From dfbc9380aa9545e2bd650ab2ec9907d325d6708b Mon Sep 17 00:00:00 2001 From: Imre Farkas Date: Fri, 13 May 2016 14:31:45 +0000 Subject: Basic support for deploying Ironic in overcloud Note that this change is not enough yet to deploy bare metal instances, it only deploys Ironic services themselves and makes sure they work. Also it does not support HA for now. Co-Authored-By: Dmitry Tantsur Partially-implements: blueprint ironic-integration Change-Id: I541be905022264e2d4828e7c46338f2e300df540 --- environments/enable-tls.yaml | 3 + network/endpoints/endpoint_data.yaml | 15 ++++ network/endpoints/endpoint_map.yaml | 121 ++++++++++++++++++++++++++++++++ overcloud-resource-registry-puppet.yaml | 2 + overcloud.yaml | 7 ++ puppet/all-nodes-config.yaml | 11 +++ puppet/controller.yaml | 1 + puppet/hieradata/database.yaml | 8 +++ puppet/services/ironic-api.yaml | 43 ++++++++++++ puppet/services/ironic-base.yaml | 64 +++++++++++++++++ puppet/services/ironic-conductor.yaml | 36 ++++++++++ puppet/vip-config.yaml | 1 + 12 files changed, 312 insertions(+) create mode 100644 puppet/services/ironic-api.yaml create mode 100644 puppet/services/ironic-base.yaml create mode 100644 puppet/services/ironic-conductor.yaml diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index b4c3f08b..71b2c71a 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -28,6 +28,9 @@ parameter_defaults: HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'} HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'} HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'} + IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'} + IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'} KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'} KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'} KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'} diff --git a/network/endpoints/endpoint_data.yaml b/network/endpoints/endpoint_data.yaml index c76e1360..53b474de 100644 --- a/network/endpoints/endpoint_data.yaml +++ b/network/endpoints/endpoint_data.yaml @@ -192,3 +192,18 @@ Sahara: uri_suffixes: '': /v1.1/%(tenant_id)s port: 8386 + +Ironic: + Internal: + vip_param: IronicApi + uri_suffixes: + '': /v1 + Public: + vip_param: Public + uri_suffixes: + '': /v1 + Admin: + vip_param: IronicApi + uri_suffixes: + '': /v1 + port: 6385 diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index fbfa0a15..51ff375b 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -15,6 +15,7 @@ parameters: GlanceRegistryVirtualIP: {type: string, default: ''} GnocchiApiVirtualIP: {type: string, default: ''} HeatApiVirtualIP: {type: string, default: ''} + IronicApiVirtualIP: {type: string, default: ''} KeystoneAdminApiVirtualIP: {type: string, default: ''} KeystonePublicApiVirtualIP: {type: string, default: ''} MysqlVirtualIP: {type: string, default: ''} @@ -49,6 +50,9 @@ parameters: HeatCfnInternal: {protocol: http, port: '8000', host: IP_ADDRESS} HeatCfnPublic: {protocol: http, port: '8000', host: IP_ADDRESS} HorizonPublic: {protocol: http, port: '80', host: IP_ADDRESS} + IronicAdmin: {protocol: http, port: '6385', host: IP_ADDRESS} + IronicInternal: {protocol: http, port: '6385', host: IP_ADDRESS} + IronicPublic: {protocol: http, port: '6385', host: IP_ADDRESS} KeystoneAdmin: {protocol: http, port: '35357', host: IP_ADDRESS} KeystoneInternal: {protocol: http, port: '5000', host: IP_ADDRESS} KeystonePublic: {protocol: http, port: '5000', host: IP_ADDRESS} @@ -1076,6 +1080,123 @@ outputs: IP_ADDRESS: {get_param: PublicVirtualIP} - ':' - get_param: [EndpointMap, HorizonPublic, port] + IronicAdmin: + host: + str_replace: + template: + get_param: [EndpointMap, IronicAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + port: + get_param: [EndpointMap, IronicAdmin, port] + protocol: + get_param: [EndpointMap, IronicAdmin, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, IronicAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + - ':' + - get_param: [EndpointMap, IronicAdmin, port] + - /v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, IronicAdmin, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicAdmin, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + - ':' + - get_param: [EndpointMap, IronicAdmin, port] + IronicInternal: + host: + str_replace: + template: + get_param: [EndpointMap, IronicInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + port: + get_param: [EndpointMap, IronicInternal, port] + protocol: + get_param: [EndpointMap, IronicInternal, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, IronicInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + - ':' + - get_param: [EndpointMap, IronicInternal, port] + - /v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, IronicInternal, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicInternal, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: IronicApiVirtualIP} + - ':' + - get_param: [EndpointMap, IronicInternal, port] + IronicPublic: + host: + str_replace: + template: + get_param: [EndpointMap, IronicPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + port: + get_param: [EndpointMap, IronicPublic, port] + protocol: + get_param: [EndpointMap, IronicPublic, protocol] + uri: + list_join: + - '' + - - get_param: [EndpointMap, IronicPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, IronicPublic, port] + - /v1 + uri_no_suffix: + list_join: + - '' + - - get_param: [EndpointMap, IronicPublic, protocol] + - :// + - str_replace: + template: + get_param: [EndpointMap, IronicPublic, host] + params: + CLOUDNAME: {get_param: CloudName} + IP_ADDRESS: {get_param: PublicVirtualIP} + - ':' + - get_param: [EndpointMap, IronicPublic, port] KeystoneAdmin: host: str_replace: diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index 3abd1c67..5e577291 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -132,6 +132,8 @@ resource_registry: OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml OS::TripleO::Services::HeatApiCloudwatch: puppet/services/heat-api-cloudwatch.yaml OS::TripleO::Services::HeatEngine: puppet/services/heat-engine.yaml + OS::TripleO::Services::IronicApi: puppet/services/ironic-api.yaml + OS::TripleO::Services::IronicConductor: puppet/services/ironic-conductor.yaml OS::TripleO::Services::NeutronDhcpAgent: puppet/services/neutron-dhcp.yaml OS::TripleO::Services::NeutronL3Agent: puppet/services/neutron-l3.yaml OS::TripleO::Services::NeutronMetadataAgent: puppet/services/neutron-metadata.yaml diff --git a/overcloud.yaml b/overcloud.yaml index 5f0ad7d8..62356268 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -538,6 +538,7 @@ parameters: CinderIscsiNetwork: storage GlanceApiNetwork: storage GlanceRegistryNetwork: internal_api + IronicApiNetwork: internal_api KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints KeystonePublicApiNetwork: internal_api NeutronApiNetwork: internal_api @@ -795,6 +796,7 @@ resources: GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} GnocchiApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]} HeatApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + IronicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} MysqlVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} @@ -1151,6 +1153,7 @@ resources: keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} + ironic_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} DeployIdentifier: {get_param: DeployIdentifier} UpdateIdentifier: {get_param: UpdateIdentifier} @@ -1274,6 +1277,7 @@ resources: public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]} internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]} + ironic_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} @@ -1545,6 +1549,9 @@ outputs: HeatInternalVip: description: VIP for Heat API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + IronicInternalVip: + description: VIP for Ironic API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} KeystoneInternalVip: description: VIP for Keystone API internal endpoint value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} diff --git a/puppet/all-nodes-config.yaml b/puppet/all-nodes-config.yaml index b065ddd2..a53d8981 100644 --- a/puppet/all-nodes-config.yaml +++ b/puppet/all-nodes-config.yaml @@ -56,6 +56,8 @@ parameters: type: comma_delimited_list sahara_api_node_ips: type: comma_delimited_list + ironic_api_node_ips: + type: comma_delimited_list DeployIdentifier: type: string @@ -294,6 +296,14 @@ resources: list_join: - "','" - {get_param: sahara_api_node_ips} + ironic_api_node_ips: + str_replace: + template: "['SERVERS_LIST']" + params: + SERVERS_LIST: + list_join: + - "','" + - {get_param: ironic_api_node_ips} # NOTE(gfidente): interpolation with %{} in the # hieradata file can't be used as it returns string @@ -306,6 +316,7 @@ resources: nova::rabbit_hosts: *rabbit_nodes_array keystone::rabbit_hosts: *rabbit_nodes_array sahara::rabbit_hosts: *rabbit_nodes_array + ironic::rabbit_hosts: *rabbit_nodes_array deploy_identifier: {get_param: DeployIdentifier} update_identifier: {get_param: UpdateIdentifier} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 7ccd7e71..6e8df933 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -793,6 +793,7 @@ resources: ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]} # Map heat metadata into hiera datafiles ControllerConfig: diff --git a/puppet/hieradata/database.yaml b/puppet/hieradata/database.yaml index 4eb199c8..19f1bff7 100644 --- a/puppet/hieradata/database.yaml +++ b/puppet/hieradata/database.yaml @@ -53,6 +53,14 @@ heat::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" +# Ironic +ironic::db::mysql::user: ironic +ironic::db::mysql::host: "%{hiera('mysql_virtual_ip')}" +ironic::db::mysql::dbname: ironic +ironic::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + # Ceilometer ceilometer::db::mysql::user: ceilometer ceilometer::db::mysql::host: "%{hiera('mysql_virtual_ip')}" diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml new file mode 100644 index 00000000..e1626d5b --- /dev/null +++ b/puppet/services/ironic-api.yaml @@ -0,0 +1,43 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Ironic API configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + IronicPassword: + description: The password for the Ironic service and db account, used by the Ironic services + type: string + hidden: true + +resources: + IronicBase: + type: ./ironic-base.