From fd5db7e03c9595c14df71a49e778a3bdda89e344 Mon Sep 17 00:00:00 2001 From: "chenshuai@huawei.com" Date: Thu, 26 Nov 2015 19:39:56 +0800 Subject: OpenContrail intergration JIRA: COMPASS-168 Change-Id: I0fe22568fb28019a0085e8bbf9b600acfa9e8f45 Signed-off-by: chenshuai@huawei.com --- .../provision/contrail-analytics-api-conf.j2 | 29 ++++ .../templates/provision/contrail-api-conf.j2 | 27 ++++ .../provision/contrail-api-supervisord-conf.j2 | 12 ++ .../templates/provision/contrail-collector-conf.j2 | 86 ++++++++++ .../templates/provision/contrail-control-conf.j2 | 15 ++ .../provision/contrail-device-manager-conf.j2 | 14 ++ .../templates/provision/contrail-discovery-conf.j2 | 43 +++++ .../contrail-discovery-supervisord-conf.j2 | 12 ++ .../templates/provision/contrail-dns-conf.j2 | 15 ++ .../provision/contrail-keystone-auth-conf.j2 | 9 ++ .../provision/contrail-query-engine-conf.j2 | 13 ++ .../templates/provision/contrail-schema-conf.j2 | 22 +++ .../templates/provision/contrail-sudoers.j2 | 5 + .../provision/contrail-svc-monitor-conf.j2 | 29 ++++ .../templates/provision/contrail-tor-agent-conf.j2 | 111 +++++++++++++ .../templates/provision/contrail-tor-agent-ini.j2 | 12 ++ .../provision/contrail-vnc-api-lib-ini.j2 | 11 ++ .../provision/contrail-vrouter-agent-conf.j2 | 177 +++++++++++++++++++++ .../templates/provision/default-pmac.j2 | 1 + .../templates/provision/haproxy-contrail-cfg.j2 | 66 ++++++++ .../provision/ifmap-authorization-properties.j2 | 2 + .../provision/ifmap-basicauthusers-properties.j2 | 30 ++++ .../templates/provision/ifmap-log4j-properties.j2 | 26 +++ .../provision/ifmap-publisher-properties.j2 | 16 ++ .../templates/provision/keepalived-conf.j2 | 29 ++++ .../provision/neutron-contrail-plugin-ini.j2 | 15 ++ .../open-contrail/templates/provision/nova.j2 | 58 +++++++ .../templates/provision/qemu-device-acl-conf.j2 | 6 + .../templates/provision/rabbitmq-conf-single.j2 | 6 + .../templates/provision/rabbitmq-conf.j2 | 25 +++ .../templates/provision/rabbitmq-cookie.j2 | 1 + .../templates/provision/rabbitmq-env-conf.j2 | 2 + .../templates/provision/vrouter-nodemgr-param.j2 | 1 + .../templates/provision/zookeeper-unique-id.j2 | 1 + 34 files changed, 927 insertions(+) create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-analytics-api-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-api-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-api-supervisord-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-collector-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-control-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-device-manager-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-discovery-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-discovery-supervisord-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-dns-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-keystone-auth-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-query-engine-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-schema-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-sudoers.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-svc-monitor-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-tor-agent-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-tor-agent-ini.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-vnc-api-lib-ini.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-vrouter-agent-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/default-pmac.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/haproxy-contrail-cfg.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-authorization-properties.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-basicauthusers-properties.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-log4j-properties.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-publisher-properties.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/keepalived-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/neutron-contrail-plugin-ini.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/nova.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/qemu-device-acl-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-conf-single.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-cookie.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-env-conf.