diff options
Diffstat (limited to 'deploy')
12 files changed, 150 insertions, 35 deletions
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 index aac6c8a2..e7107660 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 +++ b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 @@ -2,3 +2,6 @@ firewall_driver = neutron.agent.firewall.NoopFirewallDriver enable_security_group = True +[agent] +prevent_arp_spoofing = False + diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 index aac6c8a2..e7107660 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 @@ -2,3 +2,6 @@ firewall_driver = neutron.agent.firewall.NoopFirewallDriver enable_security_group = True +[agent] +prevent_arp_spoofing = False + diff --git a/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2 index 7b39e18c..9f3652c4 100644 --- a/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2 +++ b/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2 @@ -2,3 +2,6 @@ firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver enable_security_group = False +[agent] +prevent_arp_spoofing = False + diff --git a/deploy/adapters/ansible/roles/setup-network/files/setup_networks/check_network.py b/deploy/adapters/ansible/roles/setup-network/files/setup_networks/check_network.py new file mode 100644 index 00000000..72a5db97 --- /dev/null +++ b/deploy/adapters/ansible/roles/setup-network/files/setup_networks/check_network.py @@ -0,0 +1,56 @@ +import yaml +import sys +import subprocess + +import log as logging + +LOG = logging.getLogger("net-check") + +def is_ip_reachable(ip): + cmd = "ping -c 2 %s" % ip + process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=None, shell=True) + + output = process.communicate()[0] + if " 0% packet loss" in output: + LOG.info("%s is reachable", ip) + elif "100% packet loss" in output: + LOG.error("%s is unreachable" % (ip)) + return False + else: + LOG.warn("%r", output) + + return True + +def is_host_ips_reachable(settings): + external = settings["br-prv"]["ip"] + external_gw = settings["br-prv"]["gw"] + storage = settings["storage"]["ip"] + mgmt = settings["mgmt"]["ip"] + + return is_ip_reachable(external) \ + and is_ip_reachable(external_gw) \ + and is_ip_reachable(storage) \ + and is_ip_reachable(mgmt) + +def main(hostname, config): + LOG.info("host is %s", hostname) + + result = True + + for host, settings in config.iteritems(): + LOG.info("check %s network connectivity start", host) + result = result and is_host_ips_reachable(settings) + + if result: + LOG.info("All hosts ips are reachable") + else: + LOG.error("Some hosts ips are unreachable !!!") + sys.exit(-1) + +if __name__ == "__main__": + hostname = yaml.load(sys.argv[1]) + config = yaml.load(sys.argv[2]) + config.pop(hostname, None) + + main(hostname, config) + diff --git a/deploy/adapters/ansible/roles/setup-network/tasks/main.yml b/deploy/adapters/ansible/roles/setup-network/tasks/main.yml index 7873c073..e1fdf925 100644 --- a/deploy/adapters/ansible/roles/setup-network/tasks/main.yml +++ b/deploy/adapters/ansible/roles/setup-network/tasks/main.yml @@ -38,6 +38,9 @@ with_items: - setup_networks/log.py - setup_networks/setup_networks.py + - setup_networks/check_network.py + tags: + - network_check - name: copy boot scripts copy: src={{ item }} dest=/etc/init.d/ mode=0755 @@ -58,7 +61,18 @@ tags: - recovery +- name: check basic network connectivity + shell: > + python /opt/setup_networks/check_network.py \ + "{{ inventory_hostname }}" \ + "{{ ip_settings }}" + tags: + - network_check + retries: 3 + delay: 2 + - name: add to boot scripts service: name=net_init enabled=yes - meta: flush_handlers + diff --git a/deploy/conf/hardware_environment/intel-pod8/os-nosdn-nofeature-ha.yml b/deploy/conf/hardware_environment/intel-pod8/os-nosdn-nofeature-ha.yml index b885c22b..f026b4f7 100644 --- a/deploy/conf/hardware_environment/intel-pod8/os-nosdn-nofeature-ha.yml +++ b/deploy/conf/hardware_environment/intel-pod8/os-nosdn-nofeature-ha.yml @@ -13,46 +13,52 @@ hosts: interfaces: - eth2: '00:1E:67:C5:5B:28' - eth3: '00:1E:67:C5:5B:29' - ipmiIp: 10.2.117.127 + ipmiIp: 10.2.117.134 roles: - controller - ha + - ceph-adm + - ceph-mon - name: host2 mac: '00:1E:67:D4:39:B5' interfaces: - eth2: '00:1E:67:C5:52:24' - eth3: '00:1E:67:C5:52:25' - ipmiIp: 10.2.117.129 + ipmiIp: 10.2.117.136 roles: - controller - ha + - ceph-mon - name: host3 mac: '00:1E:67:D4:31:B2' interfaces: - eth2: '00:1E:67:C1:FA:E0' - eth3: '00:1E:67:C1:FA:E1' - ipmiIp: 10.2.117.131 + ipmiIp: 10.2.117.138 roles: - controller - ha + - ceph-mon - name: host4 mac: '00:1E:67:D4:34:67' interfaces: - eth2: '00:1E:67:E2:58:80' - eth3: '00:1E:67:E2:58:81' - ipmiIp: 10.2.117.133 + ipmiIp: 10.2.117.140 roles: - compute + - ceph-osd - name: host5 mac: '00:1E:67:D4:38:42' interfaces: - eth2: '00:1E:67:C1:F9:2C' - eth3: '00:1E:67:C1:F9:2D' - ipmiIp: 10.2.117.135 + ipmiIp: 10.2.117.142 roles: - compute + - ceph-osd diff --git a/deploy/conf/hardware_environment/intel-pod8/os-ocl-nofeature-ha.yml b/deploy/conf/hardware_environment/intel-pod8/os-ocl-nofeature-ha.yml index 7892a0b5..b8d93d6b 100644 --- a/deploy/conf/hardware_environment/intel-pod8/os-ocl-nofeature-ha.yml +++ b/deploy/conf/hardware_environment/intel-pod8/os-ocl-nofeature-ha.yml @@ -13,45 +13,51 @@ hosts: interfaces: - eth2: '00:1E:67:C5:5B:28' - eth3: '00:1E:67:C5:5B:29' - ipmiIp: 10.2.117.127 + ipmiIp: 10.2.117.134 roles: - controller - ha - opencontrail + - ceph-adm + - ceph-mon - name: host2 mac: '00:1E:67:D4:39:B5' interfaces: - eth2: '00:1E:67:C5:52:24' - eth3: '00:1E:67:C5:52:25' - ipmiIp: 10.2.117.129 + ipmiIp: 10.2.117.136 roles: - compute + - ceph-osd - name: host3 mac: '00:1E:67:D4:31:B2' interfaces: - eth2: '00:1E:67:C1:FA:E0' - eth3: '00:1E:67:C1:FA:E1' - ipmiIp: 10.2.117.131 + ipmiIp: 10.2.117.138 roles: - compute + - ceph-osd - name: host4 mac: '00:1E:67:D4:34:67' interfaces: - eth2: '00:1E:67:E2:58:80' - eth3: '00:1E:67:E2:58:81' - ipmiIp: 10.2.117.133 + ipmiIp: 10.2.117.140 roles: - compute + - ceph-osd - name: host5 mac: '00:1E:67:D4:38:42' interfaces: - eth2: '00:1E:67:C1:F9:2C' - eth3: '00:1E:67:C1:F9:2D' - ipmiIp: 10.2.117.135 + ipmiIp: 10.2.117.142 roles: - compute + - ceph-osd diff --git a/deploy/conf/hardware_environment/intel-pod8/os-odl_l2-moon-ha.yml