aboutsummaryrefslogtreecommitdiffstats
path: root/network
AgeCommit message (Collapse)AuthorFilesLines
2016-02-24Generate the endpoint map staticallyZane Bitter4-595/+2334
A stack is an extremely heavyweight abstraction in Heat. Particularly in TripleO, every stack includes a copy of all the template and environment data for all of the stacks in the tree, all of which must be stored anew in the database. The EndpointMap abstraction created no fewer than 30 nested stacks, none of which contained any resources but which existed purely for the purpose of abstracting out some intrinsic functions used to calculate the endpoint URLs for the various services. This likely adds several GB to the memory requirements of the undercloud, and can cause things to slow to a crawl since all 30 nested stacks need to be queried whenever we need data from any one of them. This change eliminates the nested stacks and instead generates the endpoint map statically. This can be done offline in less than 250ms, allows the input data to be expressed in an even more human-readable form, and reduces the runtime overhead of the endpoints map by a factor of 31, all with no loss of functionality, compatibility or flexibility. Since we don't run a setup script to generate the tarball, the endpoint_map.yaml output is checked in to source control. The build script offers a --check option that can be used to make sure that the output file is up-to-date with the input data. Change-Id: I2df8f5569d81c1bde417ff5b12b06b7f1e19c336
2016-02-24Merge "Nova Neutron configuration now uses keystone v3 endpoint"Jenkins1-0/+32
2016-02-24Merge "Allow vncproxy to work with ssl enabled"Jenkins1-0/+28
2016-02-23Nova Neutron configuration now uses keystone v3 endpointDavid Moreau Simard1-0/+32
Our current nova-neutron configuration does not work with the latest puppet-nova. In particular, this patch[1]. This commit adds keystone v3 endpoints to the map and gets the nova::network::neutron configuration to use them. [1] https://github.com/openstack/puppet-nova/commit/d09868a59c451932d67c66101b725182d7066a14 Change-Id: Ifb8c23c81c665c2732fa5cd757760668b06a449a
2016-02-10Merge "Fix endpoint names"Jenkins1-5/+5
2016-02-02Fix endpoint namesZane Bitter1-5/+5
The commit daad3d4224f12d2c23c41a70cdf522e7c55536ba added a bunch of new endpoints, but failed to use the new input data in calculating the outputs: the GlanceRegistry ones use the Glance endpoints and the Horizon one the Heat endpoint. This would cause anything querying these endpoints from the endpoints map to get the wrong ports. Change-Id: I8e1780b26e285187142be41b4f3aae3efe7eaaee
2016-01-20Create linux bridge vlans environmentsJaume Devesa6-0/+626
Define environments to create VLANs attached to a single physical nic as 'single-nic-vlans' does, but using linux_bridge instead of ovs_bridge Change-Id: I8c6fe9ec7028178f783e7d9c0a1cc67a1517eb3d
2016-01-15Allow vncproxy to work with ssl enabledBen Nemec1-0/+28
Right now our vncproxy settings are hard-coded to http and the non-ssl port. This change adds a vncproxy entry to the endpoint map and uses those values to configure the proxy correctly on compute nodes. This is sufficient to get it working in my environment with ssl enabled. Change-Id: I9d69b088eef4700959b33c7e0eb44932949d7b71
2016-01-12Merge "Sahara Integration"Jenkins1-0/+34
2016-01-08Sahara IntegrationEthan Gafford1-0/+34
Integration of OpenStack data processing service (sahara) with TripleO. - Deploys sahara in distributed mode (separate api and engine processes on each controller node) - Load balancing w/haproxy - RabbitMQ/MySQL supported per current TripleO standard - Minimal configurability at this time Change-Id: I77a6a69ed5691e3b1ba34e9ebb4d88c80019642c Partially-implements: blueprint sahara-integration Depends-On: I0f0a1dc2eaa57d8226bad8cfb250110296ab9614 Depends-On: Ib84cc59667616ec94e7edce2715cbd7dd944f4ae Depends-On: I9fe321fd4284f7bfd55bd2e69dcfe623ed6f8a2a
2016-01-08Merge "Fix yaml validation errors in multiple-nics templates"Jenkins4-4/+4
2016-01-06Merge "Align template defaults with the client"Jenkins1-1/+1
2015-12-18Fix yaml validation errors in multiple-nics templatesBen Nemec4-4/+4
One of the interfaces was not indented at the same level as the others in some of the templates. Change-Id: Iabd835724848d754d5522968e1c8e3cf9f78e6c6
2015-12-18Add Management Network For System Administration.Dan Sneddon26-17/+475