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/vrouter-nodemgr-param.j2 create mode 100755 deploy/adapters/ansible/roles/open-contrail/templates/provision/zookeeper-unique-id.j2 (limited to 'deploy/adapters/ansible/roles/open-contrail/templates/provision') diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-analytics-api-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-analytics-api-conf.j2 new file mode 100755 index 00000000..18192f19 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-analytics-api-conf.j2 @@ -0,0 +1,29 @@ +[DEFAULTS] +host_ip = {{ contrail_address }} +rest_api_ip = 0.0.0.0 +rest_api_port = 9081 +cassandra_server_list = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:9160{% if not loop.last %} {% endif %}{% endfor %} + +collectors = {{ contrail_address }}:8086 +http_server_port = 8090 +log_file = /var/log/contrail/contrail-analytics-api.log +log_level = SYS_NOTICE +log_local = 1 + +# Time-to-live in hours of the various data stored by collector into +# cassandra +# analytics_config_audit_ttl, if not set (or set to -1), defaults to analytics_data_ttl +# analytics_statistics_ttl, if not set (or set to -1), defaults to analytics_data_ttl +# analytics_flow_ttl, if not set (or set to -1), defaults to analytics_statsdata_ttl +analytics_data_ttl = 48 +analytics_config_audit_ttl = -1 +analytics_statistics_ttl = -1 +analytics_flow_ttl = -1 + +[DISCOVERY] +disc_server_ip = {{ contrail_haproxy_address }} +disc_server_port = 5998 + +[REDIS] +redis_server_port = 6379 +redis_query_port = 6379 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-api-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-api-conf.j2 new file mode 100755 index 00000000..1eefacfb --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-api-conf.j2 @@ -0,0 +1,27 @@ +[DEFAULTS] +listen_ip_addr = 0.0.0.0 +listen_port = 8082 +ifmap_server_ip = {{ contrail_address }} +ifmap_server_port = 8443 +ifmap_username = api-server +ifmap_password = api-server +zk_server_ip = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:2181{% if not loop.last %}, {% endif %}{% endfor %} + +cassandra_server_list = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:9160{% if not loop.last %} {% endif %}{% endfor %} + +disc_server_ip = {{ contrail_haproxy_address }} +disc_server_port = 5998 +rabbit_server = {{ contrail_haproxy_address }} +rabbit_port = 5673 +multi_tenancy = True +list_optimization_enabled = True +log_file = /var/log/contrail/contrail-api.log +log_level = SYS_NOTICE +log_local = 1 +auth = keystone + +[SECURITY] +use_certs = False +keyfile = /etc/contrail/ssl/private_keys/apiserver_key.pem +certfile = /etc/contrail/ssl/certs/apiserver.pem +ca_certs = /etc/contrail/ssl/certs/ca.pem diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-api-supervisord-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-api-supervisord-conf.j2 new file mode 100755 index 00000000..94da3d71 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-api-supervisord-conf.j2 @@ -0,0 +1,12 @@ +[program:contrail-api] +command=/usr/bin/contrail-api --conf_file /etc/contrail/contrail-api.conf --conf_file /etc/contrail/contrail-keystone-auth.conf --listen_port 910%(process_num)01d --worker_id %(process_num)s +numprocs=1 +process_name=%(process_num)s +redirect_stderr=true +stdout_logfile=/var/log/contrail/contrail-api-%(process_num)s-stdout.log +stderr_logfile=/dev/null +priority=440 +autostart=true +killasgroup=true +stopsignal=KILL +exitcodes=0 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-collector-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-collector-conf.j2 new file mode 100755 index 00000000..e6242346 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-collector-conf.j2 @@ -0,0 +1,86 @@ +[DEFAULT] +# Everything in this section is optional + +# Time-to-live in hours of the various data stored by collector into +# cassandra +# analytics_config_audit_ttl, if not set (or set to -1), defaults to analytics_data_ttl +# analytics_statistics_ttl, if not set (or set to -1), defaults to analytics_data_ttl +# analytics_flow_ttl, if not set (or set to -1), defaults to analytics_statsdata_ttl +analytics_data_ttl = 48 +analytics_config_audit_ttl = -1 +analytics_statistics_ttl = -1 +analytics_flow_ttl = -1 + +# IP address and port to be used to connect to cassandra. +# Multiple IP:port strings separated by space can be provided +cassandra_server_list = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:9160{% if not loop.last %} {% endif %}{% endfor %} + + +# IP address and port to be used to connect to kafka. +# Multiple IP:port strings separated by space can be provided +kafka_broker_list = + +# IP address of analytics node. Resolved IP of 'hostname' +hostip = {{ contrail_address }} + +# Hostname of analytics node. If