diff options
Diffstat (limited to 'deploy/adapters/ansible/roles')
42 files changed, 633 insertions, 50 deletions
diff --git a/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 b/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 index b23550f9..e7b79436 100644 --- a/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 +++ b/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 @@ -64,13 +64,13 @@ iface br-external inet static gateway {{ ip_settings[inventory_hostname]["external"]["gw"] }} offload-sg off # Create veth pair, don't bomb if already exists - pre-up ip link add br-vlan-veth type veth peer name eth12 || true + pre-up ip link add external-veth type veth peer name external-nic || true # Set both ends UP - pre-up ip link set br-vlan-veth up - pre-up ip link set eth12 up + pre-up ip link set external-veth up + pre-up ip link set external-nic up # Delete veth pair on DOWN - post-down ip link del br-vlan-veth || true - bridge_ports br-vlan-veth + post-down ip link del external-veth || true + bridge_ports external-veth # VXLAN (tunnel/overlay) bridge config auto br-tenant diff --git a/deploy/adapters/ansible/roles/config-controller/templates/controller.j2 b/deploy/adapters/ansible/roles/config-controller/templates/controller.j2 index 4e444eca..99d62876 100755 --- a/deploy/adapters/ansible/roles/config-controller/templates/controller.j2 +++ b/deploy/adapters/ansible/roles/config-controller/templates/controller.j2 @@ -62,6 +62,15 @@ iface br-external inet static address {{ ip_settings[inventory_hostname]["external"]["ip"] }} netmask 255.255.255.0 gateway {{ ip_settings[inventory_hostname]["external"]["gw"] }} + offload-sg off + # Create veth pair, don't bomb if already exists + pre-up ip link add external-veth type veth peer name external-nic || true + # Set both ends UP + pre-up ip link set external-veth up + pre-up ip link set external-nic up + # Delete veth pair on DOWN + post-down ip link del external-veth || true + bridge_ports external-veth # OpenStack Networking VXLAN (tunnel/overlay) bridge # @@ -71,11 +80,13 @@ iface br-external inet static # bridge. # auto br-tenant -iface br-tenant inet manual +iface br-tenant inet static bridge_stp off bridge_waitport 0 bridge_fd 0 bridge_ports {{ intf_tenant }} + address {{ ip_settings[inventory_hostname]["tenant"]["ip"] }} + netmask 255.255.255.0 # Storage bridge auto br-storage diff --git a/deploy/adapters/ansible/roles/config-osa/files/chrony.conf.j2 b/deploy/adapters/ansible/roles/config-osa/files/chrony.conf.j2 index 1c2443e0..d58f9115 100644 --- a/deploy/adapters/ansible/roles/config-osa/files/chrony.conf.j2 +++ b/deploy/adapters/ansible/roles/config-osa/files/chrony.conf.j2 @@ -98,7 +98,5 @@ rtconutc # Listen for NTP requests only on local interfaces. port 0 bindcmdaddress 127.0.0.1 -{% if not security_disable_ipv6 | bool %} bindcmdaddress ::1 {% endif %} -{% endif %} diff --git a/deploy/adapters/ansible/roles/config-osa/files/collect-log.sh b/deploy/adapters/ansible/roles/config-osa/files/collect-log.sh new file mode 100755 index 00000000..7f51a2c3 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-osa/files/collect-log.sh @@ -0,0 +1,17 @@ +#!/bin/bash +############################################################################## +# Copyright (c) 2018 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +set -o errexit +set -o nounset +set -o pipefail + +SCRIPT_PATH="$(dirname $(realpath ${BASH_SOURCE[0]}))" + +openstack-ansible $SCRIPT_PATH/collect-log.yml diff --git a/deploy/adapters/ansible/roles/config-osa/files/collect-log.yml b/deploy/adapters/ansible/roles/config-osa/files/collect-log.yml new file mode 100644 index 00000000..6e6f9e5a --- /dev/null +++ b/deploy/adapters/ansible/roles/config-osa/files/collect-log.yml @@ -0,0 +1,32 @@ +--- +############################################################################## +# Copyright (c) 2018 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- name: Collect log + hosts: rsyslog[0] + user: root + tasks: + - name: ensure log directory exist + stat: + path: /var/log/log-storage + register: log_dir + + - name: compress log directory + archive: + path: "{{ log_dir.stat.path }}" + dest: "{{ log_dir.stat.path }}/log.tar.gz" + format: gz + when: log_dir.stat.exists is defined and log_dir.stat.exists + + - name: fetch the log tarball + fetch: + src: "{{ log_dir.stat.path }}/log.tar.gz" + dest: /opt/log.tar.gz + flat: "yes" + when: log_dir.stat.exists is defined and log_dir.stat.exists diff --git a/deploy/adapters/ansible/roles/config-osa/files/haproxy.yml b/deploy/adapters/ansible/roles/config-osa/files/haproxy.yml index 3085f6aa..a0a09e49 100644 --- a/deploy/adapters/ansible/roles/config-osa/files/haproxy.yml +++ b/deploy/adapters/ansible/roles/config-osa/files/haproxy.yml @@ -261,3 +261,14 @@ haproxy_default_services: haproxy_backend_options: - "httpchk GET /" haproxy_whitelist_networks: "{{ haproxy_octavia_whitelist_networks }}" + + - service: + haproxy_service_name: tacker + haproxy_backend_nodes: "{{ groups['tacker_all'] | default([]) }}" + haproxy_ssl: "{{ haproxy_ssl }}" + haproxy_port: 9890 + haproxy_balance_type: http + haproxy_backend_options: + - "forwardfor" + - "httpchk" + - "httplog" diff --git a/deploy/adapters/ansible/roles/config-osa/files/lxc_cache_prestage.patch b/deploy/adapters/ansible/roles/config-osa/files/lxc_cache_prestage.patch new file mode 100644 index 00000000..14f5f5f0 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-osa/files/lxc_cache_prestage.patch @@ -0,0 +1,11 @@ +--- lxc_cache_prestage.yml 2018-07-24 07:56:22.480369360 +0000 ++++ /tmp/lxc_cache_prestage.yml 2018-07-24 08:17:44.665880308 +0000 +@@ -66,7 +66,7 @@ + --dir=/tmp + --out=rootfs.tar.xz + --check-certificate={{ (lxc_hosts_validate_certs | bool) | lower }} +- {% for server in lxc_image_cache_server_mirrors %}{{ server }}{{ lxc_images[0].split(';')[-1] }}rootfs.tar.xz {% endfor %} ++ http://192.168.137.222/download/rootfs.tar.xz + > /var/log/aria2c-image-prestage.log 2>&1 + args: + warn: no diff --git a/deploy/adapters/ansible/roles/config-osa/files/op-venv-script.sh b/deploy/adapters/ansible/roles/config-osa/files/op-venv-script.sh index fb197555..3fcab155 100644 --- a/deploy/adapters/ansible/roles/config-osa/files/op-venv-script.sh +++ b/deploy/adapters/ansible/roles/config-osa/files/op-venv-script.sh @@ -1,3 +1,12 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + #!/usr/local/env bash set -ev diff --git a/deploy/adapters/ansible/roles/config-osa/files/polling.yaml b/deploy/adapters/ansible/roles/config-osa/files/polling.yaml new file mode 100644 index 00000000..631e3687 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-osa/files/polling.yaml @@ -0,0 +1,6 @@ +--- +sources: + - name: all_pollsters + interval: 300 + meters: + - "*" diff --git a/deploy/adapters/ansible/roles/config-osa/files/redhat-7.yml b/deploy/adapters/ansible/roles/config-osa/files/redhat-7.yml new file mode 100644 index 00000000..ccfe7da2 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-osa/files/redhat-7.yml @@ -0,0 +1,5 @@ +--- + +tacker_distro_packages: + - rsync + - git-core diff --git a/deploy/adapters/ansible/roles/config-osa/files/user_ceph.yml b/deploy/adapters/ansible/roles/config-osa/files/user_ceph.yml index 9d5f13a9..6daa1436 100644 --- a/deploy/adapters/ansible/roles/config-osa/files/user_ceph.yml +++ b/deploy/adapters/ansible/roles/config-osa/files/user_ceph.yml @@ -14,3 +14,13 @@ cinder_backends: rbd_user: cinder rbd_secret_uuid: "{{ cinder_ceph_client_uuid }}" report_discard_supported: true + +gnocchi_storage_driver: ceph +gnocchi_ceph_pool: "metrics" +ceph_extra_components: + - component: gnocchi_api + package: + - "{{ python_ceph_package }}" + client: + - '{{ gnocchi_ceph_client }}' + service: '{{ ceph_gnocchi_service_names }}' diff --git a/deploy/adapters/ansible/roles/config-osa/tasks/fix_pip_version.yml b/deploy/adapters/ansible/roles/config-osa/tasks/fix_pip_version.yml index 61d263b4..6ec8425b 100644 --- a/deploy/adapters/ansible/roles/config-osa/tasks/fix_pip_version.yml +++ b/deploy/adapters/ansible/roles/config-osa/tasks/fix_pip_version.yml @@ -18,8 +18,15 @@ regexp: '^ - python-ldap' line: ' - python-ldap==2.5.2' -- name: add pkgconfig in gnocchi requires pip packages +- name: add pbr in gnocchi requires pip packages lineinfile: dest: /etc/ansible/roles/repo_build/defaults/main.yml insertafter: "repo_pip_packages:" - line: ' - pkgconfig' + line: ' - pbr' + +- name: create user config file to control pip version + copy: + content: | + pip_packages: + - pip==9.0.1 + dest: /etc/openstack_deploy/user_fixpip.yml diff --git a/deploy/adapters/ansible/roles/config-osa/tasks/fix_rescue.yml b/deploy/adapters/ansible/roles/config-osa/tasks/fix_rescue.yml index ff7d4250..c73aceb7 100644 --- a/deploy/adapters/ansible/roles/config-osa/tasks/fix_rescue.yml +++ b/deploy/adapters/ansible/roles/config-osa/tasks/fix_rescue.yml @@ -28,7 +28,7 @@ - name: fix rescue problem for lxc-hosts-setup blockinfile: - dest: "/opt/openstack-ansible/playbooks/lxc-hosts-setup.yml" + dest: "/opt/openstack-ansible/playbooks/containers-lxc-host.yml" block: | - hosts: localhost user: root @@ -38,7 +38,7 @@ - name: delete max_fail_percentage for lxc-hosts-setup lineinfile: - dest: "/opt/openstack-ansible/playbooks/lxc-hosts-setup.yml" + dest: "/opt/openstack-ansible/playbooks/containers-lxc-host.yml" regexp: "max_fail_percentage*" state: absent diff --git a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml index f9eef749..ab2714a9 100755 --- a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml +++ b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml @@ -163,7 +163,7 @@ - name: remove repo_build_pip_no_binary lineinfile: - dest: /opt/openstack-ansible/group_vars/repo_all.yml + dest: /opt/openstack-ansible/inventory/group_vars/repo_all.yml state: absent regexp: "{{ item }}" with_items: ['^repo_build_pip_no_binary:', '^ - libvirt-python'] @@ -332,16 +332,105 @@ when: - "{{ hostvars[inventory_hostname]['groups']['controller'] | length < 2 }}" +- name: copy collect-log.sh to /opt + copy: + src: collect-log.sh + dest: /opt/collect-log.sh + +- name: copy collect-log.yml to /opt + copy: + src: collect-log.yml + dest: /opt/collect-log.yml + # - name: change repore build # lineinfile: # dest: /etc/ansible/roles/repo_build/tasks/main.yml # insertafter: "^- include: repo_post_build.yml" # line: "- include: repo_fix_pandas.yml" -- include: meters.yml +- include: fix_rescue.yml -# upstream has fix this issue so somments it -# maybe will use in the furture -- include: fix_pip_version.yml +- name: rm command "rm -f /etc/resolv.conf" in cache_prep_commands + lineinfile: + dest: /etc/ansible/roles/lxc_hosts/vars/ubuntu-16.04.yml + regexp: 'rm -f /etc/resolv.conf$' + line: ' echo "ok"' + backrefs: 'yes' -- include: fix_rescue.yml +- name: add command "rm /etc/resolv.conf || true" in cache_prep_commands + lineinfile: + dest: /etc/ansible/roles/lxc_hosts/vars/ubuntu-16.04.yml + insertafter: '^ cache_prep_commands:' + line: ' rm /etc/resolv.conf || true' + +- name: fix apt prompt issue + lineinfile: + dest: /etc/ansible/roles/lxc_hosts/vars/ubuntu-16.04.yml + state: absent + regexp: "apt-get upgrade -y" + +- name: set pre-staged retry to 120 + replace: + dest: /etc/ansible/roles/lxc_hosts/tasks/lxc_cache_preparation_systemd_new.yml + regexp: '^ retries: 60' + replace: ' retries: 120' + +- name: copy lxc_cache_prestage.patch + copy: + src: lxc_cache_prestage.patch + dest: /etc/ansible/roles/lxc_hosts/tasks/lxc_cache_prestage.patch + when: + - checkresult.rc == 0 + - offline_deployment is defined and offline_deployment == "Disable" + +- name: patch lxc_cache_prestage.yml + shell: + patch -p0 < lxc_cache_prestage.patch + args: + chdir: /etc/ansible/roles/lxc_hosts/tasks/ + when: + - checkresult.rc == 0 + - offline_deployment is defined and offline_deployment == "Disable" + ignore_errors: "true" + +- name: add cache refresh + blockinfile: + dest: /opt/openstack-ansible/playbooks/setup-infrastructure.yml + insertbefore: '^- include: unbound-install.yml' + block: | + - hosts: all + user: root + tasks: + - name: refresh + setup: + +- name: create openstack git directory + file: + path: /opt/git/openstack + state: directory + when: + - checkresult.rc == 0 + - offline_deployment is defined and offline_deployment == "Disable" + +- name: download openstack git package + get_url: + url: "http://192.168.137.222/download/openstack-queens-git.tar.gz" + dest: "/opt/git/openstack" + when: + - checkresult.rc == 0 + - offline_deployment is defined and offline_deployment == "Disable" + +- name: extract openstack git repo + shell: + tar zxf openstack-queens-git.tar.gz + args: + chdir: "/opt/git/openstack" + when: + - checkresult.rc == 0 + - offline_deployment is defined and offline_deployment == "Disable" + +- name: fix keepalived + lineinfile: + dest: /opt/openstack-ansible/inventory/group_vars/haproxy/keepalived.yml + regexp: 'check_script: "/bin/kill -0 `cat /var/run/haproxy.pid`"' + line: ' check_script: "/bin/kill -0 `cat /var/run/haproxy.pid` || true"' diff --git a/deploy/adapters/ansible/roles/config-osa/tasks/meters.yml b/deploy/adapters/ansible/roles/config-osa/tasks/meters.yml index 8f06a884..ca85f440 100644 --- a/deploy/adapters/ansible/roles/config-osa/tasks/meters.yml +++ b/deploy/adapters/ansible/roles/config-osa/tasks/meters.yml @@ -9,7 +9,7 @@ --- - name: modify the aodh haproxy config copy: - dest: /opt/openstack-ansible/group_vars/all/haproxy.yml + dest: /opt/openstack-ansible/inventory/group_vars/all/haproxy.yml src: haproxy.yml mode: 0664 @@ -69,3 +69,15 @@ [database]{% raw %} connection = mysql+pymysql://{{ ceilometer_galera_user }}:{{ ceilometer_container_db_password }}@{{ceilometer_galera_address }}/{{ ceilometer_galera_database }}?charset=utf86{% endraw %} # yamllint enable rule:line-length + +- name: make sure the directory exist + file: + dest: /etc/openstack_deploy/ceilometer + state: directory + mode: 0755 + +- name: copy the polling.yml + copy: + dest: /etc/openstack_deploy/ceilometer/polling.yaml + src: polling.yaml + mode: 0644 diff --git a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 index 130b5ad1..dd45bd1a 100644 --- a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 +++ b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 @@ -26,11 +26,16 @@ haproxy_keepalived_internal_vip_cidr: "{{ internal_vip.ip }}/32" haproxy_keepalived_external_interface: br-external haproxy_keepalived_internal_interface: br-mgmt keepalived_ping_address: "{{ ntp_server }}" +lxc_host_machine_volume_size: 16 cinder_cinder_conf_overrides: oslo_middleware: enable_proxy_headers_parsing: True +neutron_neutron_conf_overrides: + oslo_middleware: + enable_proxy_headers_parsing: True + nfs_file_gw: False {% if "openvswitch" == NEUTRON_MECHANISM_DRIVERS[0] or @@ -45,6 +50,11 @@ neutron_plugin_type: ml2.ovs neutron_ml2_drivers_type: "local,flat,{{ tenant_net_info['type'] }}" +neutron_plugin_base: + - router + - metering + - trunk + neutron_provider_networks: network_flat_networks: "*" network_types: "{{ tenant_net_info['type'] }}" @@ -66,3 +76,6 @@ security_sshd_permit_root_login: yes security_ntp_servers: - {{ ntp_server }} + +tacker_etc_dir: "/etc/tacker" +nova_spicehtml5_git_repo: https://gitlab.freedesktop.org/spice/spice-html5.git diff --git