From: Alexandru Avadanii Date: Tue, 21 Mar 2017 18:01:31 +0100 Subject: [PATCH 2/2] Revert "Remove cobbler and use dhcpd named and tftp" This reverts commit 0b5ab4ff80414adad996012b9152de0719888274. --- deployment/puppet/fuel/examples/cobbler.pp | 79 ++++++++++++- deployment/puppet/fuel/examples/deploy.sh | 2 +- deployment/puppet/fuel/examples/dhcp-ranges.pp | 26 +++-- deployment/puppet/fuel/examples/hiera.pp | 9 -- deployment/puppet/fuel/examples/host.pp | 2 +- deployment/puppet/fuel/examples/provision.pp | 99 ---------------- .../parser/functions/create_dnsmasq_dhcp_ranges.rb | 47 ++++++++ .../lib/puppet/parser/functions/get_dhcp_ranges.rb | 46 -------- .../get_merged_network_metadata_from_yamls.rb | 20 ---- deployment/puppet/fuel/manifests/cobbler.pp | 130 +++++++++++++++++++++ .../puppet/fuel/manifests/dnsmasq/dhcp_range.pp | 29 +++++ deployment/puppet/fuel/manifests/iptables.pp | 3 +- .../functions/create_dnsmasq_dhcp_ranges_spec.rb | 70 +++++++++++ deployment/puppet/fuel/templates/dhclient.conf.erb | 2 +- deployment/puppet/fuel/templates/dhcpd_ranges.erb | 21 ---- .../puppet/fuel/templates/dnsmasq.dhcp-range.erb | 7 ++ deployment/puppet/fuel/templates/provision.yaml | 8 -- deployment/puppet/fuel/templates/resolv.conf.erb | 4 +- .../manifests/provision/build_image.pp | 22 ++-- .../lib/puppet/parser/functions/tftp_files.rb | 22 ---- deployment/puppet/provision/manifests/dhcpd.pp | 54 --------- deployment/puppet/provision/manifests/iptables.pp | 28 ----- deployment/puppet/provision/manifests/named.pp | 51 -------- deployment/puppet/provision/manifests/params.pp | 36 ------ deployment/puppet/provision/manifests/tftp.pp | 95 --------------- .../puppet/provision/templates/dhcpd.conf.erb | 69 ----------- .../puppet/provision/templates/named.conf.erb | 32 ----- .../puppet/provision/templates/tftp.chain32.erb | 8 -- .../puppet/provision/templates/tftp.default.erb | 19 --- .../puppet/provision/templates/tftp.xinetd.erb | 13 --- .../puppet/provision/templates/xinetd.conf.erb | 17 --- deployment/puppet/provision/templates/zone.erb | 11 -- graphs/provision/tasks.yaml | 43 ++++--- tests/noop/spec/hosts/master/cobbler_spec.rb | 79 +++++++++++++ tests/noop/spec/hosts/master/dhcp-ranges_spec.rb | 17 +++ tests/noop/spec/hosts/master/host_spec.rb | 2 + 36 files changed, 527 insertions(+), 695 deletions(-) mode change 120000 => 100644 deployment/puppet/fuel/examples/cobbler.pp delete mode 100644 deployment/puppet/fuel/examples/provision.pp create mode 100644 deployment/puppet/fuel/lib/puppet/parser/functions/create_dnsmasq_dhcp_ranges.rb delete mode 100644 deployment/puppet/fuel/lib/puppet/parser/functions/get_dhcp_ranges.rb delete mode 100644 deployment/puppet/fuel/lib/puppet/parser/functions/get_merged_network_metadata_from_yamls.rb create mode 100644 deployment/puppet/fuel/manifests/cobbler.pp create mode 100644 deployment/puppet/fuel/manifests/dnsmasq/dhcp_range.pp create mode 100644 deployment/puppet/fuel/spec/functions/create_dnsmasq_dhcp_ranges_spec.rb delete mode 100644 deployment/puppet/fuel/templates/dhcpd_ranges.erb create mode 100644 deployment/puppet/fuel/templates/dnsmasq.dhcp-range.erb delete mode 100644 deployment/puppet/fuel/templates/provision.yaml delete mode 100644 deployment/puppet/provision/lib/puppet/parser/functions/tftp_files.rb delete mode 100644 deployment/puppet/provision/manifests/dhcpd.pp delete mode 100644 deployment/puppet/provision/manifests/iptables.pp delete mode 100644 deployment/puppet/provision/manifests/named.pp delete mode 100644 deployment/puppet/provision/manifests/params.pp delete mode 100644 deployment/puppet/provision/manifests/tftp.pp delete mode 100644 deployment/puppet/provision/templates/dhcpd.conf.erb delete mode 100644 deployment/puppet/provision/templates/named.conf.erb delete mode 100644 deployment/puppet/provision/templates/tftp.chain32.erb delete mode 100644 deployment/puppet/provision/templates/tftp.default.erb delete mode 100644 deployment/puppet/provision/templates/tftp.xinetd.erb delete mode 100644 deployment/puppet/provision/templates/xinetd.conf.erb delete mode 100644 deployment/puppet/provision/templates/zone.erb create mode 100644 tests/noop/spec/hosts/master/cobbler_spec.rb create mode 100644 tests/noop/spec/hosts/master/dhcp-ranges_spec.rb diff --git a/deployment/puppet/fuel/examples/cobbler.pp b/deployment/puppet/fuel/examples/cobbler.pp deleted file mode 120000 index c48bab0..0000000 --- a/deployment/puppet/fuel/examples/cobbler.pp +++ /dev/null @@ -1 +0,0 @@ -provision.pp \ No newline at end of file diff --git a/deployment/puppet/fuel/examples/cobbler.pp b/deployment/puppet/fuel/examples/cobbler.pp new file mode 100644 index 0000000..d409689 --- /dev/null +++ b/deployment/puppet/fuel/examples/cobbler.pp @@ -0,0 +1,78 @@ +notice('MODULAR: cobbler.pp') + +Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'} + +$fuel_settings = parseyaml($astute_settings_yaml) +$admin_network = $::fuel_settings['ADMIN_NETWORK'] +$nailgun_api_url = "http://${::fuel_settings['ADMIN_NETWORK']['ipaddress']}:8000/api" +$bootstrap_settings = pick($::fuel_settings['BOOTSTRAP'], {}) +$bootstrap_path = pick($bootstrap_settings['path'], '/var/www/nailgun/bootstraps/active_bootstrap') +$bootstrap_ethdevice_timeout = pick($bootstrap_settings['ethdevice_timeout'], '120') +$dhcp_gw = $::fuel_settings['ADMIN_NETWORK']['dhcp_gateway'] +$dns_domain = $::fuel_settings['DNS_DOMAIN'] +$dns_search = $::fuel_settings['DNS_SEARCH'] +$dns_upstream = split($::fuel_settings['DNS_UPSTREAM'], ',') +$cobbler_host = $::fuel_settings['ADMIN_NETWORK']['ipaddress'] + +# TODO(mmalchuk): the right way with updated loadyaml function +# $bootstrap_meta = loadyaml("${bootstrap_path}/metadata.yaml", {}) +# and remove if else block +$metadata_yaml = file("${bootstrap_path}/metadata.yaml", '/dev/null') +if empty($metadata_yaml) { + $bootstrap_meta = {} +} else { + $bootstrap_meta = parseyaml($metadata_yaml) +} + +if $dhcp_gw { + $dhcp_gateway = $dhcp_gw +} +else { + $dhcp_gateway = $cobbler_host +} + +class { '::fuel::cobbler': + cobbler_user => $::fuel_settings['cobbler']['user'], + cobbler_password => $::fuel_settings['cobbler']['password'], + bootstrap_path => $bootstrap_path, + bootstrap_meta => $bootstrap_meta, + server => $::fuel_settings['ADMIN_NETWORK']['ipaddress'], + name_server => $::fuel_settings['ADMIN_NETWORK']['ipaddress'], + next_server => $::fuel_settings['ADMIN_NETWORK']['ipaddress'], + mco_user => $::fuel_settings['mcollective']['user'], + mco_pass => $::fuel_settings['mcollective']['password'], + dns_upstream => $dns_upstream, + dns_domain => $dns_domain, + dns_search => $dns_search, + dhcp_ipaddress => $::fuel_settings['ADMIN_NETWORK']['ipaddress'], + nailgun_api_url => $nailgun_api_url, + bootstrap_ethdevice_timeout => $bootstrap_ethdevice_timeout, +} -> + +file { '/etc/resolv.conf': + content => template('fuel/resolv.conf.erb'), + owner => 'root', + group => 'root', + mode => '0644', +} + +Fuel::Systemd { + start => true, + template_path => 'fuel/systemd/restart_template.erb', + config_name => 'restart.conf', + service_manage => false, +} + +fuel::systemd { ['httpd', 'cobblerd', 'xinetd'] :} + +fuel::systemd { 'dnsmasq': template_path => 'fuel/systemd/dnsmasq_template.erb' } + +fuel::dnsmasq::dhcp_range {'default': + dhcp_start_address => $admin_network['dhcp_pool_start'], + dhcp_end_address => $admin_network['dhcp_pool_end'], + dhcp_netmask => $admin_network['netmask'], + dhcp_gateway => $admin_network['dhcp_gateway'], + next_server => $admin_network['ipaddress'], + listen_address => $admin_network['ipaddress'], + notify => Service['dnsmasq'], +} diff --git a/deployment/puppet/fuel/examples/deploy.sh b/deployment/puppet/fuel/examples/deploy.sh index c1b7494..afff4af 100755 --- a/deployment/puppet/fuel/examples/deploy.sh +++ b/deployment/puppet/fuel/examples/deploy.sh @@ -17,7 +17,7 @@ TASKS=" hiera host -provision +cobbler postgresql rabbitmq mcollective diff --git a/deployment/puppet/fuel/examples/dhcp-ranges.pp b/deployment/puppet/fuel/examples/dhcp-ranges.pp index 1209207..7420e1b 100644 --- a/deployment/puppet/fuel/examples/dhcp-ranges.pp +++ b/deployment/puppet/fuel/examples/dhcp-ranges.pp @@ -1,12 +1,20 @@ notice('MODULAR: dhcp-ranges.pp') -$admin_network = hiera('ADMIN_NETWORK') -$next_server = $admin_network['ipaddress'] -$domain_name = hiera('DNS_DOMAIN') -$dns_address = $admin_network['ipaddress'] -$dhcp_ranges = get_dhcp_ranges(hiera('admin_networks', [{}])) - -file { $::provision::params::dhcpd_conf_extra : - ensure => present, - content => template('fuel/dhcpd_ranges.erb'), +$admin_networks = hiera('admin_networks', [{}]) +$admin_network = hiera('ADMIN_NETWORK') + +Fuel::Dnsmasq::Dhcp_range <||> { + next_server => $admin_network['ipaddress'], +} + +# Ensure dir with purge and recurse to remove configs for +# non-existing (removed) nodegroups and ip ranges +file { '/etc/dnsmasq.d': + ensure => 'directory', + recurse => true, + purge => true, } + +# Create admin networks dhcp-range files except for 'default' nodegroup +# by creating Fuel::Dnsmasq::Dhcp_range puppet resources +create_dnsmasq_dhcp_ranges($admin_networks) diff --git a/deployment/puppet/fuel/examples/hiera.pp b/deployment/puppet/fuel/examples/hiera.pp index 58bae50..ca228ae 100644 --- a/deployment/puppet/fuel/examples/hiera.pp +++ b/deployment/puppet/fuel/examples/hiera.pp @@ -6,15 +6,12 @@ $data = [ 'nodes', 'networks', 'astute', - 'known_hosts', - 'provision', 'common', ] $astute_data_file = '/etc/fuel/astute.yaml' $hiera_main_config = '/etc/hiera.yaml' $hiera_puppet_config = '/etc/puppet/hiera.yaml' $hiera_data_file = "${data_dir}/astute.yaml" -$hiera_data_provision = "${data_dir}/provision.yaml" File { owner => 'root', @@ -43,12 +40,6 @@ file { 'hiera_data_astute' : target => $astute_data_file, } -file { 'hiera_data_provision' : - ensure => present, - path => $hiera_data_provision, - content => template('fuel/provision.yaml'), -} - file { 'hiera_puppet_config' : ensure => 'symlink', path => $hiera_puppet_config, diff --git a/deployment/puppet/fuel/examples/host.pp b/deployment/puppet/fuel/examples/host.pp index f94d642..f5cfac4 100644 --- a/deployment/puppet/fuel/examples/host.pp +++ b/deployment/puppet/fuel/examples/host.pp @@ -9,7 +9,7 @@ $ntp_servers = delete(delete_undef_values([$::fuel_settings['NTP1'], $::fuel_settings['NTP2'], $::fuel_settings['NTP3']]), '') # Vars for File['/etc/dhcp/dhclient.conf'] -$dns_address = $::fuel_settings['ADMIN_NETWORK']['ipaddress'] +$cobbler_host = $::fuel_settings['ADMIN_NETWORK']['ipaddress'] # Vars for File['/etc/fuel-utils/config'] $admin_ip = $::fuel_settings['ADMIN_NETWORK']['ipaddress'] diff --git a/deployment/puppet/fuel/examples/provision.pp b/deployment/puppet/fuel/examples/provision.pp deleted file mode 100644 index 9b2aa26..0000000 --- a/deployment/puppet/fuel/examples/provision.pp +++ /dev/null @@ -1,99 +0,0 @@ -notice('MODULAR: provision.pp') - -Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'} - -$fuel_settings = parseyaml($astute_settings_yaml) - -$mco_user = $::fuel_settings['mcollective']['user'] -$mco_pass = $::fuel_settings['mcollective']['password'] -$dns_address = $::fuel_settings['ADMIN_NETWORK']['ipaddress'] -$domain_name = $::fuel_settings['DNS_DOMAIN'] -$dns_search = $::fuel_settings['DNS_SEARCH'] -$forwarders = split($::fuel_settings['DNS_UPSTREAM'], ',') -$start_address = $::fuel_settings['ADMIN_NETWORK']['dhcp_pool_start'] -$end_address = $::fuel_settings['ADMIN_NETWORK']['dhcp_pool_end'] -$network_mask = $::fuel_settings['ADMIN_NETWORK']['netmask'] -$network_address = ipcalc_network_by_address_netmask($start_address, $network_mask) -$dhcp_gateway = $::fuel_settings['ADMIN_NETWORK']['dhcp_gateway'] -if $dhcp_gateway { - $router = $dhcp_gateway -} -else { - $router = $::fuel_settings['ADMIN_NETWORK']['ipaddress'] -} - -$next_server = $::fuel_settings['ADMIN_NETWORK']['ipaddress'] - -$nailgun_api_url = "http://${::fuel_settings['ADMIN_NETWORK']['ipaddress']}:8000/api" -$ethdevice_timeout = hiera('ethdevice_timeout', '120') - -$ddns_key = hiera('ddns_key', 'VyCWe0kutrawqQ2WEFKkAw=') -$ddns_key_algorithm = hiera('ddns_key_algorithm', 'HMAC-MD5') -$ddns_key_name = hiera('ddns_key_name', 'DHCP_UPDATE') - -$bootstrap_menu_label = hiera('bootstrap_menu_label', 'bootstrap') -$bootstrap_kernel_path = hiera('bootstrap_kernel_path', '/images/vmlinuz') -$bootstrap_initrd_path = hiera('bootstrap_initrd_path', '/images/initrd.img') - -$bootstrap_settings = pick($::fuel_settings['BOOTSTRAP'], {}) -$bootstrap_path = pick($bootstrap_settings['path'], '/var/www/nailgun/bootstraps/active_bootstrap') -$metadata_yaml = file("${bootstrap_path}/metadata.yaml", '/dev/null') -if empty($metadata_yaml) { - $bootstrap_meta = {} -} else { - $bootstrap_meta = parseyaml($metadata_yaml) -} - -$bootstrap_kernel_params = extend_kopts($bootstrap_meta['extend_kopts'], "console=ttyS0,9600 console=tty0 panic=60 ethdevice-timeout=${ethdevice_timeout} boot=live toram components fetch=http://${next_server}:8080/bootstraps/active_bootstrap/root.squashfs biosdevname=0 url=${nailgun_api_url} mco_user=${mco_user} mco_pass=${mco_pass} ip=frommedia") - - -$known_hosts = get_merged_network_metadata_from_yamls() -$chain32_files = tftp_files("/var/lib/tftpboot/pxelinux.cfg", $known_hosts) - -class { "::provision::dhcpd" : - network_address => ipcalc_network_by_address_netmask($start_address, $network_mask), - network_mask => $network_mask, - broadcast_address => $broadcast_address, - start_address => $start_address, - end_address => $end_address, - router => $router, - next_server => $next_server, - dns_address => $dns_address, - domain_name => $domain_name, - ddns_key => $ddns_key, - ddns_key_algorithm => $ddns_key_algorithm, - ddns_key_name => $ddns_key_name, - known_hosts => $known_hosts, -} - -class { "::provision::tftp" : - bootstrap_menu_label => $bootstrap_menu_label, - bootstrap_kernel_path => $bootstrap_kernel_path, - bootstrap_initrd_path => $bootstrap_initrd_path, - bootstrap_kernel_params => $bootstrap_kernel_params, - chain32_files => $chain32_files, -} -> - -file { "/var/lib/tftpboot${bootstrap_kernel_path}" : - source => "${bootstrap_path}/vmlinuz", -} -> - -file { "/var/lib/tftpboot${bootstrap_initrd_path}" : - source => "${bootstrap_path}/initrd.img" -} - -class { "::provision::named" : - domain_name => $domain_name, - dns_address => $dns_address, - forwarders => $forwarders, - ddns_key => $ddns_key, - ddns_key_algorithm => $ddns_key_algorithm, - ddns_key_name => $ddns_key_name, -} -> - -file { '/etc/resolv.conf': - content => template('fuel/resolv.conf.erb'), - owner => 'root', - group => 'root', - mode => '0644', -} diff --git a/deployment/puppet/fuel/lib/puppet/parser/functions/create_dnsmasq_dhcp_ranges.rb b/deployment/puppet/fuel/lib/puppet/parser/functions/create_dnsmasq_dhcp_ranges.rb new file mode 100644 index 0000000..a43ba51 --- /dev/null +++ b/deployment/puppet/fuel/lib/puppet/parser/functions/create_dnsmasq_dhcp_ranges.rb @@ -0,0 +1,47 @@ +require 'ipaddr' +require 'zlib' + +module Puppet::Parser::Functions + newfunction(:create_dnsmasq_dhcp_ranges, :doc => <<-EOS +Creates fuel::dnsmasq::dhcp_range puppet resources from list of admin networks. + EOS +) do |args| + admin_nets = args[0] + unless admin_nets.is_a?(Array) and admin_nets[0].is_a?(Hash) + raise(Puppet::ParseError, 'Should pass list of hashes as a parameter') + end + admin_nets.each do |net| + next unless net['ip_ranges'].is_a? Array + net['ip_ranges'].each do |ip_range| + # loop through local facts to pull which interface has an IP in the + # dhcp range so we can properly listen on the interface for dhcp + # messages + cidr = IPAddr.new(net['cidr']) + listen_address = [] + interfaces = lookupvar('interfaces') + if ! interfaces.nil? + interfaces.split(',').each do |interface| + local_address = lookupvar("ipaddress_#{interface}") + listen_address.push(local_address) if cidr.include?(local_address) + end + end + netmask = IPAddr.new('255.255.255.255').mask(net['cidr'].split('/')[1]).to_s + print_range = ip_range.join('_') + resource_name = sprintf("range_%08x", Zlib::crc32("#{print_range}_#{net['cidr']}").to_i) + range_comment = "# Environment: #{net['cluster_name']}\n# Nodegroup: #{net['node_group_name']}\n# IP range: #{ip_range}" + dhcp_range_resource = { + resource_name => { + 'file_header' => "# Generated automatically by puppet\n#{range_comment}", + 'listen_address' => listen_address.join(','), + 'dhcp_start_address' => ip_range[0], + 'dhcp_end_address' => ip_range[1], + 'dhcp_netmask' => netmask, + 'dhcp_gateway' => net['gateway'], + } + } + debug("Trying to create fuel::dnsmasq::dhcp_range resource: #{dhcp_range_resource.inspect}") + function_create_resources(['fuel::dnsmasq::dhcp_range', dhcp_range_resource]) + end + end + end +end diff --git a/deployment/puppet/fuel/lib/puppet/parser/functions/get_dhcp_ranges.rb b/deployment/puppet/fuel/lib/puppet/parser/functions/get_dhcp_ranges.rb deleted file mode 100644 index 574ae78..0000000 --- a/deployment/puppet/fuel/lib/puppet/parser/functions/get_dhcp_ranges.rb +++ /dev/null @@ -1,46 +0,0 @@ -require 'ipaddr' - -module Puppet::Parser::Functions - newfunction(:get_dhcp_ranges, :doc => <<-EOS -Returns a list of dhcp ranges from a list of admin networks. - EOS -) do |args| - admin_nets = args[0] - unless admin_nets.is_a?(Array) and admin_nets[0].is_a?(Hash) - raise(Puppet::ParseError, 'Should pass list of hashes as a parameter') - end - dhcp_ranges = [] - admin_nets.each do |net| - next unless net['ip_ranges'].is_a? Array - net['ip_ranges'].each do |ip_range| - # loop through local facts to pull which interface has an IP in the - # dhcp range so we can properly listen on the interface for dhcp - # messages - cidr = IPAddr.new(net['cidr']) - listen_address = [] - interfaces = lookupvar('interfaces') - if ! interfaces.nil? - interfaces.split(',').each do |interface| - local_address = lookupvar("ipaddress_#{interface}") - listen_address.push(local_address) if cidr.include?(local_address) - end - end - netmask = IPAddr.new('255.255.255.255').mask(net['cidr'].split('/')[1]).to_s - range_comment = "# Environment: #{net['cluster_name']}\n# Nodegroup: #{net['node_group_name']}\n# IP range: #{ip_range}" - dhcp_range = { - 'comment' => range_comment, - 'listen_address' => listen_address.join(','), - 'start_address' => ip_range[0], - 'end_address' => ip_range[1], - 'netaddr' => cidr.to_s, - 'netmask' => netmask, - 'broadcast' => cidr.to_range.to_a[-1].to_s, - 'gateway' => net['gateway'], - } - debug("Appending dhcp range to the list of ranges: #{dhcp_range.inspect}") - dhcp_ranges << dhcp_range - end - end - dhcp_ranges - end -end diff --git a/deployment/puppet/fuel/lib/puppet/parser/functions/get_merged_network_metadata_from_yamls.rb b/deployment/puppet/fuel/lib/puppet/parser/functions/get_merged_network_metadata_from_yamls.rb deleted file mode 100644 index 91028c6..0000000 --- a/deployment/puppet/fuel/lib/puppet/parser/functions/get_merged_network_metadata_from_yamls.rb +++ /dev/null @@ -1,20 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:get_merged_network_metadata_from_yamls, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| -Load a provision data from a set of YAML files for a set of cluster -located in /var/lib/fuel/configs/{CLUSTER_ID}/provision.yaml - - ENDHEREDOC - require 'yaml' - merged_data = {} - Dir["/var/lib/fuel/configs/*/provision.yaml"].each do |f| - begin - data = YAML::load_file(f) || {} - rescue Exception => e - warning("Found file #{f} but could not parse it") - data = {} - end - merged_data.merge!(data['network_metadata']['nodes']) - end - merged_data - end -end diff --git a/deployment/puppet/fuel/manifests/cobbler.pp b/deployment/puppet/fuel/manifests/cobbler.pp new file mode 100644 index 0000000..ea312da --- /dev/null +++ b/deployment/puppet/fuel/manifests/cobbler.pp @@ -0,0 +1,130 @@ +class fuel::cobbler( + $repo_root = $::fuel::params::repo_root, + $cobbler_user = $::fuel::params::cobbler_user, + $cobbler_password = $::fuel::params::cobbler_password, + $bootstrap_path, + $bootstrap_meta, + # network interface configuration timeout (in seconds) + $bootstrap_ethdevice_timeout = $::fuel::params::bootstrap_ethdevice_timeout, + $bootstrap_profile = $::fuel::params::bootstrap_profile, + $centos_repos = $::fuel::params::centos_repos, + $ks_system_timezone = $::fuel::params::ks_system_timezone, + $server = $::fuel::params::cobbler_host, + $name_server = $::fuel::params::cobbler_host, + $next_server = $::fuel::params::cobbler_host, + $dns_upstream = $::fuel::params::dns_upstream, + $dns_domain = $::fuel::params::dns_domain, + $dns_search = $::fuel::params::dns_search, + $mco_user = $::fuel::params::mco_user, + $mco_pass = $::fuel::params::mco_password, + $dhcp_ipaddress = $::fuel::params::dhcp_ipaddress, + $nailgun_api_url = "http://${::fuel::params::nailgun_host}:${::fuel::params::nailgun_port}/api", + # default