this is not configured value from `hostname` +# will be taken +# hostname = + +# Http server port for inspecting collector state (useful for debugging) +http_server_port = 8089 + +# Category for logging. Default value is '*' +# log_category = + +# Local log file name +log_file = /var/log/contrail/contrail-collector.log + +# Maximum log file rollover index +# log_files_count = 10 + +# Maximum log file size +# log_file_size = 1048576 # 1MB + +# Log severity levels. Possible values are SYS_EMERG, SYS_ALERT, SYS_CRIT, +# SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO and SYS_DEBUG. Default is SYS_DEBUG +log_level = SYS_NOTICE + +# Enable/Disable local file logging. Possible values are 0 (disable) and +# 1 (enable) +log_local = 1 + +# TCP and UDP ports to listen on for receiving syslog messages. -1 to disable. +syslog_port = -1 + +# UDP port to listen on for receiving sFlow messages. -1 to disable. +# sflow_port = 6343 + +# UDP port to listen on for receiving ipfix messages. -1 to disable. +# ipfix_port = 4739 + +[COLLECTOR] +# Everything in this section is optional + +# Port to listen on for receiving Sandesh messages +port = 8086 + +# IP address to bind to for listening +# server = 0.0.0.0 + +# UDP port to listen on for receiving Google Protocol Buffer messages +# protobuf_port = 3333 + +[DISCOVERY] +# Port to connect to for communicating with discovery server +# port = 5998 + +# IP address of discovery server +server = {{ contrail_haproxy_address }} + +[REDIS] +# Port to connect to for communicating with redis-server +port = 6379 + +# IP address of redis-server +server = 127.0.0.1 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-control-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-control-conf.j2 new file mode 100755 index 00000000..83792b2c --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-control-conf.j2 @@ -0,0 +1,15 @@ +[DEFAULT] +hostip = {{ contrail_address }} +hostname = {{ ansible_hostname }} +log_file = /var/log/contrail/contrail-control.log +log_level = SYS_NOTICE +log_local = 1 + +[DISCOVERY] +server = {{ contrail_haproxy_address }} +port = 5998 + +[IFMAP] +certs_store = +user = {{ contrail_address }} +password = {{ contrail_address }} diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-device-manager-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-device-manager-conf.j2 new file mode 100755 index 00000000..77bcc95f --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-device-manager-conf.j2 @@ -0,0 +1,14 @@ +[DEFAULTS] +api_server_ip = {{ contrail_haproxy_address }} +api_server_port = 8082 +zk_server_ip = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:2181{% if not loop.last %}, {% endif %}{% endfor %} + +cassandra_server_list = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:9160{% if not loop.last %} {% endif %}{% endfor %} + +disc_server_ip = {{ contrail_haproxy_address }} +disc_server_port = 5998 +rabbit_server = {{ contrail_haproxy_address }} +rabbit_port = 5673 +log_file = /var/log/contrail/contrail-device-manager.log +log_level = SYS_NOTICE +log_local = 1 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-discovery-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-discovery-conf.j2 new file mode 100755 index 00000000..84e6317f --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-discovery-conf.j2 @@ -0,0 +1,43 @@ +[DEFAULTS] +listen_ip_addr = 0.0.0.0 +listen_port = 5998 +zk_server_ip = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}{% if not loop.last %}, {% endif %}{% endfor %} + +zk_server_port = 2181 +cassandra_server_list = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:9160{% if not loop.last %} {% endif %}{% endfor %} + +log_file = /var/log/contrail/contrail-discovery.log +log_level = SYS_NOTICE +log_local = 1 + +# minimim time to allow client to cache service information (seconds) +ttl_min = 300 + +# maximum time to allow client to cache service information (seconds) +ttl_max = 1800 + +# health check ping interval < = 0 for disabling +hc_interval = 5 + +# maximum hearbeats to miss before server will declare publisher out of +# service. +hc_max_miss = 3 + +# use short TTL for agressive rescheduling if all services are not up +ttl_short = 1 + +# for DNS service, we use fixed policy +# even when the cluster has more than two control nodes, only two of these +# should provide the DNS service +[DNS-SERVER] +policy = fixed + +###################################################################### +# Other service specific knobs ... + +# use short TTL for agressive rescheduling