aboutsummaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible/kubernetes/roles/setup-k8s-network')
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/check_network.py70
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/log.py52
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/net_init24
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/setup_networks.py93
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml66
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ifcfg-eth.j211
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/my_configs.debian14
-rw-r--r--deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/network.cfg5
8 files changed, 335 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/check_network.py b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/check_network.py
new file mode 100644
index 00000000..ffdafcd3
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/check_network.py
@@ -0,0 +1,70 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+import yaml
+import sys
+import subprocess
+
+import log as logging
+
+LOG = logging.getLogger("net-check")
+
+
+def is_ip_reachable(ip):
+ cmd = "ping -c 2 %s" % ip
+ process = subprocess.Popen(
+ cmd,
+ stdout=subprocess.PIPE,
+ stderr=None,
+ shell=True)
+
+ output = process.communicate()[0]
+ if " 0% packet loss" in output:
+ LOG.info("%s is reachable", ip)
+ elif "100% packet loss" in output:
+ LOG.error("%s is unreachable" % (ip))
+ return False
+ else:
+ LOG.warn("%r", output)
+
+ return True
+
+
+def is_host_ips_reachable(settings):
+ external = settings["external"]["ip"]
+ external_gw = settings["external"]["gw"]
+ # storage = settings["storage"]["ip"]
+ mgmt = settings["mgmt"]["ip"]
+
+ return is_ip_reachable(external) \
+ and is_ip_reachable(external_gw) \
+ and is_ip_reachable(mgmt)
+
+
+def main(hostname, config):
+ LOG.info("host is %s", hostname)
+
+ result = True
+
+ for host, settings in config.iteritems():
+ LOG.info("check %s network connectivity start", host)
+ result = result and is_host_ips_reachable(settings)
+
+ if result:
+ LOG.info("All hosts ips are reachable")
+ else:
+ LOG.error("Some hosts ips are unreachable !!!")
+ sys.exit(-1)
+
+if __name__ == "__main__":
+ hostname = yaml.load(sys.argv[1])
+ config = yaml.load(sys.argv[2])
+ config.pop(hostname, None)
+
+ main(hostname, config)
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/log.py b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/log.py
new file mode 100644
index 00000000..422931bc
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/log.py
@@ -0,0 +1,52 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+import logging
+import os
+loggers = {}
+log_dir = "/var/log/setup_network"
+try:
+ os.makedirs(log_dir)
+except:
+ pass
+
+
+def getLogger(name):
+ if name in loggers:
+ return loggers[name]
+
+ logger = logging.getLogger(name)
+ logger.setLevel(logging.DEBUG)
+
+ # create file handler which logs even debug messages
+ log_file = "%s/%s.log" % (log_dir, name)
+ try:
+ os.remove(log_file)
+ except:
+ pass
+
+ fh = logging.FileHandler(log_file)
+ fh.setLevel(logging.DEBUG)
+
+ # create console handler with a higher log level
+ ch = logging.StreamHandler()
+ ch.setLevel(logging.ERROR)
+
+ # create formatter and add it to the handlers
+ formatter = logging.Formatter(
+ "%(asctime)s - %(name)s - %(levelname)s - %(message)s")
+ ch.setFormatter(formatter)
+ fh.setFormatter(formatter)
+
+ # add the handlers to logger
+ logger.addHandler(ch)
+ logger.addHandler(fh)
+
+ loggers[name] = logger
+ return logger
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/net_init b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/net_init
new file mode 100644
index 00000000..41ccb988
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/net_init
@@ -0,0 +1,24 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: anamon.init
+# Required-Start: $network
+# Required-Stop:
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Starts the cobbler anamon boot notification program
+# Description: anamon runs the first time a machine is booted after installation.
+### END INIT INFO
+
+
+
+#
+# anamon.init: Starts the cobbler post-install boot notification program
+#
+# chkconfig: 35 0 6
+#
+# description: anamon runs the first time a machine is booted after
+# installation.
+#
+python /opt/setup_networks/setup_networks.py
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/setup_networks.py b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/setup_networks.py
new file mode 100644
index 00000000..ab13e088
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/files/setup_networks/setup_networks.py
@@ -0,0 +1,93 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+import yaml
+import netaddr
+import os
+import log as logging
+
+LOG = logging.getLogger("net-init")
+config_path = os.path.join(os.path.dirname(__file__), "network.cfg")
+
+
+def setup_bondings(bond_mappings):
+ print bond_mappings
+
+
+def add_vlan_link(interface, ifname, vlan_id):
+ LOG.info("add_vlan_link enter")
+ cmd = "ip link add link %s name %s type vlan id %s; " % (
+ ifname, interface, vlan_id)
+ cmd += "ip link set %s up; ip link set %s up" % (interface, ifname)
+ LOG.info("add_vlan_link: cmd=%s" % cmd)
+ os.system(cmd)
+
+
+def add_ovs_port(ovs_br, ifname, uplink, vlan_id=None):
+ LOG.info("add_ovs_port enter")
+ cmd = "ovs-vsctl --may-exist add-port %s %s" % (ovs_br, ifname)