password is 'r00tme' + $ks_encrypted_root_password = $::fuel::params::ks_encrypted_root_password, + ) inherits fuel::params { + + anchor { 'nailgun-cobbler-begin': } + anchor { 'nailgun-cobbler-end': } + + Anchor<| title == 'nailgun-cobbler-begin' |> -> + Class['::cobbler'] -> + Anchor<| title == 'nailgun-cobbler-end' |> + + $real_server = $next_server + + $fence_ssh_source = 'puppet:///modules/fuel/cobbler/fence_ssh.centos7.py' + + class { '::cobbler': + server => $server, + domain_name => $domain_name, + dns_upstream => $dns_upstream, + dns_domain => $dns_domain, + dns_search => $dns_search, + name_server => $name_server, + next_server => $next_server, + dhcp_ipaddress => $dhcp_ipaddress, + cobbler_user => $cobbler_user, + cobbler_password => $cobbler_password, + pxetimeout => '50' + } + + file { '/etc/cobbler/power/fence_ssh.template': + content => template('fuel/cobbler/fence_ssh.template.erb'), + owner => 'root', + group => 'root', + mode => '0644', + require => Class['::cobbler::server'], + } + + file { '/usr/sbin/fence_ssh': + source => $fence_ssh_source, + owner => 'root', + group => 'root', + mode => '0755', + require => Class['::cobbler::server'], + } + + cobbler_distro { 'ubuntu_bootstrap': + kernel => "${bootstrap_path}/vmlinuz", + initrd => "${bootstrap_path}/initrd.img", + arch => 'x86_64', + breed => 'ubuntu', + osversion => 'xenial', + ksmeta => '', + require => Class['::cobbler::server'], + } + + cobbler_profile { 'ubuntu_bootstrap': + distro => 'ubuntu_bootstrap', + menu => true, + kickstart => '', + kopts => extend_kopts($bootstrap_meta['extend_kopts'], "console=ttyS0,9600 console=tty0 panic=60 ethdevice-timeout=${bootstrap_ethdevice_timeout} boot=live toram components fetch=http://${server}:8080/bootstraps/active_bootstrap/root.squashfs biosdevname=0 url=${nailgun_api_url} mco_user=${mco_user} mco_pass=${mco_pass} ip=frommedia"), + ksmeta => '', + server => $real_server, + require => Cobbler_distro['ubuntu_bootstrap'], + } + + exec { 'cobbler_system_add_default': + command => "cobbler system add --name=default \ + --profile=${bootstrap_profile} --netboot-enabled=True", + onlyif => 'test -z `cobbler system find --name=default`', + require => Cobbler_profile[$bootstrap_profile], + } + + exec { 'cobbler_system_edit_default': + command => "cobbler system edit --name=default \ + --profile=${bootstrap_profile} --netboot-enabled=True", + unless => "cobbler system report --name default 2>/dev/null | grep -q -E '^Profile\\s*:\\s*${bootstrap_profile}'", + require => Cobbler_profile[$bootstrap_profile], + } + + exec { 'nailgun_cobbler_sync': + command => 'cobbler sync', + refreshonly => true, + } + + Exec['cobbler_system_add_default'] ~> Exec['nailgun_cobbler_sync'] + Exec['cobbler_system_edit_default'] ~> Exec['nailgun_cobbler_sync'] + Cobbler_profile<| |> ~> Exec['nailgun_cobbler_sync'] + + #FIXME(mattymo): move pubkey to astute fact or download it + exec { 'cp /root/.ssh/id_rsa.pub /etc/cobbler/authorized_keys': + command => 'cp /root/.ssh/id_rsa.pub /etc/cobbler/authorized_keys', + creates => '/etc/cobbler/authorized_keys', + require => Class['::cobbler::server'], + } + + file { '/etc/dnsmasq.conf': + ensure => link, + target => '/etc/cobbler.dnsmasq.conf', + } + + file { ['/var/log/cobbler/anamon', + '/var/log/cobbler/kicklog', + '/var/log/cobbler/syslog', + '/var/log/cobbler/tasks'] : + ensure => directory, + require => Class['::cobbler::server'], + } + +} diff --git a/deployment/puppet/fuel/manifests/dnsmasq/dhcp_range.pp b/deployment/puppet/fuel/manifests/dnsmasq/dhcp_range.pp new file mode 100644 index 0000000..a60bac5 --- /dev/null +++ b/deployment/puppet/fuel/manifests/dnsmasq/dhcp_range.pp @@ -0,0 +1,29 @@ +# +# fuel::dnsmasq::dhcp_range creates config files in /etc/dnsmasq.d/ +# +# [next_server] IP address that will be used as PXE tftp server +# [dhcp_start_address] First address of dhcp range +# [dhcp_end_address] Last address of dhcp range +# [dhcp_netmask] Netmask of the network +# [dhcp_gateway] Gateway address for installed nodes +# [lease_time] DHCP lease time +# [file_header] File header for comments + +define fuel::dnsmasq::dhcp_range( + $dhcp_start_address = '10.0.0.201', + $dhcp_end_address = '10.0.0.254', + $dhcp_netmask = '255.255.255.0', + $dhcp_gateway = $::ipaddress, + $listen_address = $::ipaddress, + $file_header = undef, + $lease_time = '120m', + $next_server = $::ipaddress, +){ + $range_name = $name + file { "/etc/dnsmasq.d/${name}.conf": + content => template('fuel/dnsmasq.dhcp-range.erb'), + owner => 'root', + group => 'root', + mode => '0644', + } +} diff --git a/deployment/puppet/fuel/manifests/iptables.pp b/deployment/puppet/fuel/manifests/iptables.pp index b3ac965..fc0afb7 100644 --- a/deployment/puppet/fuel/manifests/iptables.pp +++ b/deployment/puppet/fuel/manifests/iptables.pp @@ -23,7 +23,8 @@ class fuel::iptables ( $chain = 'INPUT', ) inherits fuel::params { - include ::provision::iptables + #Enable cobbler's iptables rules even if Cobbler not called + include ::cobbler::iptables firewallchain { 'INPUT:filter:IPv4': ensure => present, diff --git a/deployment/puppet/fuel/spec/functions/create_dnsmasq_dhcp_ranges_spec.rb b/deployment/puppet/fuel/spec/functions/create_dnsmasq_dhcp_ranges_spec.rb new file mode 100644 index 0000000..7158984 --- /dev/null +++ b/deployment/puppet/fuel/spec/functions/create_dnsmasq_dhcp_ranges_spec.rb @@ -0,0 +1,70 @@ +require 'spec_helper' + +describe 'create_dnsmasq_dhcp_ranges' do + + let(:admin_networks) do + [ + {"id" => 1, + "node_group_name" => nil, + "node_group_id" => nil, + "cluster_name" => nil, + "cluster_id" => nil, + "cidr" => "10.145.0.0/24", + "gateway" => "10.145.0.2", + "ip_ranges" => [["10.145.0.3", "10.145.0.250"]], + }, + {"id" => 2, + "node_group_name" => "default2", + "node_group_id" => 22, + "cluster_name" => "default2", + "cluster_id" => 2, + "cidr" => "10.144.0.0/24", + "gateway" => "10.144.0.5", + "ip_ranges" => [["10.144.0.10", "10.144.0.254"]], + }, + ] + end + + let(:facts) do + { + :interfaces => 'docker0,enp0s3,enp0s4,enp0s5,lo', + :ipaddress_docker0 => '172.17.0.1', + :ipaddress_enp0s3 => '10.145.0.2', + :ipaddress_enp0s4 => '10.144.0.2', + } + end + let(:catalog) do + lambda { catalogue } + end + + it 'refuses String' do + is_expected.to run.with_params('foo').and_raise_error(Puppet::ParseError, /Should pass list of hashes as a parameter/) + end + + it 'accepts empty data' do + is_expected.to run.with_params([{}]) + end + + it 'can create dnsmasq dhcp ranges' do + is_expected.to run.with_params(admin_networks) + parameters = { + :file_header=>"# Generated automatically by puppet\n# Environment: \n# Nodegroup: \n# IP range: [\"10.145.0.3\", \"10.145.0.250\"]", + :listen_address=>'10.145.0.2', + :dhcp_start_address=>"10.145.0.3", + :dhcp_end_address=>"10.145.0.250", + :dhcp_netmask=>"255.255.255.0", + :dhcp_gateway=>"10.145.0.2", + } + expect(catalog).to contain_fuel__dnsmasq__dhcp_range('range_6be3c888').with