This change adds a system management network to all overcloud nodes. The purpose of this network is for system administration, for access to infrastructure services like DNS or NTP, or for monitoring. This allows the management network to be placed on a bond for redundancy, or for the system management network to be an out-of-band network with no routing in or out. The management network might also be configured as a default route instead of the provisioning 'ctlplane' network. This change does not enable the management network by default. An environment file named network-management.yaml may be included to enable the network and ports for each role. The included NIC config templates have been updated with a block that may be uncommented when the management network is enabled. This change also contains some minor cleanup to the NIC templates, particularly the multiple nic templates. Change-Id: I0813a13f60a4f797be04b34258a2cffa9ea7e84f
2015-12-18Align template defaults with the clientGiulio Fidente1-1/+1
This aligns the parameter default values from python-tripleoclient with tripleo-heat-templates. This is in preparation for removing all the defaults from the client, and maintaining them only in the templates. Change-Id: I7b635a250f1ecc170e18d8e434f0118c6fcbb942 Co-Authored-By: James Slagle <jslagle@redhat.com>
2015-12-15Allow for usage of pre-allocated IPs for the controller nodesGiulio Fidente15-2/+311
This change adds a new *_from_pool.yaml meant to return an IP from a list instead of allocating a Neutron port, useful to pick an IP from a pre-defined list and making it possible to configure, for example an external balancer in advance (or dns), with the future IPs of the controller nodes. The list of IPs is provided via parameter_defaults (in the ControllerIPs struct) using ControllerIPs param. Also some additional VipPort types are created for the *VirtualIP resources. The VIPs were previously created using the same port resource used by the nodes, but when deploying with an external balancer we want the VIP resource to be nooped instead. Change-Id: Id3d4f12235501ae77200430a2dc022f378dce336
2015-12-11Merge "Update typos"Jenkins13-13/+13
2015-12-03Merge "Make all network ports type to consume FixedIPs"Jenkins4-0/+28
2015-12-01Fix default route in multiple nics net isolation templatesDan Sneddon4-0/+12
The non-controller nodes in the network/config/multiple-nics directory do not have a default route configured. This change adds the default route to the non-controller nodes using the ControlPlaneDefaultRoute parameter, which was already a part of these templates. Change-Id: Idaaeb2a539555ac14cc613b202c428108bc19a30
2015-11-24Update typosSwapnil Kulkarni (coolsvap)13-13/+13
Change-Id: Id63c1bcfc34058eb7285698ba9bf86d1cf2025a6
2015-11-24Add net_vip_map_external to be used for an external balancerDan Prince8-1/+57
Changes VipMap into a new NetVipMap resource which defaults to being the same as the 'old' VipMap. An environment file can be used to map NetVipMap instead to the net_vip_map_external.yaml which allows for passing in explicit Virtual IP addresses. It also ensures that references to the Virtual IPs are gathered from the VipMap resource and allows for an empty ControlPlaneIP parameter in the neutron port templates where it can be. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: Ifad32e18f12b9997e3f89e4afe3ebc4c30e14a86
2015-11-16Merge "Support network isolation without external nets"Jenkins4-0/+237
2015-11-16Merge "Add the GlanceRegistry and Horizon endpoints to EndpointMap"Jenkins1-0/+35
2015-11-16Merge "Expose the IP of the Endpoints"Jenkins1-0/+1
2015-11-16Merge "Make CloudName available for Endpoints"Jenkins2-3/+48
2015-11-16Make all network ports type to consume FixedIPsGiulio Fidente4-0/+28
This change adds to the internal_api, storage, storage_mgmt and tenant network ports the FixedIPs param and make them consume it when passed. Change-Id: Ica2bca9f573b206cc60c9d572224a8cc7b9b8aa4
2015-11-13Merge "Refacter Endpoints into EndpointMap"Jenkins2-0/+429
2015-11-12Merge "Change default bond-mode"Jenkins1-2/+1
2015-11-11Change default bond-modeJoe Talerico1-2/+1
The default balance-tcp is causing issues with deployments. Defaulting to active-backup. After ~ 100 guests (total) connectivity to each guest would become spotty (simple pings would fail, then become successful.) In /var/log/messages we saw : "overcloud-controller-1 kernel: openvswitch: ovs-system: deferred action limit reached, drop recirc action" For more details, refer to this link: http://openvswitch.org/pipermail/discuss/2015-October/019168.html Change-Id: Ia0f2592a289e13472b98d97057cd516c5048fe59