a/deploy/adapters/ansible/roles/config-osa/vars/main.yml b/deploy/adapters/ansible/roles/config-osa/vars/main.yml index 0b3b0c1e..7daf40c9 100644 --- a/deploy/adapters/ansible/roles/config-osa/vars/main.yml +++ b/deploy/adapters/ansible/roles/config-osa/vars/main.yml @@ -11,3 +11,6 @@ LOCAL_REPOSITORY_IP: "192.168.137.222" ceph_host: "{{ hostvars[inventory_hostname]['groups']['ceph_osd'][0] }}" repo_dest_path: "/var/www/repo/os-releases/15.1.4/ubuntu-16.04-x86_64/" networking_sfc_version: 4.0.0 +# yamllint disable rule:line-length +openstack_release: "{{ lookup('yamlfile', '/opt/openstack-ansible/inventory/group_vars/all/all.yml key=openstack_release') }}" +# yamllint enable rule:line-length diff --git a/deploy/adapters/ansible/roles/post-openstack/files/manager.py.patch b/deploy/adapters/ansible/roles/post-openstack/files/manager.py.patch new file mode 100644 index 00000000..198ff5be --- /dev/null +++ b/deploy/adapters/ansible/roles/post-openstack/files/manager.py.patch @@ -0,0 +1,12 @@ +--- manager.py 2018-11-07 03:51:22.764685289 -0800 ++++ manager.py.new 2018-11-07 03:58:21.014139558 -0800 +@@ -314,8 +314,7 @@ + if self._events is None: + # NOTE(danms): We really should have a more specific error + # here, but this is what we use for our default error case +- raise exception.NovaException('In shutdown, no new events ' +- 'can be scheduled') ++ self._events = {} + + @utils.synchronized(self._lock_name(instance)) + def _create_or_get_event(): diff --git a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml index 7022a4b5..2a63acf0 100644 --- a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml +++ b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml @@ -40,6 +40,7 @@ --subnet-range "{{ public_net_info.floating_ip_cidr }}" \ "{{ public_net_info.subnet }}" when: + - public_net_info.enable == "True" - inventory_hostname == groups['utility_all'][0] - name: create openstack flavors @@ -68,3 +69,24 @@ flat: "yes" when: - inventory_hostname == groups['network_hosts'][0] + +# yamllint disable rule:line-length +- name: fix horizon upload image issue + lineinfile: + dest: "/openstack/venvs/horizon-{{ openstack_release }}/lib/python2.7/site-packages/openstack_dashboard/local/local_settings.py" + regexp: "^HORIZON_IMAGES_UPLOAD_MODE" + line: "HORIZON_IMAGES_UPLOAD_MODE = 'legacy'" + when: + - inventory_hostname in groups['horizon'] +# yamllint enable rule:line-length + +- name: restart apache2 + service: + name: apache2 + state: restarted + when: + - inventory_hostname in groups['horizon'] + +- include: nova_patch.yml + when: + - inventory_hostname in groups['compute'] diff --git a/deploy/adapters/ansible/roles/post-openstack/tasks/nova_patch.yml b/deploy/adapters/ansible/roles/post-openstack/tasks/nova_patch.yml new file mode 100644 index 00000000..d9cfad9c --- /dev/null +++ b/deploy/adapters/ansible/roles/post-openstack/tasks/nova_patch.yml @@ -0,0 +1,23 @@ +############################################################################## +# Copyright (c) 2016-2018 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: copy manager.py.patch + copy: + src: manager.py.patch + dest: /openstack/venvs/nova-{{ openstack_release }}/lib/python2.7/site-packages/nova/compute + +- name: patch manager.py.patch + shell: + patch -p0 < manager.py.patch + args: + chdir: /openstack/venvs/nova-{{ openstack_release }}/lib/python2.7/site-packages/nova/compute + +- name: restart nova-compute + shell: + systemctl restart nova-compute diff --git a/deploy/adapters/ansible/roles/post-openstack/vars/main.yml b/deploy/adapters/ansible/roles/post-openstack/vars/main.yml index d9c36d42..1fc2cc27 100644 --- a/deploy/adapters/ansible/roles/post-openstack/vars/main.yml +++ b/deploy/adapters/ansible/roles/post-openstack/vars/main.yml @@ -43,3 +43,7 @@ flavors: vcpus: 8 ram: 16384 disk: 160 + +# yamllint disable rule:line-length +openstack_release: "{{ lookup('yamlfile', '/opt/openstack-ansible/inventory/group_vars/all/all.yml key=openstack_release') }}" +# yamllint enable rule:line-length diff --git a/deploy/adapters/ansible/roles/post-osa/files/sfc.conf b/deploy/adapters/ansible/roles/post-osa/files/sfc.conf index ce42c9e1..b200f254 100755 --- a/deploy/adapters/ansible/roles/post-osa/files/sfc.conf +++ b/deploy/adapters/ansible/roles/post-osa/files/sfc.conf @@ -1,6 +1,6 @@ [DEFAULT] -service_plugins = router,metering,flow_classifier,sfc +service_plugins = router,metering,flow_classifier,sfc,trunk [sfc] drivers = ovs diff --git a/deploy/adapters/ansible/roles/post-osa/handlers/main.yml b/deploy/adapters/ansible/roles/post-osa/handlers/main.yml index 3d979e6a..d685edca 100755 --- a/deploy/adapters/ansible/roles/post-osa/handlers/main.yml +++ b/deploy/adapters/ansible/roles/post-osa/handlers/main.yml @@ -9,3 +9,17 @@ - name: restart network service shell: "/sbin/ifconfig eth0 0 &&/sbin/ifdown -a && \ /sbin/ifup --ignore-errors -a" + +- name: Restart ceilometer services + service: + name: "{{ item.0.service_name }}" + enabled: "yes" + state: "restarted" + with_subelements: + - "{{ ceilometer_services }}" + - group + when: inventory_hostname in groups[item.1] + register: _restart + until: _restart | success + retries: 5 + delay: 2 diff --git a/deploy/adapters/ansible/roles/post-osa/tasks/ceilometer-upgrade.yml b/deploy/adapters/ansible/roles/post-osa/tasks/ceilometer-upgrade.yml new file mode 100755 index 00000000..3d991b74 --- /dev/null +++ b/deploy/adapters/ansible/roles/post-osa/tasks/ceilometer-upgrade.yml @@ -0,0 +1,28 @@ +############################################################################# +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: check for gnocchi resource file + stat: + path: "/etc/ceilometer/gnocchi_resources.yaml" + register: gnocchi_resource_file + +- name: get the path of ceilometer-upgrade + shell: "find / -name ceilometer-upgrade 2>/dev/null || true" + register: ceilometer_upgrade_path + +- name: Initialize Gnocchi database by creating ceilometer resources + command: "{{ ceilometer_upgrade_path.stdout }} --skip-metering-database" + become: "yes" + when: gnocchi_resource_file.stat.exists + register: _upgrade + until: _upgrade | success + retries: 10 + delay: 2 + notify: + - Restart ceilometer services diff --git a/deploy/adapters/ansible/roles/post-osa/tasks/install_networking_sfc.yml b/deploy/adapters/ansible/roles/post-osa/tasks/install_networking_sfc.yml index fbed5815..684d05cb 100644 --- a/deploy/adapters/ansible/roles/post-osa/tasks/install_networking_sfc.yml +++ b/deploy/adapters/ansible/roles/post-osa/tasks/install_networking_sfc.yml @@ -2,8 +2,8 @@ - name: install networking-sfc pip: - name: networking-sfc - virtualenv: /openstack/venvs/neutron-15.1.4 + name: networking-sfc==6.0.0.0rc1 + virtualenv: /openstack/venvs/neutron-{{ os_ver }} when: - inventory_hostname in groups['neutron_server'] @@ -11,14 +11,12 @@ package: name: crudini state: latest - when: - - inventory_hostname in groups['neutron_server'] - name: Install networking-sfc for CLI pip: name: networking-sfc when: - - inventory_hostname in groups['utility'] + - inventory_hostname not in groups['neutron_server'] - name: turn off neutron-server on control node service: name=neutron-server state=stopped @@ -35,13 +33,18 @@ shell: crudini --merge /etc/neutron/neutron.conf < /opt/sfc.conf when: inventory_hostname in groups['neutron_server'] +- name: Configure SFC extension on compute nodes + shell: crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \ + agent extensions sfc; + when: inventory_hostname in groups['compute'] + - name: delete sfc.conf shell: rm -rf {{ sfc_plugins.dst }} when: inventory_hostname in groups['neutron_server'] - name: Perform a Neutron DB online upgrade command: | - /openstack/venvs/neutron-15.1.4/bin/neutron-db-manage + /openstack/venvs/neutron-{{ os_ver }}/bin/neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade --expand @@ -51,7 +54,7 @@ - name: Perform a Neutron DB offline upgrade command: | - /openstack/venvs/neutron-15.1.4/bin/neutron-db-manage + /openstack/venvs/neutron-{{ os_ver }}/bin/neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade --contract @@ -61,7 +64,7 @@ - name: SFC DB upgrade command: | - /openstack/venvs/neutron-15.1.4/bin/neutron-db-manage + /openstack/venvs/neutron-{{ os_ver }}/bin/neutron-db-manage --subproject networking-sfc upgrade head become: "yes" diff --git a/deploy/adapters/ansible/roles/post-osa/tasks/main.yml b/deploy/adapters/ansible/roles/post-osa/tasks/main.yml index bd83b50f..e7e4c37d 100644 --- a/deploy/adapters/ansible/roles/post-osa/tasks/main.yml +++ b/deploy/adapters/ansible/roles/post-osa/tasks/main.yml @@ -11,15 +11,25 @@ when: - inventory_hostname in groups['compute'] - ansible_distribution == 'Ubuntu' + - NEUTRON_MECHANISM_DRIVERS[0] == "openvswitch" # install networking-sfc for non odl scenarios -# - include: install_networking_sfc.yml -# when: -# - odl_sfc is not defined or odl_sfc == "Disable" -# - inventory_hostname not in groups['compute'] -# when: ansible_distribution == 'Ubuntu' +- include: install_networking_sfc.yml + when: + - opendaylight is not defined or opendaylight == "Disable" + - inventory_hostname not in groups['horizon_all'] - include: "{{ ansible_os_family }}.yml" when: - ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' - inventory_hostname in groups['compute'] + +- include: ceilometer-upgrade.yml + when: + - inventory_hostname in groups['ceilometer_all'] + +- include: tacker_horizon.yml + when: inventory_hostname in groups['horizon_all'] + +- include: novaclient_workaround.yml + when: inventory_hostname in groups['utility'] diff --git a/deploy/adapters/ansible/roles/post-osa/tasks/novaclient_workaround.yml b/deploy/adapters/ansible/roles/post-osa/tasks/novaclient_workaround.yml new file mode 100644 index 00000000..40ec608d --- /dev/null +++ b/deploy/adapters/ansible/roles/post-osa/tasks/novaclient_workaround.yml @@ -0,0 +1,6 @@ +--- + +- name: use python-novaclient version 9.0.0 to replace 10.2.0 + pip: + name: python-novaclient + version: 9.0.0 diff --git a/deploy/adapters/ansible/roles/post-osa/tasks/tacker_horizon.yml b/deploy/adapters/ansible/roles/post-osa/tasks/tacker_horizon.yml new file mode 100644 index 00000000..2c1d2d87 --- /dev/null +++ b/deploy/adapters/ansible/roles/post-osa/tasks/tacker_horizon.yml @@ -0,0 +1,33 @@ +--- + +- name: remove tacker-horizon directory + file: + path: "{{ tacker_horizon_dir }}" + state: absent + +- name: get tacker horizon (online) + git: + repo: "{{ tacker_horizon_repo }}" + dest: "{{ tacker_horizon_dir }}" + version: "{{ tacker_horizon_branch }}" + when: offline_deployment is defined and offline_deployment == "Disable" + +- name: copy installation script (offline) + get_url: + url: "http://{{ offline_repo_ip }}:{{ offline_repo_port }}/tacker-horizon.tar.gz" + dest: "/opt/" + when: offline_deployment is defined and offline_deployment == "Enable" + +- name: untar tacker-horizon tarball + command: su -s /bin/sh -c "tar xzf /opt/tacker-horizon.tar.gz -C /opt/" + when: offline_deployment is defined and offline_deployment == "Enable" + +- name: install tacker-horizon + shell: | + cd /opt/tacker-horizon/; + pip install -r requirements.txt; + sleep 30; + python setup.py install; + cp tacker_horizon/enabled/* \ + {{ tacker_horizon_enable_path }}/; + service apache2 restart diff --git a/deploy/adapters/ansible/roles/post-osa/vars/main.yml b/deploy/adapters/ansible/roles/post-osa/vars/main.yml index da886028..7aed0472 100644 --- a/deploy/adapters/ansible/roles/post-osa/vars/main.yml +++ b/deploy/adapters/ansible/roles/post-osa/vars/main.yml @@ -1,5 +1,19 @@ --- +# yamllint disable rule:line-length +os_ver: "{{ lookup('yamlfile', '/opt/openstack-ansible/inventory/group_vars/all/all.yml key=openstack_release') }}" +# yamllint enable rule:line-length +os_name: queens + +# yamllint disable rule:line-length +tacker_horizon_repo: https://github.com/openstack/tacker-horizon.git +tacker_horizon_dir: /opt/tacker-horizon +tacker_horizon_branch: "stable/{{ os_name }}" +openstack_release: "{{ os_ver }}" +tacker_horizon_venv: "/openstack/venvs/horizon-{{ openstack_release }}" +tacker_horizon_enable_path: "{{ tacker_horizon_venv }}/lib/python2.7/site-packages/openstack_dashboard/enabled" +# yamllint enable rule:line-length + sfc_plugins: src: sfc.conf dst: /opt/sfc.conf @@ -24,3 +38,14 @@ intf_storage: |- {%- set intf_storage = intf_storage + '.' + compu_sys_mappings["storage"]["vlan_tag"]|string %} {%- endif %} {{- intf_storage }} + +ceilometer_services: + ceilometer-agent-notification: + group: + - ceilometer_agent_notification + service_name: ceilometer-agent-notification + ceilometer-polling: + group: + - ceilometer_agent_central + - ceilometer_agent_compute + service_name: ceilometer-polling diff --git a/deploy/adapters/ansible/roles/process-openrc/tasks/main.yml b/deploy/adapters/ansible/roles/process-openrc/tasks/main.yml index aed68b88..d8de1b2d 100644 --- a/deploy/adapters/ansible/roles/process-openrc/tasks/main.yml +++ b/deploy/adapters/ansible/roles/process-openrc/tasks/main.yml @@ -24,3 +24,9 @@ dest: /opt/openrc regexp: "internalURL" replace: "publicURL" + +- name: add the IP of SDN controller + lineinfile: + dest: /opt/openrc + state: present + line: "export SDN_CONTROLLER_IP={{ public_vip['ip'] }}" diff --git a/deploy/adapters/ansible/roles/setup-host/tasks/Ubuntu.yml b/deploy/adapters/ansible/roles/setup-host/tasks/Ubuntu.yml index 00675d9c..5d9cded0 100644 --- a/deploy/adapters/ansible/roles/setup-host/tasks/Ubuntu.yml +++ b/deploy/adapters/ansible/roles/setup-host/tasks/Ubuntu.yml @@ -8,7 +8,7 @@ # ############################################################################# --- - name: setup hosts - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_queens-opnfv2/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible setup-hosts.yml \ @@ -19,7 +19,7 @@ register: failed_container - name: destroy the failed_container - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_queens-opnfv2/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible lxc-containers-destroy.yml \ @@ -30,7 +30,7 @@ ignore_errors: "True" - name: retry to setup failed_container - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_queens-opnfv2/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible setup-hosts.yml --limit {{item}} \ diff --git a/deploy/adapters/ansible/roles/setup-host/tasks/main.yml b/deploy/adapters/ansible/roles/setup-host/tasks/main.yml index 4eba3d00..0a63f7f5 100644 --- a/deploy/adapters/ansible/roles/setup-host/tasks/main.yml +++ b/deploy/adapters/ansible/roles/setup-host/tasks/main.yml @@ -10,7 +10,7 @@ --- - name: openstack-hosts-setup - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH={{ run_dir }}/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible openstack-hosts-setup.yml \ @@ -25,7 +25,7 @@ when: openstack_hosts_setup_result.stdout.find('Mark openstack-hosts-setup completed') == -1 - name: security-hardening - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH={{ run_dir }}/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible security-hardening.yml \ @@ -40,7 +40,7 @@ when: security_hardening_result.stdout.find('Mark security-hardening completed') == -1 - name: lxc-hosts-setup - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH={{ run_dir }}/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible lxc-hosts-setup.yml \ @@ -55,7 +55,7 @@ when: lxc_hosts_setup_result.stdout.find('Mark lxc-hosts-setup completed') == -1 - name: lxc-containers-create - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH={{ run_dir }}/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible lxc-containers-create.yml \ @@ -66,7 +66,7 @@ register: failed_container - name: destroy the failed_container - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH={{ run_dir }}/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible lxc-containers-destroy.yml \ @@ -77,7 +77,7 @@ ignore_errors: "True" - name: retry to setup failed_container - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH={{ run_dir }}/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible lxc-containers-create.yml --limit {{item}} \ diff --git a/deploy/adapters/ansible/roles/setup-infrastructure/tasks/main.yml b/deploy/adapters/ansible/roles/setup-infrastructure/tasks/main.yml index 7cf5c86f..4e3a926f 100644 --- a/deploy/adapters/ansible/roles/setup-infrastructure/tasks/main.yml +++ b/deploy/adapters/ansible/roles/setup-infrastructure/tasks/main.yml @@ -8,7 +8,7 @@ ############################################################################## --- - name: setup infrastructure - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH={{ run_dir }}/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible setup-infrastructure.yml \ diff --git a/deploy/adapters/ansible/roles/setup-openstack/tasks/main.yml b/deploy/adapters/ansible/roles/setup-openstack/tasks/main.yml index a6ecb82f..c572936d 100644 --- a/deploy/adapters/ansible/roles/setup-openstack/tasks/main.yml +++ b/deploy/adapters/ansible/roles/setup-openstack/tasks/main.yml @@ -8,7 +8,7 @@ ############################################################################## --- - name: setup openstack - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_pike-opnfv2/ansible.log; \ + shell: "export ANSIBLE_LOG_PATH={{ run_dir }}/ansible.log; \ export ANSIBLE_SCP_IF_SSH=y; \ cd /opt/openstack-ansible/playbooks; \ openstack-ansible setup-openstack.yml \ diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/handlers/main.yml b/deploy/adapters/ansible/roles/setup-openvswitch/handlers/main.yml index fb7814b7..58a1710c 100644 --- a/deploy/adapters/ansible/roles/setup-openvswitch/handlers/main.yml +++ b/deploy/adapters/ansible/roles/setup-openvswitch/handlers/main.yml @@ -6,6 +6,11 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################ --- +- name: restart network service + service: + name: networking + state: restarted + - name: restart neutron-openvswitch-agent service: name: neutron-openvswitch-agent diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/compute.yml b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/compute.yml index 43c6689f..670eea75 100644 --- a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/compute.yml +++ b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/compute.yml @@ -50,7 +50,7 @@ when: - compute in item["role"] -- name: start neutron-openvswitch-agent +- name: restart neutron-openvswitch-agent service: name: neutron-openvswitch-agent - state: started + state: restarted diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/controller.yml b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/controller.yml index 3637d1db..726cb545 100644 --- a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/controller.yml +++ b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/controller.yml @@ -50,7 +50,27 @@ when: - controller in item["role"] +- name: configure interfaces ubuntu + template: + src: controller.j2 + dest: /etc/network/interfaces + notify: + - restart network service + - name: start neutron-openvswitch-agent service: name: neutron-openvswitch-agent - state: started + state: restarted + +- name: update keepalived + replace: + dest: /etc/keepalived/keepalived.conf + regexp: 'br-external' + replace: 'br-provider' + +- meta: flush_handlers + +- name: restart keepalived + service: + name: keepalived + state: restarted diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/main.yml b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/main.yml index 87e508ca..0ad47d3c 100644 --- a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/main.yml +++ b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/main.yml @@ -10,9 +10,19 @@ - include: controller.yml when: - inventory_hostname not in groups['nova_compute'] - - NEUTRON_MECHANISM_DRIVERS[0] == "openvswitch" or "opendaylight" + - NEUTRON_MECHANISM_DRIVERS[0] == "openvswitch" - include: compute.yml when: - inventory_hostname in groups['nova_compute'] - - NEUTRON_MECHANISM_DRIVERS[0] == "openvswitch" or "opendaylight" + - NEUTRON_MECHANISM_DRIVERS[0] == "openvswitch" + +- include_vars: "{{ ansible_os_family }}.yml" + when: + - odl_sfc is not defined or odl_sfc != "Enable" + - NEUTRON_MECHANISM_DRIVERS[0] == "opendaylight" + +- include: odl.yml + when: + - odl_sfc is not defined or odl_sfc != "Enable" + - NEUTRON_MECHANISM_DRIVERS[0] == "opendaylight" diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/odl.yml