parameters + parameters = { + :file_header=>"# Generated automatically by puppet\n# Environment: default2\n# Nodegroup: default2\n# IP range: [\"10.144.0.10\", \"10.144.0.254\"]", + :listen_address=>'10.144.0.2', + :dhcp_start_address=>"10.144.0.10", + :dhcp_end_address=>"10.144.0.254", + :dhcp_netmask=>"255.255.255.0", + :dhcp_gateway=>"10.144.0.5", + } + expect(catalog).to contain_fuel__dnsmasq__dhcp_range('range_ff724fd0').with parameters + end + +end diff --git a/deployment/puppet/fuel/templates/dhclient.conf.erb b/deployment/puppet/fuel/templates/dhclient.conf.erb index 9b54550..d17616c 100644 --- a/deployment/puppet/fuel/templates/dhclient.conf.erb +++ b/deployment/puppet/fuel/templates/dhclient.conf.erb @@ -1 +1 @@ -prepend domain-name-servers <%= @dns_address %>; +prepend domain-name-servers <%= @cobbler_host %>; diff --git a/deployment/puppet/fuel/templates/dhcpd_ranges.erb b/deployment/puppet/fuel/templates/dhcpd_ranges.erb deleted file mode 100644 index d455a95..0000000 --- a/deployment/puppet/fuel/templates/dhcpd_ranges.erb +++ /dev/null @@ -1,21 +0,0 @@ -<% @dhcp_ranges.each do |range| -%> - -# <%= range['comment'] %> -subnet <%= range['netaddr'] %> netmask <%= range['netmask'] %> { - range <%= range['start_address'] %> <%= range['end_address'] %>; - option routers <%= range['gateway'] %>; - option subnet-mask <%= range['netmask'] %>; - option broadcast-address <%= range['broadcast'] %>; - option domain-name-servers <%= @dns_address %>; - option domain-name "<%= @domain_name %>"; - next-server <%= @next_server %>; - default-lease-time 7200; - max-lease-time 7200; - ddns-hostname = concat("dhcp-",binary-to-ascii(10,8,"-", leased-address)); - class "pxeclients" { - match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; - filename "pxelinux.0"; - } -} - -<% end -%> \ No newline at end of file diff --git a/deployment/puppet/fuel/templates/dnsmasq.dhcp-range.erb b/deployment/puppet/fuel/templates/dnsmasq.dhcp-range.erb new file mode 100644 index 0000000..aa41d20 --- /dev/null +++ b/deployment/puppet/fuel/templates/dnsmasq.dhcp-range.erb @@ -0,0 +1,7 @@ +<% if @file_header %><%= @file_header %><% end %> +<% if @listen_address && !@listen_address.empty? %>listen-address=<%= @listen_address %><% end %> +dhcp-range=<%= @range_name %>,<%= @dhcp_start_address %>,<%= @dhcp_end_address %>,<%= @dhcp_netmask %>,<%= @lease_time %> +dhcp-option=net:<%= @range_name %>,option:router,<%= @dhcp_gateway %> +dhcp-boot=net:<%= @range_name %>,pxelinux.0,boothost,<%= @next_server %> +dhcp-match=set:ipxe,175 +dhcp-option-force=tag:ipxe,210,http://<%= @next_server %>/cobbler/boot/ diff --git a/deployment/puppet/fuel/templates/provision.yaml b/deployment/puppet/fuel/templates/provision.yaml deleted file mode 100644 index 3d5d3c7..0000000 --- a/deployment/puppet/fuel/templates/provision.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -ddns_key: VyCWe0kutrawqQ2WEFKkAw== -ddns_key_algorithm: HMAC-MD5 -ddns_key_name: DHCP_UPDATE -bootstrap_menu_label: bootstrap -bootstrap_kernel_path: /images/vmlinuz -bootstrap_initrd_path: /images/initrd.img -ethdevice_timeout: 120 diff --git a/deployment/puppet/fuel/templates/resolv.conf.erb b/deployment/puppet/fuel/templates/resolv.conf.erb index ceb69d8..4e9541f 100644 --- a/deployment/puppet/fuel/templates/resolv.conf.erb +++ b/deployment/puppet/fuel/templates/resolv.conf.erb @@ -1,3 +1,3 @@ search <%= @dns_search %> -domain <%= @domain_name %> -nameserver <%= @dns_address %> +domain <%= @dns_domain %> +nameserver <%= @cobbler_host %> diff --git a/deployment/puppet/osnailyfacter/manifests/provision/build_image.pp b/deployment/puppet/osnailyfacter/manifests/provision/build_image.pp index 02fa0f0..3f90aec 100644 --- a/deployment/puppet/osnailyfacter/manifests/provision/build_image.pp +++ b/deployment/puppet/osnailyfacter/manifests/provision/build_image.pp @@ -1,7 +1,13 @@ -class osnailyfacter::provision::build_image { +class osnailyfacter::provision::build_image( + $data_file = '/tmp/provision.yaml', +){ - $data_file = "/var/lib/fuel/configs/${::cluster_id}/provision.yaml" - $data = loadyaml($data_file) + if $data_file == undef { + $data = loadyaml('/tmp/provision.yaml') + } else { + $data = loadyaml($data_file) + } + $cluster_id = $data['cluster']['id'] if $data['ironic']['enabled'] == 'true' { $ironic_packages = [ @@ -23,10 +29,10 @@ class osnailyfacter::provision::build_image { ] $package_list = join(prefix($ironic_packages, '--package '), ' ') - $ssh_auth_file = "/var/lib/fuel/keys/${::cluster_id}/ironic/ironic.pub" + $ssh_auth_file = "/var/lib/fuel/keys/${cluster_id}/ironic/ironic.pub" $ssh_params = "--root-ssh-authorized-file ${ssh_auth_file}" - $out_dir = "/var/www/nailgun/bootstrap/ironic/${::cluster_id}/" + $out_dir = "/var/www/nailgun/bootstrap/ironic/${cluster_id}/" $out_params = "--output-dir ${out_dir}" $extra_params = "--extra-dir /usr/share/ironic-fa-bootstrap-configs/ --no-compress --no-default-extra-dirs --no-default-packages" @@ -35,19 +41,19 @@ class osnailyfacter::provision::build_image { exec { 'generate_image_with_ironic': command => "fuel-bootstrap build ${package_list} ${ssh_params} ${out_params} ${extra_params} ${log_params}", path => ['/bin', '/usr/bin'], - unless => "test -e /var/www/nailgun/bootstrap/ironic/${::cluster_id}/vmlinuz", + unless => "test -e /var/www/nailgun/bootstrap/ironic/${cluster_id}/vmlinuz", } } else { $build_dir = '--image_build_dir /var/lib/fuel/ibp' - $log_params = "--log-file /var/log/fuel-agent-env-${::cluster_id}.log" + $log_params = "--log-file /var/log/fuel-agent-env-${cluster_id}.log" $extra_params = '--data_driver nailgun_build_image' exec { 'generate_image_with_fuel': command => "fa_build_image ${build_dir} ${log_params} ${extra_params} --input_data_file ${data_file}", path => ['/bin', '/usr/bin'], timeout => 1800, - unless => "test -e /var/www/nailgun/bootstrap/ironic/${::cluster_id}/vmlinuz", + unless => "test -e /var/www/nailgun/bootstrap/ironic/${cluster_id}/vmlinuz", } } } diff --git a/deployment/puppet/provision/lib/puppet/parser/functions/tftp_files.rb b/deployment/puppet/provision/lib/puppet/parser/functions/tftp_files.rb deleted file mode 100644 index e05a48b..0000000 --- a/deployment/puppet/provision/lib/puppet/parser/functions/tftp_files.rb +++ /dev/null @@ -1,22 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:tftp_files, :type => :rvalue) do |args| - # args[0] is a path prefix, e.g. /var/lib/tftpboot/pxelinux.cfg - # args[1] is a dict of hosts - # node-1: - # dhcp_binding_params: - # name: node-1 - # mac: - # - aa:bb:cc:dd:ee:ff - # - 00:11:22:33:44:55 - # ip_address: 10.20.0.10 - # result is a list of file names - # - /var/lib/tftpboot/pxelinux.cfg/01-aa-bb-cc-dd-ee-ff - # - /var/lib/tftpboot/pxelinux.cfg/01-00-11-22-33-44-55 - files = [] - args[1].each {|host_name, host_data| - mac = host_data["dhcp_binding_params"]["mac"] - files << (args[0] + "/01-" + mac.gsub(":", "-")) - } - files - end -end