2015-11-11Add the GlanceRegistry and Horizon endpoints to EndpointMapMark Chappell1-0/+35
We need to pass details of the Glance Registry and public Horizon endpoints to the load balancers so add them to the EndpointMap Change-Id: Ia6261223e7701734f47ce48471c86f690ba3dcd5
2015-11-11Expose the IP of the EndpointsMark Chappell1-0/+1
We expose all of the other parameters, so expose the IP too for consistency Change-Id: I5c31befde51e398318c7b8c744310212288ad892
2015-11-11Make CloudName available for EndpointsMark Chappell2-3/+48
CloudName is the DNS name for the public VIP this means we will likely want it available for use in the endpoint hostnames, rather than people needing to copy and paste the same hostname Change-Id: Ic6d708b083244442195eee890de91bbc7e133ec2
2015-11-11Refacter Endpoints into EndpointMapMark Chappell2-0/+429
Because many of the service endpoints URLs use the same patterns for generating the URLs it makes sense to use the same templates to reduce the copy and paste. In the process also adds support for explicitly specifying hostnames for use in the endpoints. Note: DNS must be pre-configured. The Heat templates do not directly configure DNS. Change-Id: Ie3270909beca3d63f2d7e4bcb04c559380ddc54d Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
2015-11-05Add network templates for multiple NIC configurationDan Sneddon6-0/+642
This change adds a set of network interface configurations for use with network isolation. The multiple-nics templates includes one separate NIC per network, and assumes that nic1 is used for the provisioning network (ctlplane). Also included is an environment file for including the multiple-nics configuration in a deployment. This revision changes the ordering of the NICs. By doing that, it is possible to wire up only a subset of the NICs for the storage nodes, and it is possilbe to leave the External NIC only configured on the controllers. rdo: Updated this commit for static control plane configuration Co-Authored-By: Rhys Oxenham <roxenham@redhat.com> Change-Id: Ic878d1ed1a85b5705295d087a743570ca8213504
2015-09-30Add DnsServers param to network config templatesDan Prince10-0/+50
This patch adds a new optional DnsServers parameter which can be used to provide a custom list of DNS resolvers which will be configured in resolv.conf. Change-Id: I2bb7259ebc09d786dc56da18694c862f802091b1 Depends-On: I9edecfdd4e1d0f39883b72be554cd92c5685881d
2015-09-17Configure ctlplane network with a static IPDan Prince10-66/+353
This patch updates all network configuration templates so that we configure the ctlplane network interface with a static IP instead of using DHCP. The IP address used for the static IP is passed into each nested stack network configuration template via the ControlPlaneIp parameter. Three new nested stack parameters called ControlPlaneSubnetCidr, ControlPlaneDefaultRoute, and EC2MetadataIp have been added to help configure the CIDR, default route, and EC2 metadata route on the ctlplane statically. These parameters can be customized via the parameter_defaults section in the heat environment. A single new template called net-config-static-bridge.yaml has been added to help migrate towards using the static configuration templates when not using network isolation. Depends-On: I257e1cba6dee16f73f75512d1284e1e3b9d4c831 Change-Id: Ib267e6dcf2d5ff77f7a82ee20a123965c2d07565
2015-09-08Set NetValueSpecs parameter types to JsonDan Prince5-5/+5
The latest Heat API is a bit more strict in validating the datatypes for the OS::Neutron::Net value_specs. This patch converts the default parameter types for these from string to json. Change-Id: Iaad6ee6417d3ae55c52ffe2f4e6ed79124161923 Closes-bug: #1493502
2015-09-05Allow 'ctlplane' to be used within Net IP MapsDan Prince3-0/+51
When using network isolation you might want to selective move one of the services back to the default ctlplane network by simply using the ServiceNetMap parameter. This patch adds ctlplane to the output parameters for both the net_ip_map and net_ip_list_map nested stacks so that this is possible. As part of this patch we also split out the NetIpSubnetMap into its own unique nested stack so that the Heat input parameters for this stack are more clearly named. Change-Id: Iaa2dcaebeac896404e87ec0c635688b2a59a9e0f