b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/odl.yml new file mode 100644 index 00000000..9c96a46a --- /dev/null +++ b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/odl.yml @@ -0,0 +1,25 @@ +############################################################################# +# Copyright (c) 2017-2018 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################# +--- +- name: uninstall ovs for odl + apt: + name: "{{ item.name }}" + state: absent + with_items: "{{ ovs_pkgs }}" + +- name: download ovs pkgs + get_url: + url: "{{ item.url }}" + dest: "/tmp/{{ item.package }}" + with_items: "{{ ovs_pkgs }}" + +- name: install ovs pkgs + shell: + dpkg -i "/tmp/{{ item.package }}" + with_items: "{{ ovs_pkgs }}" diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/templates/controller.j2 b/deploy/adapters/ansible/roles/setup-openvswitch/templates/controller.j2 new file mode 100755 index 00000000..bdc4d447 --- /dev/null +++ b/deploy/adapters/ansible/roles/setup-openvswitch/templates/controller.j2 @@ -0,0 +1,90 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +# The loopback network interface +auto lo +iface lo inet loopback + +# Physical interface +auto eth0 +iface eth0 inet manual + +# external interface +{% set intf_external = contr_sys_mappings["external"]["interface"] %} +{% if contr_sys_mappings["external"]["vlan_tag"] | int %} +{% set intf_external = intf_external + '.' + contr_sys_mappings["external"]["vlan_tag"]|string %} +{% endif %} +auto {{ intf_external }} +iface {{ intf_external }} inet manual +{% if contr_sys_mappings["external"]["vlan_tag"] | int %} + vlan-raw-device {{ intf_external }} +{% endif %} + +# tenant interface +{% set intf_tenant = contr_sys_mappings["tenant"]["interface"] %} +{% if contr_sys_mappings["tenant"]["vlan_tag"] | int %} +{% set intf_tenant = intf_tenant + '.' + contr_sys_mappings["tenant"]["vlan_tag"]|string %} +{% endif %} +auto {{ intf_tenant }} +iface {{ intf_tenant }} inet manual +{% if contr_sys_mappings["tenant"]["vlan_tag"] | int %} + vlan-raw-device {{ intf_tenant }} +{% endif %} + +# storage interface +{% set intf_storage = contr_sys_mappings["storage"]["interface"] %} +{% if contr_sys_mappings["storage"]["vlan_tag"] | int %} +{% set intf_storage = intf_storage + '.' + contr_sys_mappings["storage"]["vlan_tag"]|string %} +{% endif %} +auto {{ intf_storage }} +iface {{ intf_storage }} inet manual +{% if contr_sys_mappings["storage"]["vlan_tag"] | int %} + vlan-raw-device {{ intf_storage }} +{% endif %} + +# Container/Host management bridge +auto br-mgmt +iface br-mgmt inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports eth0 + address {{ ip_settings[inventory_hostname]["mgmt"]["ip"] }} + netmask 255.255.255.0 + +# OpenStack Networking VLAN bridge +auto br-provider +iface br-provider inet static + address {{ ip_settings[inventory_hostname]["external"]["ip"] }} + netmask 255.255.255.0 + gateway {{ ip_settings[inventory_hostname]["external"]["gw"] }} + pre-up ifconfig br-external down || true + pre-up brctl delbr br-external || true + +# OpenStack Networking VXLAN (tunnel/overlay) bridge +# +# Only the COMPUTE and NETWORK nodes must have an IP address +# on this bridge. When used by infrastructure nodes, the +# IP addresses are assigned to containers which use this +# bridge. +# +auto br-tenant +iface br-tenant inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports {{ intf_tenant }} + address {{ ip_settings[inventory_hostname]["tenant"]["ip"] }} + netmask 255.255.255.0 + +# Storage bridge +auto br-storage +iface br-storage inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports {{ intf_storage }} + address {{ ip_settings[inventory_hostname]["storage"]["ip"] }} + netmask 255.255.255.0 + +source /etc/network/interfaces.d/*.cfg diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/vars/Debian.yml b/deploy/adapters/ansible/roles/setup-openvswitch/vars/Debian.yml index b6bd95a8..72c410ca 100644 --- a/deploy/adapters/ansible/roles/setup-openvswitch/vars/Debian.yml +++ b/deploy/adapters/ansible/roles/setup-openvswitch/vars/Debian.yml @@ -1,3 +1,16 @@ --- ovs_service: openvswitch-switch + +# yamllint disable rule:line-length +ovs_pkgs: + - openvswitch-common: + name: openvswitch-common + package: openvswitch-common.deb + url: http://archive.ubuntu.com/ubuntu/pool/main/o/openvswitch/openvswitch-common_2.8.0-0ubuntu2_amd64.deb + + - openvswitch-switch: + name: openvswitch-switch + package: openvswitch-switch.deb + url: http://archive.ubuntu.com/ubuntu/pool/main/o/openvswitch/openvswitch-switch_2.8.0-0ubuntu2_amd64.deb +# yamllint enable rule:line-length diff --git a/deploy/adapters/ansible/roles/storage/vars/main.yml b/deploy/adapters/ansible/roles/storage/vars/main.yml index cbee9c1e..d6c5961a 100644 --- a/deploy/adapters/ansible/roles/storage/vars/main.yml +++ b/deploy/adapters/ansible/roles/storage/vars/main.yml @@ -7,7 +7,7 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -host_loopback_ceph_size: "100G" +host_loopback_ceph_size: "500G" rc_local_insert_before: "^exit 0$" bootstrap_host_data_disk_device: null bootstrap_host_data_disk_device_force: "no" |