diff --git a/deployment/puppet/provision/manifests/dhcpd.pp b/deployment/puppet/provision/manifests/dhcpd.pp deleted file mode 100644 index 6837532..0000000 --- a/deployment/puppet/provision/manifests/dhcpd.pp +++ /dev/null @@ -1,54 +0,0 @@ -class provision::dhcpd ( - $network_address = $::provision::params::network_address, - $network_mask = $::provision::params::network_mask, - $broadcast_address = $::provision::params::broadcast_address, - $start_address = $::provision::params::start_address, - $end_address = $::provision::params::end_address, - $router = $::provision::params::router, - $next_server = $::provision::params::next_server, - $dns_address = $::provision::params::dns_address, - $domain_name = $::provision::params::domain_name, - $ddns_key = $::provision::params::ddns_key, - $ddns_key_algorithm = $::provision::params::ddns_key_algorithm, - $ddns_key_name = $::provision::params::ddns_key_name, - $known_hosts = [], -) inherits provision::params { - - package { "dhcpd" : - name => $::provision::params::dhcpd_package, - } - - file { $::provision::params::dhcpd_conf : - ensure => present, - content => template('provision/dhcpd.conf.erb'), - owner => 'dhcpd', - group => 'dhcpd', - mode => '0640', - require => Package["dhcpd"], - notify => Service["dhcpd"], - } - - file { $::provision::params::dhcpd_conf_d : - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - require => Package["dhcpd"], - } - - # It is just a file that could be modified by other modules - file { $::provision::params::dhcpd_conf_extra : - ensure => present, - require => File[$::provision::params::dhcpd_conf_d], - } - - service { "dhcpd" : - name => $::provision::params::dhcpd_service, - ensure => running, - enable => true, - hasrestart => false, - hasstatus => false, - require => Package["dhcpd"], - } - -} diff --git a/deployment/puppet/provision/manifests/iptables.pp b/deployment/puppet/provision/manifests/iptables.pp deleted file mode 100644 index f5aec5b..0000000 --- a/deployment/puppet/provision/manifests/iptables.pp +++ /dev/null @@ -1,28 +0,0 @@ -class provision::iptables { - - firewall { '101 dns_tcp': - chain => INPUT, - dport => '53', - proto => 'tcp', - action => 'accept', - } - firewall { '102 dns_udp': - chain => INPUT, - dport => '53', - proto => 'udp', - action => 'accept', - } - firewall { '103 dhcp': - chain => INPUT, - dport => ['67','68'], - proto => 'udp', - action => 'accept', - } - firewall { '104 tftp': - chain => INPUT, - dport => '69', - proto => 'udp', - action => 'accept', - } - -} diff --git a/deployment/puppet/provision/manifests/named.pp b/deployment/puppet/provision/manifests/named.pp deleted file mode 100644 index ee940c9..0000000 --- a/deployment/puppet/provision/manifests/named.pp +++ /dev/null @@ -1,51 +0,0 @@ -class provision::named ( - $domain_name = $::provision::params::domain_name, - $dns_address = $::provision::params::dns_address, - $forwarders = $::provision::params::forwarders, - $ddns_key = $::provision::params::ddns_key, - $ddns_key_algorithm = $::provision::params::ddns_key_algorithm, - $ddns_key_name = $::provision::params::ddns_key_name, -) inherits provision::params { - - package { "named" : - name => $::provision::params::named_package, - } - - file { "/var/named" : - ensure => directory, - owner => 'named', - group => 'named', - mode => '0750', - require => Package["named"], - } - - file { $::provision::params::named_conf : - ensure => present, - content => template('provision/named.conf.erb'), - owner => 'named', - group => 'named', - mode => '0640', - require => Package["named"], - notify => Service["named"], - } - - file { "/var/named/${domain_name}" : - ensure => present, - content => template('provision/zone.erb'), - owner => 'named', - group => 'named', - mode => '0644', - require => Package["named"], - notify => Service["named"], - } - - service { "named" : - name => $::provision::params::named_service, - ensure => running, - enable => true, - hasrestart => false, - hasstatus => false, - require => Package["named"], - } - -} diff --git a/deployment/puppet/provision/manifests/params.pp b/deployment/puppet/provision/manifests/params.pp deleted file mode 100644 index 2bcae12..0000000 --- a/deployment/puppet/provision/manifests/params.pp +++ /dev/null @@ -1,36 +0,0 @@ -class provision::params { - case $::osfamily { - 'RedHat': { - $dhcpd_package = "dhcp" - $dhcpd_service = "dhcpd" - $dhcpd_conf = "/etc/dhcp/dhcpd.conf" - $dhcpd_conf_d = "/etc/dhcp/dhcpd.d" - $dhcpd_conf_extra = "/etc/dhcp/dhcpd.d/extra.conf" - $named_package = "bind" - $named_service = "named" - $named_conf = "/etc/named.conf" - } - default: { - fail("Unsupported osfamily ${::osfamily}") - } - } - $network_address = "10.20.0.0" - $network_mask = "255.255.255.0" - $broadcast_address = "10.20.0.255" - $start_address = "10.20.0.3" - $end_address = "10.20.0.254" - $router = "10.20.0.1" - $next_server = "10.20.0.2" - $dns_address = "10.20.0.2" - $forwarders = ["8.8.8.8", "8.8.4.4"] - $domain_name = "domain.tld" - $ddns_key = "VyCWe0kutrawqQ2WEFKkAw==" - $ddns_key_algorithm = "HMAC-MD5" - $ddns_key_name = "DHCP_UPDATE" - - $bootstrap_kernel_path = "/images/ubuntu_bootstrap/vmlinuz" - $bootstrap_initrd_path = "/images/ubuntu_bootstrap/initrd.img" - $bootstrap_kernel_params = "ksdevice=bootif lang= console=ttyS0,9600 console=tty0 toram locale=en_US text boot=live biosdevname=0 components ip=frommedia ethdevice-timeout=120 net.ifnames=1 panic=60" - $bootstrap_menu_label = "ubuntu_bootstrap" - -} diff --git a/deployment/puppet/provision/manifests/tftp.pp b/deployment/puppet/provision/manifests/tftp.pp deleted file mode 100644 index f05bd16..0000000 --- a/deployment/puppet/provision/manifests/tftp.pp +++ /dev/null @@ -1,95 +0,0 @@ -class provision::tftp ( - $bootstrap_kernel_params = $::provision::params::bootstrap_kernel_params, - $bootstrap_kernel_path = $::provision::params::bootstrap_kernel_path, - $bootstrap_initrd_path = $::provision::params::bootstrap_initrd_path, - $bootstrap_menu_label = $::provision::params::bootstrap_menu_label, - $chain32_files = [], -) inherits provision::params { - - Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'} - - case $::osfamily { - 'RedHat': { - $tftp_packages = ['xinetd', 'tftp-server', 'syslinux'] - - service { 'xinetd': - ensure => running, - enable => true, - hasrestart => true, - require => Package[$tftp_packages], - } - - file { '/etc/xinetd.conf': - content => template('provision/xinetd.conf.erb'), - owner => 'root', - group => 'root', - mode => '0600', - require => Package[$tftp_packages], - notify => Service['xinetd'], - } - - file { '/etc/xinetd.d/tftp' : - content => template('provision/tftp.xinetd.erb'), - owner => 'root', - group => 'root', - mode => '0644', - require => Package[$tftp_packages], - notify => Service['xinetd'], - } - - } - default : { - fail("Unsupported osfamily ${::osfamily}") - } - } - - ensure_packages($tftp_packages) - - file { ["/var/lib/tftpboot/images", "/var/lib/tftpboot/pxelinux.cfg"] : - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - require => Package[$tftp_packages], - } - - file { "/var/lib/tftpboot/pxelinux.cfg/default" : - ensure => present, - content => template("provision/tftp.default.erb"), - owner => 'root', - group => 'root', - mode => '0644', - require => File["/var/lib/tftpboot/pxelinux.cfg"], - } - - file { '/var/lib/tftpboot/chain.c32': - source => '/usr/share/syslinux/chain.c32', - require => Package[$tftp_packages], - } - - file { '/var/lib/tftpboot/pxelinux.0': - source => '/usr/share/syslinux/pxelinux.0', - require => Package[$tftp_packages], - } - - file { '/var/lib/tftpboot/menu.c32': - source => '/usr/share/syslinux/menu.c32', - require => Package[$tftp_packages], - } - - # TODO Create custom type that will remove all 01-* files that - # are not in the $chain32_files list - exec { 'remove /var/lib/tftpboot/pxelinux.cfg/01-* files' : - command => "find /var/lib/tftpboot/pxelinux.cfg -type f -name '01-*' -delete", - require => File["/var/lib/tftpboot/pxelinux.cfg"], - } -> - - file { $chain32_files : - ensure => present, - content => template("provision/tftp.chain32.erb"), - owner => 'root', - group => 'root', - mode => '0644', - require => File["/var/lib/tftpboot/pxelinux.cfg"], - } -} diff --git a/deployment/puppet/provision/templates/dhcpd.conf.erb b/deployment/puppet/provision/templates/dhcpd.conf.erb deleted file mode 100644 index 8120dc1..0000000 --- a/deployment/puppet/provision/templates/dhcpd.conf.erb +++ /dev/null @@ -1,69 +0,0 @@ -ddns-updates on; -update-static-leases on; -ddns-domainname "<%= @domain_name %>"; -ddns-update-style interim; -ignore client-updates; -update-static-leases true; - -key <%= @ddns_key_name %> { - algorithm <%= @ddns_key_algorithm %>; - secret <%= @ddns_key %>; -} - -local-address <%= @dns_address %>; -zone <%= @domain_name %>. { - primary <%= @dns_address %>; - key <%= @ddns_key_name %>; -} - -allow booting; -allow bootp; -set vendorclass = option vendor-class-identifier; -option pxe-system-type code 93 = unsigned integer 16; -default-lease-time 3600; -max-lease-time 3600; -log-facility local7; - -subnet <%= @network_address %> netmask <%= @network_mask %> { - range <%= @start_address %> <%= @end_address %>; - option domain-name-servers <%= @dns_address %>; - option domain-name "<%= @domain_name %>"; - option subnet-mask <%= @network_mask %>; - option routers <%= @router %>; - option broadcast-address <%= @broadcast_address %>; - next-server <%= @next_server %>; - ddns-hostname = pick(option fqdn.hostname,option host-name, concat("dhcp-",binary-to-ascii(10,8,"-", leased-address))); - class "pxeclients" { - match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; - filename "pxelinux.0"; - } -} - -<% if @known_hosts -%> -group { - - option domain-name-servers <%= @dns_address %>; - option domain-name "<%= @domain_name %>"; - option subnet-mask <%= @network_mask %>; - option routers <%= @router %>; - option broadcast-address <%= @broadcast_address %>; - next-server <%= @next_server %>; - class "pxeclients" { - match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; - filename "pxelinux.0"; - } - - <% @known_hosts.each do |host_name, host_data| -%> - host <%= host_data['dhcp_binding_params']['name'] %> { - hardware ethernet <%= host_data['dhcp_binding_params']['mac'] %>; - fixed-address <%= host_data['dhcp_binding_params']['ip_address'] %>; - ddns-hostname "<%= host_data['dhcp_binding_params']['name'].split('.')[0] %>"; - ddns-domainname "<%= @domain_name%>"; - option host-name "<%= host_data['dhcp_binding_params']['name'].split('.')[0] %>"; - option domain-name "<%= @domain_name %>"; - } - <% end -%> -} -<% end -%> - -include "<%= scope.lookupvar('::provision::params::dhcpd_conf_extra') %>"; diff --git a/deployment/puppet/provision/templates/named.conf.erb b/deployment/puppet/provision/templates/named.conf.erb deleted file mode 100644 index f612204..0000000 --- a/deployment/puppet/provision/templates/named.conf.erb +++ /dev/null @@ -1,32 +0,0 @@ -options { - listen-on port 53 { <%= @dns_address %>; }; - directory "/var/named"; - dump-file "/var/named/data/cache_dump.db"; - statistics-file "/var/named/data/named_stats.txt"; - memstatistics-file "/var/named/data/named_mem_stats.txt"; - recursion yes; - forward only; - forwarders { - <% @forwarders.each do |forwarder| -%> - <%= forwarder %>; - <% end -%> - }; -}; - -key <%= @ddns_key_name %> { - algorithm <%= @ddns_key_algorithm %>; - secret <%= @ddns_key %>; -}; - -logging { - channel default_debug { - file "data/named.run"; - severity dynamic; - }; -}; - -zone "<%= @domain_name %>." { - type master; - file "<%= @domain_name %>"; - allow-update { key <%= @ddns_key_name %>; }; -}; diff --git a/deployment/puppet/provision/templates/tftp.chain32.erb b/deployment/puppet/provision/templates/tftp.chain32.erb deleted file mode 100644 index fae5e43..0000000 --- a/deployment/puppet/provision/templates/tftp.chain32.erb +++ /dev/null @@ -1,8 +0,0 @@ -DEFAULT local -PROMPT 0 -TIMEOUT 0 -TOTALTIMEOUT 0 -ONTIMEOUT local - -LABEL local - COM32 chain.c32 diff --git a/deployment/puppet/provision/templates/tftp.default.erb b/deployment/puppet/provision/templates/tftp.default.erb deleted file mode 100644 index e1cee87..0000000 --- a/deployment/puppet/provision/templates/tftp.default.erb +++ /dev/null @@ -1,19 +0,0 @@ -DEFAULT menu -PROMPT 0 -MENU TITLE Boot menu -TIMEOUT 50 -TOTALTIMEOUT 0 -ONTIMEOUT <%= @bootstrap_menu_label %> - -LABEL local - MENU LABEL (local) - MENU DEFAULT - LOCALBOOT -1 - -LABEL <%= @bootstrap_menu_label %> - kernel <%= @bootstrap_kernel_path %> - MENU LABEL <%= @bootstrap_menu_label %> - append initrd=<%= @bootstrap_initrd_path %> <%= @bootstrap_kernel_params %> - ipappend 2 - -MENU end diff --git a/deployment/puppet/provision/templates/tftp.xinetd.erb b/deployment/puppet/provision/templates/tftp.xinetd.erb deleted file mode 100644 index bde8373..0000000 --- a/deployment/puppet/provision/templates/tftp.xinetd.erb +++ /dev/null @@ -1,13 +0,0 @@ -service tftp -{ - disable = no - socket_type = dgram - protocol = udp - wait = yes - user = root - server = /usr/sbin/in.tftpd - server_args = -B 1380 -v -s /var/lib/tftpboot - per_source = 11 - cps = 100 2 - flags = IPv4 -} diff --git a/deployment/puppet/provision/templates/xinetd.conf.erb b/deployment/puppet/provision/templates/xinetd.conf.erb deleted file mode 100644 index 0a90f33..0000000 --- a/deployment/puppet/provision/templates/xinetd.conf.erb +++ /dev/null @@ -1,17 +0,0 @@ -defaults -{ - log_type = SYSLOG daemon info - log_on_failure = HOST - log_on_success = PID HOST DURATION EXIT - - cps = 50 10 - instances = 50 - per_source = 10 - - v6only = no - - groups = yes - umask = 002 -} - -includedir /etc/xinetd.d diff --git a/deployment/puppet/provision/templates/zone.erb b/deployment/puppet/provision/templates/zone.erb deleted file mode 100644 index ea1b87a..0000000 --- a/deployment/puppet/provision/templates/zone.erb +++ /dev/null @@ -1,11 +0,0 @@ -$TTL 300 -@ IN SOA ns.