b/deploy/conf/hardware_environment/intel-pod8/os-odl_l2-moon-ha.yml index 5d46b7ba..62075c05 100644 --- a/deploy/conf/hardware_environment/intel-pod8/os-odl_l2-moon-ha.yml +++ b/deploy/conf/hardware_environment/intel-pod8/os-odl_l2-moon-ha.yml @@ -15,7 +15,7 @@ hosts: interfaces: - eth2: '00:1E:67:C5:5B:28' - eth3: '00:1E:67:C5:5B:29' - ipmiIp: 10.2.117.127 + ipmiIp: 10.2.117.134 roles: - controller - ha @@ -28,7 +28,7 @@ hosts: interfaces: - eth2: '00:1E:67:C5:52:24' - eth3: '00:1E:67:C5:52:25' - ipmiIp: 10.2.117.129 + ipmiIp: 10.2.117.136 roles: - controller - ha @@ -40,7 +40,7 @@ hosts: interfaces: - eth2: '00:1E:67:C1:FA:E0' - eth3: '00:1E:67:C1:FA:E1' - ipmiIp: 10.2.117.131 + ipmiIp: 10.2.117.138 roles: - controller - ha @@ -52,7 +52,7 @@ hosts: interfaces: - eth2: '00:1E:67:E2:58:80' - eth3: '00:1E:67:E2:58:81' - ipmiIp: 10.2.117.133 + ipmiIp: 10.2.117.140 roles: - compute - ceph-osd @@ -62,7 +62,7 @@ hosts: interfaces: - eth2: '00:1E:67:C1:F9:2C' - eth3: '00:1E:67:C1:F9:2D' - ipmiIp: 10.2.117.135 + ipmiIp: 10.2.117.142 roles: - compute - ceph-osd diff --git a/deploy/conf/hardware_environment/intel-pod8/os-odl_l2-nofeature-ha.yml b/deploy/conf/hardware_environment/intel-pod8/os-odl_l2-nofeature-ha.yml index e70169d7..39f946b3 100644 --- a/deploy/conf/hardware_environment/intel-pod8/os-odl_l2-nofeature-ha.yml +++ b/deploy/conf/hardware_environment/intel-pod8/os-odl_l2-nofeature-ha.yml @@ -13,49 +13,55 @@ hosts: interfaces: - eth2: '00:1E:67:C5:5B:28' - eth3: '00:1E:67:C5:5B:29' - ipmiIp: 10.2.117.127 + ipmiIp: 10.2.117.134 roles: - controller - ha - odl + - ceph-adm + - ceph-mon - name: host2 mac: '00:1E:67:D4:39:B5' interfaces: - eth2: '00:1E:67:C5:52:24' - eth3: '00:1E:67:C5:52:25' - ipmiIp: 10.2.117.129 + ipmiIp: 10.2.117.136 roles: - controller - ha - odl + - ceph-mon - name: host3 mac: '00:1E:67:D4:31:B2' interfaces: - eth2: '00:1E:67:C1:FA:E0' - eth3: '00:1E:67:C1:FA:E1' - ipmiIp: 10.2.117.131 + ipmiIp: 10.2.117.138 roles: - controller - ha - odl + - ceph-mon - name: host4 mac: '00:1E:67:D4:34:67' interfaces: - eth2: '00:1E:67:E2:58:80' - eth3: '00:1E:67:E2:58:81' - ipmiIp: 10.2.117.133 + ipmiIp: 10.2.117.140 roles: - compute + - ceph-osd - name: host5 mac: '00:1E:67:D4:38:42' interfaces: - eth2: '00:1E:67:C1:F9:2C' - eth3: '00:1E:67:C1:F9:2D' - ipmiIp: 10.2.117.135 + ipmiIp: 10.2.117.142 roles: - compute + - ceph-osd diff --git a/deploy/conf/hardware_environment/intel-pod8/os-odl_l3-nofeature-ha.yml b/deploy/conf/hardware_environment/intel-pod8/os-odl_l3-nofeature-ha.yml index b7914374..f4fadc94 100644 --- a/deploy/conf/hardware_environment/intel-pod8/os-odl_l3-nofeature-ha.yml +++ b/deploy/conf/hardware_environment/intel-pod8/os-odl_l3-nofeature-ha.yml @@ -15,49 +15,55 @@ hosts: interfaces: - eth2: '00:1E:67:C5:5B:28' - eth3: '00:1E:67:C5:5B:29' - ipmiIp: 10.2.117.127 + ipmiIp: 10.2.117.134 roles: - controller - ha - odl + - ceph-adm + - ceph-mon - name: host2 mac: '00:1E:67:D4:39:B5' interfaces: - eth2: '00:1E:67:C5:52:24' - eth3: '00:1E:67:C5:52:25' - ipmiIp: 10.2.117.129 + ipmiIp: 10.2.117.136 roles: - controller - ha - odl + - ceph-mon - name: host3 mac: '00:1E:67:D4:31:B2' interfaces: - eth2: '00:1E:67:C1:FA:E0' - eth3: '00:1E:67:C1:FA:E1' - ipmiIp: 10.2.117.131 + ipmiIp: 10.2.117.138 roles: - controller - ha - odl + - ceph-mon - name: host4 mac: '00:1E:67:D4:34:67' interfaces: - eth2: '00:1E:67:E2:58:80' - eth3: '00:1E:67:E2:58:81' - ipmiIp: 10.2.117.133 + ipmiIp: 10.2.117.140 roles: - compute + - ceph-osd - name: host5 mac: '00:1E:67:D4:38:42' interfaces: - eth2: '00:1E:67:C1:F9:2C' - eth3: '00:1E:67:C1:F9:2D' - ipmiIp: 10.2.117.135 + ipmiIp: 10.2.117.142 roles: - compute + - ceph-osd diff --git a/deploy/conf/hardware_environment/intel-pod8/os-onos-nofeature-ha.yml b/deploy/conf/hardware_environment/intel-pod8/os-onos-nofeature-ha.yml index 5b1390d3..7606691e 100644 --- a/deploy/conf/hardware_environment/intel-pod8/os-onos-nofeature-ha.yml +++ b/deploy/conf/hardware_environment/intel-pod8/os-onos-nofeature-ha.yml @@ -13,49 +13,55 @@ hosts: interfaces: - eth2: '00:1E:67:C5:5B:28' - eth3: '00:1E:67:C5:5B:29' - ipmiIp: 10.2.117.127 + ipmiIp: 10.2.117.134 roles: - controller - ha - onos + - ceph-adm + - ceph-mon - name: host2 mac: '00:1E:67:D4:39:B5' interfaces: - eth2: '00:1E:67:C5:52:24' - eth3: '00:1E:67:C5:52:25' - ipmiIp: 10.2.117.129 + ipmiIp: 10.2.117.136 roles: - controller - ha - onos + - ceph-mon - name: host3 mac: '00:1E:67:D4:31:B2' interfaces: - eth2: '00:1E:67:C1:FA:E0' - eth3: '00:1E:67:C1:FA:E1' - ipmiIp: 10.2.117.131 + ipmiIp: 10.2.117.138 roles: - controller - ha - onos + - ceph-mon - name: host4 mac: '00:1E:67:D4:34:67' interfaces: - eth2: '00:1E:67:E2:58:80' - eth3: '00:1E:67:E2:58:81' - ipmiIp: 10.2.117.133 + ipmiIp: 10.2.117.140 roles: - compute + - ceph-osd - name: host5 mac: '00:1E:67:D4:38:42' interfaces: - eth2: '00:1E:67:C1:F9:2C' - eth3: '00:1E:67:C1:F9:2D' - ipmiIp: 10.2.117.135 + ipmiIp: 10.2.117.142 roles: - compute + - ceph-osd diff --git a/deploy/conf/hardware_environment/intel-pod8/os-onos-sfc-ha.yml b/deploy/conf/hardware_environment/intel-pod8/os-onos-sfc-ha.yml index 0fab6b02..11bfd223 100644 --- a/deploy/conf/hardware_environment/intel-pod8/os-onos-sfc-ha.yml +++ b/deploy/conf/hardware_environment/intel-pod8/os-onos-sfc-ha.yml @@ -15,49 +15,55 @@ hosts: interfaces: - eth2: '00:1E:67:C5:5B:28' - eth3: '00:1E:67:C5:5B:29' - ipmiIp: 10.2.117.127 + ipmiIp: 10.2.117.134 roles: - controller - ha - onos + - ceph-adm + - ceph-mon - name: host2 mac: '00:1E:67:D4:39:B5' interfaces: - eth2: '00:1E:67:C5:52:24' - eth3: '00:1E:67:C5:52:25' - ipmiIp: 10.2.117.129 + ipmiIp: 10.2.117.136 roles: - controller - ha - onos + - ceph-mon - name: host3 mac: '00:1E:67:D4:31:B2' interfaces: - eth2: '00:1E:67:C1:FA:E0' - eth3: '00:1E:67:C1:FA:E1' - ipmiIp: 10.2.117.131 + ipmiIp: 10.2.117.138 roles: - controller - ha - onos + - ceph-mon - name: host4 mac: '00:1E:67:D4:34:67' interfaces: - eth2: '00:1E:67:E2:58:80' - eth3: '00:1E:67:E2:58:81' - ipmiIp: 10.2.117.133 + ipmiIp: 10.2.117.140 roles: - compute + - ceph-osd - name: host5 mac: '00:1E:67:D4:38:42' interfaces: - eth2: '00:1E:67:C1:F9:2C' - eth3: '00:1E:67:C1:F9:2D' - ipmiIp: 10.2.117.135 + ipmiIp: 10.2.117.142 roles: - compute + - ceph-osd |