if all services are not up +# ttl_short = 1 + +# specify policy to use when assigning services +# policy = [load-balance | round-robin | fixed] +###################################################################### diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-discovery-supervisord-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-discovery-supervisord-conf.j2 new file mode 100755 index 00000000..5f0a698d --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-discovery-supervisord-conf.j2 @@ -0,0 +1,12 @@ +[program:contrail-discovery] +command=/usr/bin/contrail-discovery --conf_file /etc/contrail/contrail-discovery.conf --listen_port 911%(process_num)01d --worker_id %(process_num)s +numprocs=1 +process_name=%(process_num)s +redirect_stderr=true +stdout_logfile=/var/log/contrail/contrail-discovery-%(process_num)s-stdout.log +stderr_logfile=/dev/null +priority=430 +autostart=true +killasgroup=true +stopsignal=KILL +exitcodes=0 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-dns-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-dns-conf.j2 new file mode 100755 index 00000000..0a2ab433 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-dns-conf.j2 @@ -0,0 +1,15 @@ +[DEFAULT] +hostip = {{ contrail_address }} +hostname = {{ ansible_hostname }} +log_file = /var/log/contrail/contrail-dns.log +log_level = SYS_NOTICE +log_local = 1 + +[DISCOVERY] +server = {{ contrail_haproxy_address }} +port = 5998 + +[IFMAP] +certs_store = +user = {{ contrail_address }}.dns +password = {{ contrail_address }}.dns diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-keystone-auth-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-keystone-auth-conf.j2 new file mode 100755 index 00000000..f362ef45 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-keystone-auth-conf.j2 @@ -0,0 +1,9 @@ +[KEYSTONE] +auth_protocol = http +auth_host = {{ contrail_keystone_address }} +auth_port = 35357 +admin_tenant_name = admin +admin_user = {{ contrail_admin_user }} +admin_password = {{ contrail_admin_password }} +insecure = False + diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-query-engine-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-query-engine-conf.j2 new file mode 100755 index 00000000..e051b7ec --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-query-engine-conf.j2 @@ -0,0 +1,13 @@ +[DEFAULT] +hostip = {{ contrail_address }} +cassandra_server_list = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:9160{% if not loop.last %} {% endif %}{% endfor %} + +collectors = {{ contrail_address }}:8086 +http_server_port = 8091 +log_file = /var/log/contrail/contrail-query-engine.log +log_level = SYS_NOTICE +log_local = 1 + +[REDIS] +server = 127.0.0.1 +port = 6379 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-schema-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-schema-conf.j2 new file mode 100755 index 00000000..2bb4ab79 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-schema-conf.j2 @@ -0,0 +1,22 @@ +[DEFAULTS] +ifmap_server_ip = {{ hostvars[groups['opencontrail_config'][0]]['contrail_address'] }} +ifmap_server_port = 8443 +ifmap_username = schema-transformer +ifmap_password = schema-transformer +api_server_ip = {{ hostvars[groups['opencontrail_config'][0]]['contrail_address'] }} +api_server_port = 8082 +zk_server_ip = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:2181{% if not loop.last %}, {% endif %}{% endfor %} + +cassandra_server_list = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:9160{% if not loop.last %} {% endif %}{% endfor %} + +disc_server_ip = {{ contrail_haproxy_address }} +disc_server_port = 5998 +log_file = /var/log/contrail/contrail-schema.log +log_level = SYS_NOTICE +log_local = 1 + +[SECURITY] +use_certs = False +keyfile = /etc/contrail/ssl/private_keys/apiserver_key.pem +certfile = /etc/contrail/ssl/certs/apiserver.pem +ca_certs = /etc/contrail/ssl/certs/ca.pem diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-sudoers.