<%= @domain_name %>. nobody.<%= @domain_name %>. ( - 2017021302 ; Serial - 600 ; Refresh - 1800 ; Retry - 604800 ; Expire - 300 ; TTL - ) - - IN NS ns.<%= @domain_name %>. -ns IN A <%= @dns_address %> diff --git a/graphs/provision/tasks.yaml b/graphs/provision/tasks.yaml index 3a21c87..68716ce 100644 --- a/graphs/provision/tasks.yaml +++ b/graphs/provision/tasks.yaml @@ -14,7 +14,7 @@ requires: [provision_start] required_for: [build_deploy_image] parameters: - path: /var/lib/fuel/configs/{CLUSTER_ID}/provision.yaml + path: /tmp/provision.yaml timeout: 180 data: #TODO: Replace dict($.items) to $ when LP1666913 is fixed @@ -40,27 +40,31 @@ requires: [upload_provision_info_master, generate_ironic_bootstrap_keys] required_for: [provision_end] parameters: - command_prefix: FACTER_cluster_id={CLUSTER_ID} puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/provision/build_image.pp puppet_modules: /etc/puppet/modules timeout: 3600 -- id: provision_master - type: puppet +- id: move_to_bootstrap + type: move_to_bootstrap version: 2.1.0 - role: ['master'] - requires: [upload_provision_info_master] - required_for: [build_deploy_image] + role: ['/.*/'] + requires: [provision_start, build_deploy_image] + required_for: [upload_provision_info] + cross-depends: + - name: build_deploy_image + role: master parameters: - puppet_manifest: /etc/puppet/modules/fuel/examples/provision.pp - puppet_modules: /etc/puppet/modules - timeout: 3600 + slave_name: + yaql_exp: '$.network_metadata.nodes.values().where($.uid = new($.uid)).name.first()' + provisioning_info: + yaql_exp: '$.provision' + timeout: 180 - id: upload_provision_info type: upload_file version: 2.1.0 role: ['/.*/'] - requires: [provision_master] + requires: [move_to_bootstrap] required_for: [system_provision] parameters: path: /tmp/provision.json @@ -72,8 +76,8 @@ type: shell version: 2.1.0 role: ['/.*/'] - requires: [provision_master, upload_provision_info] - required_for: [node_reboot] + requires: [move_to_bootstrap, upload_provision_info] + required_for: [cobbler_disable_netboot] cross-depends: - name: build_deploy_image role: master @@ -81,6 +85,19 @@ cmd: /usr/bin/provision timeout: 3600 +- id: cobbler_disable_netboot + type: master_shell + version: 2.1.0 + role: ['/.*/'] + requires: [system_provision] + required_for: [node_reboot] + parameters: + strategy: + type: one_by_one + cmd: + yaql_exp: 'concat("sh /etc/puppet/modules/osnailyfacter/modular/provision/netboot disable ", $.provision.name)' + timeout: 180 + - id: node_reboot type: reboot version: 2.1.0 diff --git a/tests/noop/spec/hosts/master/cobbler_spec.rb b/tests/noop/spec/hosts/master/cobbler_spec.rb new file mode 100644 index 0000000..f7c36fb --- /dev/null +++ b/tests/noop/spec/hosts/master/cobbler_spec.rb @@ -0,0 +1,79 @@ +require 'spec_helper' +require 'shared-examples' +require 'yaml' +manifest = 'master/cobbler.pp' + +# HIERA: master +# FACTS: master_centos7 + +describe manifest do + shared_examples 'catalog' do + let(:fuel_settings) do + YAML.load facts[:astute_settings_yaml] + end + + let(:bootstrap_settings) do + fuel_settings.fetch 'BOOTSTRAP', {} + end + + it 'should contain class "fuel::cobbler" with correct parameters' do + parameters = { + :cobbler_user => fuel_settings['cobbler']['user'], + :cobbler_password => fuel_settings['cobbler']['password'], + :bootstrap_path => bootstrap_settings.fetch('path', '/var/www/nailgun/bootstraps/active_bootstrap'), + # :bootstrap_meta => nil, + :server => fuel_settings['ADMIN_NETWORK']['ipaddress'], + :name_server => fuel_settings['ADMIN_NETWORK']['ipaddress'], + :next_server => fuel_settings['ADMIN_NETWORK']['ipaddress'], + :mco_user => fuel_settings['mcollective']['user'], + :mco_pass => fuel_settings['mcollective']['password'], + :dns_upstream => [fuel_settings['DNS_UPSTREAM']], + :dns_domain => fuel_settings['DNS_DOMAIN'], + :dns_search => fuel_settings['DNS_SEARCH'], + :dhcp_ipaddress => fuel_settings['ADMIN_NETWORK']['ipaddress'], + :nailgun_api_url => "http://#{fuel_settings['ADMIN_NETWORK']['ipaddress']}:8000/api", + :bootstrap_ethdevice_timeout => bootstrap_settings.fetch('ethdevice_timeout', '120'), + } + is_expected.to contain_class('fuel::cobbler').with parameters + end + + it { is_expected.to contain_file '/etc/resolv.conf' } + + %w(httpd cobblerd xinetd).each do |service| + it "should containt '#{service}' fuel::systemd service with correct parameters" do + parameters = { + :start => true, + :template_path => 'fuel/systemd/restart_template.erb', + :config_name => 'restart.conf', + } + is_expected.to contain_fuel__systemd(service).with parameters + end + end + + it "should containt dnsmasq fuel::systemd service with correct parameters" do + parameters = { + :start => true, + :template_path => 'fuel/systemd/dnsmasq_template.erb', + :config_name => 'restart.conf', + } + is_expected.to contain_fuel__systemd('dnsmasq').with parameters + end + + it 'should declare the "fuel::dnsmasq::dhcp_range" with "default" title and correct parameters' do + parameters = { + :dhcp_start_address => fuel_settings['ADMIN_NETWORK']['dhcp_pool_start'], + :dhcp_end_address => fuel_settings['ADMIN_NETWORK']['dhcp_pool_end'], + :dhcp_netmask => fuel_settings['ADMIN_NETWORK']['netmask'], + :dhcp_gateway => fuel_settings['ADMIN_NETWORK']['dhcp_gateway'], + :next_server => fuel_settings['ADMIN_NETWORK']['ipaddress'], + :listen_address => fuel_settings['ADMIN_NETWORK']['ipaddress'], + } + is_expected.to contain_fuel__dnsmasq__dhcp_range('default').with parameters + is_expected.to contain_fuel__dnsmasq__dhcp_range('default').that_notifies 'Service[dnsmasq]' + end + + it { is_expected.to contain_cobbler_profile('ubuntu_bootstrap').with_kopts(/\bip=frommedia\b/) } + + end + run_test manifest +end diff --git a/tests/noop/spec/hosts/master/dhcp-ranges_spec.rb b/tests/noop/spec/hosts/master/dhcp-ranges_spec.rb new file mode 100644 index 0000000..b34675b --- /dev/null +++ b/tests/noop/spec/hosts/master/dhcp-ranges_spec.rb @@ -0,0 +1,17 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'master/dhcp-ranges.pp' + +# HIERA: master +# FACTS: master_centos7 + +describe manifest do + shared_examples 'catalog' do + context 'with empty admin_networks' do + it 'should not create any dhcp ranges' do + is_expected.to have_nailgun__dnsmasq__dhcp_range_resource_count 0 + end + end + end + run_test manifest +end diff --git a/tests/noop/spec/hosts/master/host_spec.rb b/tests/noop/spec/hosts/master/host_spec.rb index 9937ff3..66c3b4b 100644 --- a/tests/noop/spec/hosts/master/host_spec.rb +++ b/tests/noop/spec/hosts/master/host_spec.rb @@ -263,6 +263,8 @@ describe manifest do should contain_firewall('102 dns_udp') should contain_firewall('103 dhcp') should contain_firewall('104 tftp') + should contain_firewall('105 squidproxy') + should contain_firewall('106 cobbler_web') end it 'should declare "openstack::clocksync" class with parameters' do