+ if vlan_id:
+ cmd += " tag=%s" % vlan_id
+ cmd += " -- set Interface %s type=internal;" % ifname
+ cmd += "ip link set dev %s address \
+ `ip link show %s |awk '/link\/ether/{print $2}'`;" % (ifname, uplink)
+ cmd += "ip link set %s up;" % ifname
+ LOG.info("add_ovs_port: cmd=%s" % cmd)
+ os.system(cmd)
+
+
+def setup_intfs(sys_intf_mappings, uplink_map):
+ LOG.info("setup_intfs enter")
+ for intf_name, intf_info in sys_intf_mappings.items():
+ if intf_info["type"] == "vlan":
+ add_vlan_link(
+ intf_name,
+ intf_info["interface"],
+ intf_info["vlan_tag"])
+ elif intf_info["type"] == "ovs":
+ add_ovs_port(
+ intf_info["interface"],
+ intf_name,
+ uplink_map[intf_info["interface"]],
+ vlan_id=intf_info.get("vlan_tag"))
+ else:
+ pass
+
+
+def setup_ips(ip_settings, sys_intf_mappings):
+ LOG.info("setup_ips enter")
+ for intf_info in ip_settings.values():
+ network = netaddr.IPNetwork(intf_info["cidr"])
+ if sys_intf_mappings[intf_info["name"]]["type"] == "ovs":
+ intf_name = intf_info["name"]
+ else:
+ intf_name = intf_info["alias"]
+ cmd = "ip addr add %s/%s brd %s dev %s;" \
+ % (intf_info["ip"], intf_info["netmask"], str(network.broadcast), intf_name) # noqa
+ if "gw" in intf_info:
+ cmd += "route del default;"
+ cmd += "ip route add default via %s dev %s" % (
+ intf_info["gw"], intf_name)
+ LOG.info("setup_ips: cmd=%s" % cmd)
+ os.system(cmd)
+
+
+def main(config):
+ uplink_map = {}
+ setup_bondings(config["bond_mappings"])
+ for provider_net in config["provider_net_mappings"]:
+ uplink_map[provider_net['name']] = provider_net['interface']
+
+ setup_intfs(config["sys_intf_mappings"], uplink_map)
+ setup_ips(config["ip_settings"], config["sys_intf_mappings"])
+
+if __name__ == "__main__":
+ os.system("service openvswitch-switch status|| service openvswitch-switch start") # noqa
+ config = yaml.load(open(config_path))
+ main(config)
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml
new file mode 100644
index 00000000..c59fdfc5
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/main.yml
@@ -0,0 +1,66 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+- name: disable NetworkManager
+ service: name=NetworkManager state=stopped enabled=no
+ when: ansible_os_family == 'RedHat'
+
+- name: enable network service
+ service: name=network state=started enabled=yes
+ when: ansible_os_family == 'RedHat'
+
+- name: ensure script dir exist
+ shell: mkdir -p /opt/setup_networks
+
+- name: copy scripts
+ copy: src={{ item }} dest=/opt/setup_networks
+ with_items:
+ - setup_networks/log.py
+ - setup_networks/setup_networks.py
+ - setup_networks/check_network.py
+ tags:
+ - network_check
+
+
+- name: copy config files
+ template: src=network.cfg dest=/opt/setup_networks
+
+- name: config external nic
+ template:
+ src: ifcfg-eth.j2
+ dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["external"]["interface"]}}
+
+- name: remove defualt gw
+ lineinfile:
+ dest: /etc/sysconfig/network
+ regexp: "^GATEWAY=*"
+ state: absent
+
+- name: restart the network
+ shell: systemctl restart network
+
+- name: make sure python lib exist
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items:
+ - python-yaml
+ - python-netaddr
+
+- name: check basic network connectivity
+ shell: >
+ python /opt/setup_networks/check_network.py \
+ "{{ inventory_hostname }}" \
+ "{{ ip_settings | to_json }}"
+ register: result
+ until: result.stderr.find('unreachable')==-1
+ retries: 3
+ delay: 2
+ tags:
+ - network_check
+
+- meta: flush_handlers
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ifcfg-eth.j2 b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ifcfg-eth.j2
new file mode 100644
index 00000000..78afa052
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/ifcfg-eth.j2
@@ -0,0 +1,11 @@
+DEVICE={{ sys_intf_mappings["external"]["interface"]}}
+TYPE=Ethernet
+IPADDR={{ ip_settings[inventory_hostname]["external"]["ip"] }}
+PREFIX={{ ip_settings[inventory_hostname]["external"]["netmask"] }}
+GATEWAY={{ ip_settings[inventory_hostname]["external"]["gw"] }}
+BOOTPROTO=none
+ONBOOT=yes
+DELAY=0
+DEFROUTE="yes"
+DNS1=8.8.8.8
+DNS2=8.8.4.4
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/my_configs.debian b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/my_configs.debian
new file mode 100644
index 00000000..5ab1519b
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/my_configs.debian
@@ -0,0 +1,14 @@
+{%- for alias, intf in host_ip_settings.items() %}
+
+auto {{ alias }}
+iface {{ alias }} inet static
+ address {{ intf["ip"] }}
+ netmask {{ intf["netmask"] }}
+{% if "gw" in intf %}
+ gateway {{ intf["gw"] }}
+{% endif %}
+{% if intf["name"] == alias %}
+ pre-up ip link set {{ sys_intf_mappings[alias]["interface"] }} up
+ pre-up ip link add link {{ sys_intf_mappings[alias]["interface"] }} name {{ alias }} type vlan id {{ sys_intf_mappings[alias]["vlan_tag"] }}
+{% endif %}
+{% endfor %}
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/network.cfg b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/network.cfg
new file mode 100644
index 00000000..cf271ad6
--- /dev/null
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/templates/network.cfg
@@ -0,0 +1,5 @@
+bond_mappings: {{ network_cfg["bond_mappings"] | to_json }}
+ip_settings: {{ ip_settings[inventory_hostname] | to_json }}
+sys_intf_mappings: {{ sys_intf_mappings | to_json }}
+provider_net_mappings: {{ network_cfg["provider_net_mappings"] | to_json }}
+