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-sudoers.j2 new file mode 100755 index 00000000..1ff43563 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-sudoers.j2 @@ -0,0 +1,5 @@ +Defaults:contrail !requiretty + +Cmnd_Alias CONFIGRESTART = /usr/sbin/service supervisor-config restart + +contrail ALL = (root) NOPASSWD:CONFIGRESTART diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-svc-monitor-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-svc-monitor-conf.j2 new file mode 100755 index 00000000..4b4221d7 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-svc-monitor-conf.j2 @@ -0,0 +1,29 @@ +[DEFAULTS] +ifmap_server_ip = {{ contrail_address }} +ifmap_server_port = 8443 +ifmap_username = svc-monitor +ifmap_password = svc-monitor +api_server_ip = {{ contrail_haproxy_address }} +api_server_port = 8082 +zk_server_ip = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:2181{% if not loop.last %}, {% endif %}{% endfor %} + +cassandra_server_list = {% for cur_host in groups['opencontrail_database'] %}{{ hostvars[cur_host]['contrail_address'] }}:9160{% if not loop.last %} {% endif %}{% endfor %} + +disc_server_ip = {{ contrail_haproxy_address }} +disc_server_port = 5998 +rabbit_server = {{ contrail_haproxy_address }} +rabbit_port = 5673 +region_name = RegionOne +log_file = /var/log/contrail/contrail-svc-monitor.log +log_level = SYS_NOTICE +log_local = 1 + +[SECURITY] +use_certs = False +keyfile = /etc/contrail/ssl/private_keys/apiserver_key.pem +certfile = /etc/contrail/ssl/certs/apiserver.pem +ca_certs = /etc/contrail/ssl/certs/ca.pem + +[SCHEDULER] +analytics_server_ip = {{ contrail_haproxy_address }} +analytics_server_port = 8081 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-tor-agent-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-tor-agent-conf.j2 new file mode 100755 index 00000000..fb483c3e --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-tor-agent-conf.j2 @@ -0,0 +1,111 @@ +# +# Vnswad configuration options +# + +[CONTROL-NODE] +# IP address to be used to connect to control-node. Maximum of 2 IP addresses +# (separated by a space) can be provided. If no IP is configured then the +# value provided by discovery service will be used. (optional) +# server = 10.0.0.1 10.0.0.2 + +[DEFAULT] +agent_name = {{ ansible_hostname }}-{{ item.ansible_facts.toragent_index }} +# Everything in this section is optional + +# IP address and port to be used to connect to collector. If these are not +# configured, value provided by discovery service will be used. Multiple +# IP:port strings separated by space can be provided +# collectors = 127.0.0.1:8086 + +# Enable/disable debug logging. Possible values are 0 (disable) and 1 (enable) +# debug = 0 + +# Aging time for flow-records in seconds +# flow_cache_timeout = 0 + +# Hostname of compute-node. If this is not configured value from `hostname` +# will be taken +# hostname = + +# Category for logging. Default value is '*' +# log_category = + +# Local log file name +log_file = /var/log/contrail/contrail-tor-agent-{{ item.ansible_facts.toragent_index }}.log + +# Log severity levels. Possible values are SYS_EMERG, SYS_ALERT, SYS_CRIT, +# SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO and SYS_DEBUG. Default is SYS_DEBUG +# log_level = SYS_DEBUG + +# Enable/Disable local file logging. Possible values are 0 (disable) and 1 (enable) +# log_local = 0 + +# Enable/Disable local flow message logging. Possible values are 0 (disable) and 1 (enable) +# log_flow = 0 + +# Encapsulation type for tunnel. Possible values are MPLSoGRE, MPLSoUDP, VXLAN +# tunnel_type = + +# Enable/Disable headless mode for agent. In headless mode agent retains last +# known good configuration from control node when all control nodes are lost. +# Possible values are true(enable) and false(disable) +# headless_mode = + +# Define agent mode. Only supported value is "tor" +agent_mode = tor + +# Http server port for inspecting vnswad state (useful for debugging) +# http_server_port = 8085 +http_server_port = {{ item.ansible_facts.toragent_params.http_server_port }} + +[DISCOVERY] +#If DEFAULT.collectors and/or CONTROL-NODE and/or DNS is not specified this +#section is mandatory. Else this section is optional + +# IP address of discovery server +server = {{ contrail_haproxy_address }} + +# Number of control-nodes info to be provided by Discovery service. Possible +# values are 1 and 2 +# max_control_nodes = 1 + +[DNS] +# IP address to be used to connect to dns-node. Maximum of 2 IP addresses +# (separated by a space) can be provided. If no IP is configured then the +# value provided by discovery service will be used. (Optional) +# server = 10.0.0.1 10.0.0.2 + +[NETWORKS] +# control-channel IP address used by WEB-UI to connect to vnswad to fetch +# required information (Optional) +control_network_ip = {{ contrail_address }} + +[TOR] +# IP address of the TOR to manage +tor_ip = {{ item.ansible_facts.toragent_params.address }} + +# Identifier for ToR. Agent will subscribe to ifmap-configuration by this name +tor_id = {{ item.ansible_facts.toragent_index }} + +# ToR management scheme is based on this type. Only supported value is "ovs" +tor_type = ovs + +# OVS server port number on the ToR +tor_ovs_port = {{ item.ansible_facts.toragent_params.ovs_port }} + +# IP-Transport protocol used to connect to tor. Supported values are "tcp", "pssl" +tor_ovs_protocol = {{ item.ansible_facts.toragent_params.ovs_protocol }} + +# Path to ssl certificate for tor-agent, needed for pssl +ssl_cert = /etc/contrail/ssl/certs/tor.