2015-08-17Remove hardcoded bridge name in bonded compute NIC configDan Sneddon1-1/+1
This change removes a hardcoded value for the bond name in the NIC config for the compute node in the bond-with-vlan NIC config templates. When this hardcoded value of "br-bond" is used, then the Neutron bridge mappings must be set to set to datacentre:br-bond in order for VLAN mode networking to recognize the bridge. By using the input value for bridge_name we will ensure that the controller and compute nodes have the same bridge name (defaults to "br-ex"), and that the defaults will work with VLAN mode. Change-Id: I28654ab93e3c10a8597c8b877f3f2f6b3eca887c
2015-08-06Support network isolation without external netsDan Prince4-0/+237
This patch adds extra heat environments that can be used to enable network isolation without using the external network. Instead of a separate external network the ctlplane will be used for all of the external/public traffic. Change-Id: Ia542cee02121771d7d57ac701b62d7608e8d1855
2015-07-24Add a default setting for BondInterfaceOvsOptionsDan Sneddon1-1/+2
This change adds a default setting for the OVS bond options to the bond-with-vlans controller.yaml. This default will attempt to bring up LACP bonding, but should that fail it will bring up the bond in active/backup mode. This is a safe configuration if the switch is not configured for bonding. Change-Id: I91aad1e061ed1ecf26636e60da7a9a6e9cde50a5
2015-07-22Convert PublicVirtualIP to new port creation methodDan Sneddon4-6/+35
This change brings PublicVirtualIP in line with the rest of the VIPs in how it is created. This allows the network where PublicVirtualIP is instantiated to be on cltplane when network isolation is not used, and on the external network when network isolation is used. This change removes the PublicVirtualNetwork parameter, since it is no longer used. In order to continue to support the PublicVirtualFixedIPs parameter, which is used to provide a specific IP for the PublicVirtualIP, the FixedIP parameter was added to cltplane_vip.yaml, vip.yaml, and noop.yaml. The value of PublicVirtualIP is passed to FixedIP in the VIP templates. This change also moves the default network for keystone public api to the external net (which will fallback to ctlplane if network isolation isn't used). Change-Id: I3f5d35cbe55d3a148e95cf49dfbaad4874df960b
2015-07-06Merge "Add ControlPlaneNetwork to vip.yaml"Jenkins1-0/+4
2015-06-29Add a default route to the external isolated networkDan Sneddon2-4/+20
This change adds a parameter for ExternalInterfaceDefaultRoute and uses that parameter to set the default route on the controller nodes. This allows Horizon and the public APIs to be reachable from routed networks outside the overcloud. Co-Authored-By: Dan Prince <dprince@redhat.com> Change-Id: I67a72767342237049f53f5085a6faf891fbf0c30
2015-06-27Remove bridge from nic1 in network bond templatesDan Sneddon5-51/+1
The bridge that is built on the bonds in the bond-with-vlans example has an extraneous bridge on the storage and compute templates, and an incorrect bridge on the controller template. There is no reason to do anything on nic1, which is assumed to be the provisioning interface, because it will be configured by DHCP. Also, on the controller template we actually want br-ex to contain the VLAN with the external network, rather than be configured on the provisioning interface. Change-Id: Ibe2343d5281f7b63a7b63b17d96d8442d0b96105
2015-06-27Add ControlPlaneNetwork to vip.yamlDan Sneddon1-0/+4
There are two files in network/ports which control the VIP behavior called ctlplane_vip.yaml and vip.yaml. One of these files was missing ControlPlaneNetwork, since it wasn't used inside the template. Unfortunately, tuskar chokes on this, even though Heat can build the stack just fine. This change makes the vip.yaml and ctlplane_vip.yaml equivalent by adding ControlPlaneNetwork to the vip.yaml template. Change-Id: Ic20281e58a1130afe18d5aec505a3df199841fd5
2015-06-18Merge "Fix grammar nits in bond-with-vlans templates"Jenkins5-5/+5
2015-06-17Merge "Remove Redis VirtualIP from params and build it from Neutron::Port"Jenkins3-0/+95
2015-06-17Merge "Fix allocation pool in external.yaml"Jenkins1-1/+1
2015-06-16Fix allocation pool in external.yamlDan Sneddon1-1/+1
The file network/external.yaml has a typo in the last commit. It should have been a get_param instead of a get_resource. This change fixes that line in that file. Change-Id: Ibc0db0510e9b5dae3c4669a620c642357906cbc2