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Ironic API role. + value: + config_settings: + map_merge: + - get_attr: [IronicBase, role_data, config_settings] + # NOTE(dtantsur): the my_ip parameter is heavily overloaded in + # ironic. It's used as a default value for e.g. TFTP server IP, + # glance and neutron endpoints, virtual console IP. We override + # the TFTP server IP in ironic-conductor.yaml as it should not be + # the VIP, but rather a real IP of the controller. + - ironic::my_ip: {get_param: [EndpointMap, MysqlInternal, host]} + ironic::api::admin_password: {get_param: IronicPassword} + ironic::keystone::auth::public_url: {get_param: [EndpointMap, IronicPublic, uri]} + ironic::keystone::auth::internal_url: {get_param: [EndpointMap, IronicInternal, uri]} + ironic::keystone::auth::admin_url: {get_param: [EndpointMap, IronicAdmin, uri]} + ironic::keystone::auth::password: {get_param: IronicPassword } + + step_config: | + include ::tripleo::profile::base::ironic::api diff --git a/puppet/services/ironic-base.yaml b/puppet/services/ironic-base.yaml new file mode 100644 index 00000000..0eaa53cb --- /dev/null +++ b/puppet/services/ironic-base.yaml @@ -0,0 +1,64 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Ironic services configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + IronicPassword: + description: The password for the Ironic service and db account, used by the Ironic services + type: string + hidden: true + RabbitUserName: + default: guest + description: The username for RabbitMQ + type: string + RabbitPassword: + description: The password for RabbitMQ + type: string + hidden: true + RabbitClientPort: + default: 5672 + description: Set rabbit subscriber port, change this if using SSL + type: number + RabbitClientUseSSL: + default: false + description: > + Rabbit client subscriber parameter to specify + an SSL connection to the RabbitMQ host. + type: string + +outputs: + role_data: + description: Role data for the Ironic role. + value: + config_settings: + ironic_dsn: &ironic_dsn + list_join: + - '' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://ironic:' + - {get_param: IronicPassword} + - '@' + - {get_param: [EndpointMap, MysqlInternal, host]} + - '/ironic' + ironic::admin_tenant_name: 'service' + ironic::database_connection: *ironic_dsn + ironic::debug: {get_param: Debug} + ironic::rabbit_userid: {get_param: RabbitUserName} + ironic::rabbit_password: {get_param: RabbitPassword} + ironic::rabbit_port: {get_param: RabbitClientPort} + ironic::rabbit_use_ssl: {get_param: RabbitClientUseSSL} + ironic::db::mysql::password: {get_param: IronicPassword} + ironic::keystone::auth::tenant: 'service' + + step_config: | + include ::tripleo::profile::base::ironic diff --git a/puppet/services/ironic-conductor.yaml b/puppet/services/ironic-conductor.yaml new file mode 100644 index 00000000..3fb3d9fd --- /dev/null +++ b/puppet/services/ironic-conductor.yaml @@ -0,0 +1,36 @@ +heat_template_version: 2016-04-08 + +description: > + OpenStack Ironic conductor configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + IronicEnabledDrivers: + default: ['pxe_ipmitool', 'agent_ipmitool'] + description: Enabled Ironic drivers + type: comma_delimited_list + +resources: + IronicBase: + type: ./ironic-base.yaml + properties: + EndpointMap: {get_param: EndpointMap} + +outputs: + role_data: + description: Role data for the Ironic conductor role. + value: + config_settings: + map_merge: + - get_attr: [IronicBase, role_data, config_settings] + - ironic::enabled_drivers: {get_param: IronicEnabledDrivers} + # Prevent tftp_server from defaulting to my_ip setting, which is + # controller VIP, not a real IP. + ironic::drivers::pxe::tftp_server: {get_input: ironic_api_network} + + step_config: | + include ::tripleo::profile::base::ironic::conductor diff --git a/puppet/vip-config.yaml b/puppet/vip-config.yaml index 92234b6c..51129053 100644 --- a/puppet/vip-config.yaml +++ b/puppet/vip-config.yaml @@ -37,6 +37,7 @@ resources: internal_api_virtual_ip: {get_input: internal_api_virtual_ip} storage_virtual_ip: {get_input: storage_virtual_ip} storage_mgmt_virtual_ip: {get_input: storage_mgmt_virtual_ip} + ironic_api_vip: {get_input: ironic_api_vip} # public_virtual_ip and controller_virtual_ip are needed in # both HAproxy & keepalived. tripleo::haproxy::public_virtual_ip: {get_input: public_virtual_ip} -- cgit 1.2.3-korg