{{ item.ansible_facts.toragent_index }}.cert.pem + +# Path to ssl private-key for tor-agent, needed for pssl +ssl_privkey = /etc/contrail/ssl/private/tor.{{ item.ansible_facts.toragent_index }}.privkey.pem + +# Path to ssl cacert for tor-agent, needed for pssl +ssl_cacert = /etc/contrail/ssl/certs/cacert.pem + +tsn_ip = {{ contrail_address }} + +# OVS keep alive timer interval in milliseconds +tor_keepalive_interval = 10000 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-tor-agent-ini.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-tor-agent-ini.j2 new file mode 100755 index 00000000..db6944c9 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-tor-agent-ini.j2 @@ -0,0 +1,12 @@ +[program:contrail-tor-agent-{{ item.ansible_facts.toragent_index }}] +command=/usr/bin/contrail-tor-agent --config_file /etc/contrail/contrail-tor-agent-{{ item.ansible_facts.toragent_index }}.conf +priority=420 +autostart=true +killasgroup=true +stopsignal=KILL +stdout_capture_maxbytes=1MB +redirect_stderr=true +stdout_logfile=/var/log/contrail/contrail-tor-agent-{{ item.ansible_facts.toragent_index }}-stdout.log +stderr_logfile=/dev/null +startsecs=5 +exitcodes=0 ; 'expected' exit codes for process (default 0,2) diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-vnc-api-lib-ini.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-vnc-api-lib-ini.j2 new file mode 100755 index 00000000..85a7b63a --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-vnc-api-lib-ini.j2 @@ -0,0 +1,11 @@ +[global] +WEB_SERVER=127.0.0.1 +WEB_PORT=8082 ; connection to api-server directly +BASE_URL=/ + +[auth] +AUTHN_TYPE=keystone +AUTHN_PROTOCOL=http +AUTHN_SERVER={{ contrail_keystone_address }} +AUTHN_PORT=35357 +AUTHN_URL=/v2.0/tokens diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-vrouter-agent-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-vrouter-agent-conf.j2 new file mode 100755 index 00000000..207509e5 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/contrail-vrouter-agent-conf.j2 @@ -0,0 +1,177 @@ +# +# Vnswad configuration options +# + +[CONTROL-NODE] +# IP address to be used to connect to control-node. Maximum of 2 IP addresses +# (separated by a space) can be provided. If no IP is configured then the +# value provided by discovery service will be used. (Optional) +# server = 10.0.0.1 10.0.0.2 + +[DEFAULT] +# Everything in this section is optional + +# IP address and port to be used to connect to collector. If these are not +# configured, value provided by discovery service will be used. Multiple +# IP:port strings separated by space can be provided +# collectors = 127.0.0.1:8086 + +# Agent mode : can be vrouter / tsn / tor (default is vrouter) +{% if contrail_vrouter_mode is defined %}agent_mode = {{ contrail_vrouter_mode }} +{% else %}# agent_mode = +{% endif %} + +# Enable/disable debug logging. Possible values are 0 (disable) and 1 (enable) +# debug = 0 + +# Aging time for flow-records in seconds +# flow_cache_timeout = 0 + +# Hostname of compute-node. If this is not configured value from `hostname` +# will be taken +# hostname = + +# Http server port for inspecting vnswad state (useful for debugging) +# http_server_port = 8085 + +# Category for logging. Default value is '*' +# log_category = + +# Local log file name +log_file = /var/log/contrail/contrail-vrouter-agent.log + +# Log severity levels. Possible values are SYS_EMERG, SYS_ALERT, SYS_CRIT, +# SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO and SYS_DEBUG. Default is SYS_DEBUG +log_level = SYS_NOTICE + +# Enable/Disable local file logging. Possible values are 0 (disable) and 1 (enable) +log_local = 1 + +# Encapsulation type for tunnel. Possible values are MPLSoGRE, MPLSoUDP, VXLAN +# tunnel_type = + +# Enable/Disable headless mode for agent. In headless mode agent retains last +# known good configuration from control node when all control nodes are lost. +# Possible values are true(enable) and false(disable) +# headless_mode = + +# DHCP relay mode (true or false) to determine if a DHCP request in fabric +# interface with an unconfigured IP should be relayed or not +# dhcp_relay_mode = + +# DPDK or legacy work mode +platform = default + +# Physical address of PCI used by dpdk +physical_interface_address = + +# MAC address of device used by dpdk +physical_interface_mac = {{ hostvars[inventory_hostname][contrail_ansible_device]['macaddress'] }} + +[DISCOVERY] +# If COLLECTOR and/or CONTROL-NODE and/or DNS is not specified this section is +# mandatory. Else this section is optional + +# IP address of discovery server +server = {{ contrail_haproxy_address }} + +# Number of control-nodes info to be provided by Discovery service. Possible +# values are 1 and 2 +max_control_nodes = {{ groups['opencontrail_control'] | length }} + +[DNS] +# IP address and port to be used to connect to dns-node. Maximum of 2 IP +# addresses (separated by a space) can be provided. If no IP is configured then +# the value provided by discovery service will be used. +# server = 10.0.0.1:53 10.0.0.2:53 + +[HYPERVISOR] +# Everything in this section is optional + +# Hypervisor type. Possible values are kvm, xen and vmware +type = kvm +vmware_mode = + +# Link-local IP address and prefix in ip/prefix_len format (for xen) +# xen_ll_ip = + +# Link-local interface name when hypervisor type is Xen +# xen_ll_interface = + +# Physical interface name when hypervisor type is vmware +vmware_physical_interface = + +[FLOWS] +# Everything in this section is optional + +# Maximum flows allowed per VM (given as % of maximum system flows) +# max_vm_flows = 100 +# Maximum number of link-local flows allowed across all VMs +# max_system_linklocal_flows = 4096 +# Maximum number of link-local flows allowed per VM +# max_vm_linklocal_flows = 1024 + +[METADATA] +# Shared secret for metadata proxy service (Optional) +# metadata_proxy_secret = contrail + +[NETWORKS] +# control-channel IP address used by WEB-UI to connect to vnswad to fetch +# required information (Optional) +control_network_ip = {{ contrail_address }} + +[VIRTUAL-HOST-INTERFACE] +# Everything in this section is mandatory + +# name of virtual host interface +name = vhost0 + +# IP address and prefix in ip/prefix_len format +ip = {{ contrail_address }}/{{ contrail_prefixlen }} + +# Gateway IP address for virtual host +gateway = {{ contrail_gateway }} + +# Physical interface name to which virtual host interface maps to +physical_interface = {{ contrail_device }} + +# We can have multiple gateway sections with different indices in the +# following format +# [GATEWAY-0] +# Name of the routing_instance for which the gateway is being configured +# routing_instance = default-domain:admin:public:public + +# Gateway interface name +# interface = vgw + +# Virtual network ip blocks for which gateway service is required. Each IP +# block is represented as ip/prefix. Multiple IP blocks are represented by +# separating each with a space +# ip_blocks = 1.1.1.1/24 + +# [GATEWAY-1] +# Name of the routing_instance for which the gateway is being configured +# routing_instance = default-domain:admin:public1:public1 + +# Gateway interface name +# interface = vgw1 + +# Virtual network ip blocks for which gateway service is required. Each IP +# block is represented as ip/prefix. Multiple IP blocks are represented by +# separating each with a space +# ip_blocks = 2.2.1.0/24 2.2.2.0/24 + +# Routes to be exported in routing_instance. Each route is represented as +# ip/prefix. Multiple routes are represented by separating each with a space +# routes = 10.10.10.1/24 11.11.11.1/24 + +[SERVICE-INSTANCE] +# Path to the script which handles the netns commands +netns_command = /usr/bin/opencontrail-vrouter-netns + +# Number of workers that will be used to start netns commands +#netns_workers = 1 + +# Timeout for each netns command, when the timeout is reached, the netns +# command is killed. +#netns_timeout = 30 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/default-pmac.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/default-pmac.j2 new file mode 100755 index 00000000..dac56d1d --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/default-pmac.j2 @@ -0,0 +1 @@ +{{ hostvars[inventory_hostname][contrail_ansible_device]['macaddress'] }} diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/haproxy-contrail-cfg.