ::neutron::agents::l3 include ::neutron::agents::dhcp @@ -673,9 +681,9 @@ if hiera('step') >= 3 { hiera_include('controller_classes') -} #END STEP 3 +} #END STEP 4 -if hiera('step') >= 4 { +if hiera('step') >= 5 { $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) @@ -710,7 +718,7 @@ if hiera('step') >= 4 { } } -} #END STEP 4 +} #END STEP 5 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 7c5fd6bd..fd12c342 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -18,6 +18,24 @@ Pcmk_resource <| |> { try_sleep => 3, } +# TODO(jistr): use pcs resource provider instead of just no-ops +Service <| + tag == 'aodh-service' or + tag == 'cinder-service' or + tag == 'ceilometer-service' or + tag == 'glance-service' or + tag == 'heat-service' or + tag == 'keystone-service' or + tag == 'neutron-service' or + tag == 'nova-service' or + tag == 'sahara-service' +|> { + hasrestart => true, + restart => '/bin/true', + start => '/bin/true', + stop => '/bin/true', +} + include ::tripleo::packages include ::tripleo::firewall @@ -29,13 +47,13 @@ if $::hostname == downcase(hiera('bootstrap_nodeid')) { $sync_db = false } -$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 5 +$enable_fencing = str2bool(hiera('enable_fencing', false)) and hiera('step') >= 6 $enable_load_balancer = hiera('enable_load_balancer', true) # When to start and enable services which haven't been Pacemakerized # FIXME: remove when we start all OpenStack services using Pacemaker # (occurrences of this variable will be gradually replaced with false) -$non_pcmk_start = hiera('step') >= 4 +$non_pcmk_start = hiera('step') >= 5 if hiera('step') >= 1 { @@ -584,7 +602,7 @@ MYSQL_HOST=localhost\n", } #END STEP 2 -if hiera('step') >= 3 { +if hiera('step') >= 4 { class { '::keystone': sync_db => $sync_db, @@ -774,6 +792,14 @@ if hiera('step') >= 3 { keystone_password => hiera('neutron::server::auth_password') } } + if hiera('neutron::core_plugin') == 'networking_plumgrid.neutron.plugins.plugin.NeutronPluginPLUMgridV2' { + class { '::neutron::plugins::plumgrid' : + connection => hiera('neutron::server::database_connection'), + controller_priv_host => hiera('keystone_admin_api_vip'), + admin_password => hiera('admin_password'), + metadata_proxy_shared_secret => hiera('nova::api::neutron_metadata_proxy_shared_secret'), + } + } if hiera('neutron::enable_dhcp_agent',true) { class { '::neutron::agents::dhcp' : manage_service => false, @@ -1169,9 +1195,9 @@ if hiera('step') >= 3 { hiera_include('controller_classes') -} #END STEP 3 +} #END STEP 4 -if hiera('step') >= 4 { +if hiera('step') >= 5 { $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) @@ -1346,7 +1372,7 @@ if hiera('step') >= 4 { Pacemaker::Resource::Service[$::glance::params::api_service_name]], } - if hiera('step') == 4 { + if hiera('step') == 5 { # Neutron # NOTE(gfidente): Neutron will try to populate the database with some data # as soon as neutron-server is started; to avoid races we want to make this @@ -1932,9 +1958,9 @@ if hiera('step') >= 4 { } -} #END STEP 4 +} #END STEP 5 -if hiera('step') >= 5 { +if hiera('step') >= 6 { if $pacemaker_master { @@ -1956,7 +1982,7 @@ if hiera('step') >= 5 { } } -} #END STEP 5 +} #END STEP 6 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller_pacemaker', hiera('step')]) package_manifest{$package_manifest_name: ensure => present} diff --git a/puppet/manifests/ringbuilder.pp b/puppet/manifests/ringbuilder.pp index 2d880d33..a623da29 100644 --- a/puppet/manifests/ringbuilder.pp +++ b/puppet/manifests/ringbuilder.pp @@ -13,8 +13,6 @@ # License for the specific language governing permissions and limitations # under the License. -include ::tripleo::packages - define add_devices( $swift_zones = '1' ){ @@ -91,6 +89,6 @@ class tripleo::ringbuilder ( } } -include ::tripleo::ringbuilder - -package_manifest{'/var/lib/tripleo/installed-packages/ringbuilder': ensure => present} +if hiera('step') >= 3 { + include ::tripleo::ringbuilder +} |