diff options
Diffstat (limited to 'deploy/adapters/ansible/kubernetes/roles/setup-k8s-network')
8 files changed, 335 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/check_network.py b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/check_network.py new file mode 100644 index 00000000..ffdafcd3 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/check_network.py @@ -0,0 +1,70 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +import yaml +import sys +import subprocess + +import log as logging + +LOG = logging.getLogger("net-check") + + +def is_ip_reachable(ip): + cmd = "ping -c 2 %s" % ip + process = subprocess.Popen( + cmd, + stdout=subprocess.PIPE, + stderr=None, + shell=True) + + output = process.communicate()[0] + if " 0% packet loss" in output: + LOG.info("%s is reachable", ip) + elif "100% packet loss" in output: + LOG.error("%s is unreachable" % (ip)) + return False + else: + LOG.warn("%r", output) + + return True + + +def is_host_ips_reachable(settings): + external = settings["external"]["ip"] + external_gw = settings["external"]["gw"] + # storage = settings["storage"]["ip"] + mgmt = settings["mgmt"]["ip"] + + return is_ip_reachable(external) \ + and is_ip_reachable(external_gw) \ + and is_ip_reachable(mgmt) + + +def main(hostname, config): + LOG.info("host is %s", hostname) + + result = True + + for host, settings in config.iteritems(): + LOG.info("check %s network connectivity start", host) + result = result and is_host_ips_reachable(settings) + + if result: + LOG.info("All hosts ips are reachable") + else: + LOG.error("Some hosts ips are unreachable !!!") + sys.exit(-1) + +if __name__ == "__main__": + hostname = yaml.load(sys.argv[1]) + config = yaml.load(sys.argv[2]) + config.pop(hostname, None) + + main(hostname, config) diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/log.py b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/log.py new file mode 100644 index 00000000..422931bc --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/log.py @@ -0,0 +1,52 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +import logging +import os +loggers = {} +log_dir = "/var/log/setup_network" +try: + os.makedirs(log_dir) +except: + pass + + +def getLogger(name): + if name in loggers: + return loggers[name] + + logger = logging.getLogger(name) + logger.setLevel(logging.DEBUG) + + # create file handler which logs even debug messages + log_file = "%s/%s.log" % (log_dir, name) + try: + os.remove(log_file) + except: + pass + + fh = logging.FileHandler(log_file) + fh.setLevel(logging.DEBUG) + + # create console handler with a higher log level + ch = logging.StreamHandler() + ch.setLevel(logging.ERROR) + + # create formatter and add it to the handlers + formatter = logging.Formatter( + "%(asctime)s - %(name)s - %(levelname)s - %(message)s") + ch.setFormatter(formatter) + fh.setFormatter(formatter) + + # add the handlers to logger + logger.addHandler(ch) + logger.addHandler(fh) + + loggers[name] = logger + return logger diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/net_init b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/net_init new file mode 100644 index 00000000..41ccb988 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/net_init @@ -0,0 +1,24 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: anamon.init +# Required-Start: $network +# Required-Stop: +# Should-Start: +# Should-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Starts the cobbler anamon boot notification program +# Description: anamon runs the first time a machine is booted after installation. +### END INIT INFO + + + +# +# anamon.init: Starts the cobbler post-install boot notification program +# +# chkconfig: 35 0 6 +# +# description: anamon runs the first time a machine is booted after +# installation. +# +python /opt/setup_networks/setup_networks.py diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/setup_networks.py b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/setup_networks.py new file mode 100644 index 00000000..ab13e088 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/setup_networks.py @@ -0,0 +1,93 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +import yaml +import netaddr +import os +import log as logging + +LOG = logging.getLogger("net-init") +config_path = os.path.join(os.path.dirname(__file__), "network.cfg") + + +def setup_bondings(bond_mappings): + print bond_mappings + + +def add_vlan_link(interface, ifname, vlan_id): + LOG.info("add_vlan_link enter") + cmd = "ip link add link %s name %s type vlan id %s; " % ( + ifname, interface, vlan_id) + cmd += "ip link set %s up; ip link set %s up" % (interface, ifname) + LOG.info("add_vlan_link: cmd=%s" % cmd) + os.system(cmd) + + +def add_ovs_port(ovs_br, ifname, uplink, vlan_id=None): + LOG.info("add_ovs_port enter") + cmd = "ovs-vsctl --may-exist add-port %s %s" % (ovs_br, ifname) + if vlan_id: + cmd += " tag=%s" % vlan_id + cmd += " -- set Interface %s type=internal;" % ifname + cmd += "ip link set dev %s address \ + `ip link show %s |awk '/link\/ether/{print $2}'`;" % (ifname, uplink) + cmd += "ip link set %s up;" % ifname + LOG.info("add_ovs_port: cmd=%s" % cmd) + os.system(cmd) + + +def setup_intfs(sys_intf_mappings, uplink_map): + LOG.info("setup_intfs enter") + for intf_name, intf_info in sys_intf_mappings.items(): + if intf_info["type"] == "vlan": + add_vlan_link( + intf_name, + intf_info["interface"], + intf_info["vlan_tag"]) + elif intf_info["type"] == "ovs": + add_ovs_port( + intf_info["interface"], + intf_name, + uplink_map[intf_info["interface"]], + vlan_id=intf_info.get("vlan_tag")) + else: + pass + + +def setup_ips(ip_settings, sys_intf_mappings): + LOG.info("setup_ips enter") + for intf_info in ip_settings.values(): + network = netaddr.IPNetwork(intf_info["cidr"]) + if sys_intf_mappings[intf_info["name"]]["type"] == "ovs": + intf_name = intf_info["name"] + else: + intf_name = intf_info["alias"] + cmd = "ip addr add %s/%s brd %s dev %s;" \ + % (intf_info["ip"], intf_info["netmask"], str(network.broadcast), intf_name) # noqa + if "gw" in intf_info: + cmd += "route del default;" + cmd += "ip route add default via %s dev %s" % ( + intf_info["gw"], intf_name) + LOG.info("setup_ips: cmd=%s" % cmd) + os.system(cmd) + + +def main(config): + uplink_map = {} + setup_bondings(config["bond_mappings"]) + for provider_net in config["provider_net_mappings"]: + uplink_map[provider_net['name']] = provider_net['interface'] + + setup_intfs(config["sys_intf_mappings"], uplink_map) + setup_ips(config["ip_settings"], config["sys_intf_mappings"]) + +if __name__ == "__main__": + os.system("service openvswitch-switch status|| service openvswitch-switch start") # noqa + config = yaml.load(open(config_path)) + main(config) diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml new file mode 100644 index 00000000..c59fdfc5 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml @@ -0,0 +1,66 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: disable NetworkManager + service: name=NetworkManager state=stopped enabled=no + when: ansible_os_family == 'RedHat' + +- name: enable network service + service: name=network state=started enabled=yes + when: ansible_os_family == 'RedHat' + +- name: ensure script dir exist + shell: mkdir -p /opt/setup_networks + +- name: copy scripts + copy: src={{ item }} dest=/opt/setup_networks + with_items: + - setup_networks/log.py + - setup_networks/setup_networks.py + - setup_networks/check_network.py + tags: + - network_check + + +- name: copy config files + template: src=network.cfg dest=/opt/setup_networks + +- name: config external nic + template: + src: ifcfg-eth.j2 + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["external"]["interface"]}} + +- name: remove defualt gw + lineinfile: + dest: /etc/sysconfig/network + regexp: "^GATEWAY=*" + state: absent + +- name: restart the network + shell: systemctl restart network + +- name: make sure python lib exist + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - python-yaml + - python-netaddr + +- name: check basic network connectivity + shell: > + python /opt/setup_networks/check_network.py \ + "{{ inventory_hostname }}" \ + "{{ ip_settings | to_json }}" + register: result + until: result.stderr.find('unreachable')==-1 + retries: 3 + delay: 2 + tags: + - network_check + +- meta: flush_handlers diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ifcfg-eth.j2 b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ifcfg-eth.j2 new file mode 100644 index 00000000..78afa052 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ifcfg-eth.j2 @@ -0,0 +1,11 @@ +DEVICE={{ sys_intf_mappings["external"]["interface"]}}
+TYPE=Ethernet
+IPADDR={{ ip_settings[inventory_hostname]["external"]["ip"] }}
+PREFIX={{ ip_settings[inventory_hostname]["external"]["netmask"] }}
+GATEWAY={{ ip_settings[inventory_hostname]["external"]["gw"] }}
+BOOTPROTO=none
+ONBOOT=yes
+DELAY=0
+DEFROUTE="yes"
+DNS1=8.8.8.8
+DNS2=8.8.4.4
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/my_configs.debian b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/my_configs.debian new file mode 100644 index 00000000..5ab1519b --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/my_configs.debian @@ -0,0 +1,14 @@ +{%- for alias, intf in host_ip_settings.items() %} + +auto {{ alias }} +iface {{ alias }} inet static + address {{ intf["ip"] }} + netmask {{ intf["netmask"] }} +{% if "gw" in intf %} + gateway {{ intf["gw"] }} +{% endif %} +{% if intf["name"] == alias %} + pre-up ip link set {{ sys_intf_mappings[alias]["interface"] }} up + pre-up ip link add link {{ sys_intf_mappings[alias]["interface"] }} name {{ alias }} type vlan id {{ sys_intf_mappings[alias]["vlan_tag"] }} +{% endif %} +{% endfor %} diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/network.cfg b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/network.cfg new file mode 100644 index 00000000..cf271ad6 --- /dev/null +++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/network.cfg @@ -0,0 +1,5 @@ +bond_mappings: {{ network_cfg["bond_mappings"] | to_json }} +ip_settings: {{ ip_settings[inventory_hostname] | to_json }} +sys_intf_mappings: {{ sys_intf_mappings | to_json }} +provider_net_mappings: {{ network_cfg["provider_net_mappings"] | to_json }} + |