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/haproxy-contrail-cfg.j2 new file mode 100755 index 00000000..6aa4d06e --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/haproxy-contrail-cfg.j2 @@ -0,0 +1,66 @@ +#contrail-marker-start + +listen contrail-stats + bind *:5937 + mode http + stats enable + stats uri / + stats auth haproxy:contrail123 + +listen neutron-server + bind *:9696 + balance roundrobin + option nolinger +{% for cur_host in groups['opencontrail_config'] %} server {{ hostvars[cur_host]['contrail_address'] }} {{ hostvars[cur_host]['contrail_address'] }}:9697 check inter 2000 rise 2 fall 3 +{% endfor %} + +listen contrail-api + bind *:8082 + balance roundrobin + option nolinger + timeout client 3m + timeout server 3m +{% for cur_host in groups['opencontrail_config'] %} server {{ hostvars[cur_host]['contrail_address'] }} {{ hostvars[cur_host]['contrail_address'] }}:9100 check inter 2000 rise 2 fall 3 +{% endfor %} + +listen contrail-discovery + bind *:5998 + balance roundrobin + option nolinger +{% for cur_host in groups['opencontrail_config'] %} server {{ hostvars[cur_host]['contrail_address'] }} {{ hostvars[cur_host]['contrail_address'] }}:9110 check inter 2000 rise 2 fall 3 +{% endfor %} + +listen contrail-analytics-api + bind *:8081 + balance roundrobin + option nolinger + option tcp-check + tcp-check connect port 6379 + default-server error-limit 1 on-error mark-down +{% for cur_host in groups['opencontrail_collector'] %} server {{ hostvars[cur_host]['contrail_address'] }} {{ hostvars[cur_host]['contrail_address'] }}:9081 check inter 2000 rise 2 fall 3 +{% endfor %} + +{% if contrail_tor_agents is defined %}listen contrail-tor-agent + bind {% for cur_agent in contrail_tor_agents %}*:{{ cur_agent['ovs_port'] }}{% if not loop.last %},{% endif %}{% endfor %} + + mode tcp + balance leastconn + option tcplog + option tcpka +{% for cur_host in groups['opencontrail_tsn'] %} server {{ hostvars[cur_host]['contrail_address'] }} {{ hostvars[cur_host]['contrail_address'] }} check inter 2000 +{% endfor %}{% endif %} + +listen rabbitmq + bind *:5673 + mode tcp + balance roundrobin + maxconn 10000 + option tcplog + option tcpka + option redispatch + timeout client 48h + timeout server 48h +{% for cur_host in groups['opencontrail_config'] %} server {{ hostvars[cur_host]['contrail_address'] }} {{ hostvars[cur_host]['contrail_address'] }}:5672 check inter 2000 rise 2 fall 3 weight 1 maxconn 500 +{% endfor %} + +#contrail-marker-end diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-authorization-properties.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-authorization-properties.j2 new file mode 100755 index 00000000..41a1c649 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-authorization-properties.j2 @@ -0,0 +1,2 @@ +# The MAPC with basic auth username 'reader' has read only access. +reader=ro diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-basicauthusers-properties.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-basicauthusers-properties.j2 new file mode 100755 index 00000000..6ca38a29 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-basicauthusers-properties.j2 @@ -0,0 +1,30 @@ +test:test +test2:test2 +test3:test3 +dhcp:dhcp +visual:visual +sensor:sensor + +# compliance testsuite users +mapclient:mapclient +helper:mapclient + +# This is a read-only MAPC +reader:reader + +# OpenContrail users +api-server:api-server +schema-transformer:schema-transformer +svc-monitor:svc-monitor + +control-user:control-user-passwd +control-node-1:control-node-1 +control-node-2:control-node-2 +control-node-3:control-node-3 +control-node-4:control-node-4 +control-node-5:control-node-5 +control-node-6:control-node-6 +control-node-7:control-node-7 +control-node-8:control-node-8 +control-node-9:control-node-9 +control-node-10:control-node-10 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-log4j-properties.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-log4j-properties.j2 new file mode 100755 index 00000000..ebd0b483 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-log4j-properties.j2 @@ -0,0 +1,26 @@ +# Set root logger level to DEBUG and its only appender to CONSOLE +log4j.rootLogger=TRACE, CONSOLE +log4j.error + +log4j.logger.de.fhhannover.inform.irond.proc=TRACE, A1, A2 +log4j.additivity.de.fhhannover.inform.irond.proc=false + +log4j.appender.A1=org.apache.log4j.ConsoleAppender +log4j.appender.A1.layout=org.apache.log4j.PatternLayout +log4j.appender.A1.layout.ConversionPattern=%d [%t] %-5p %x - %m%n + +log4j.appender.A2=org.apache.log4j.FileAppender +log4j.appender.A2.File=/var/log/contrail/ifmap-server.log +log4j.appender.A2.layout=org.apache.log4j.PatternLayout +log4j.appender.A2.layout.ConversionPattern=%d [%t] %-5p %x - %m%n + +log4j.logger.de.fhhannover.inform.irond.rawrequests=TRACE, A3 +log4j.additivity.de.fhhannover.inform.irond.rawrequests=false +log4j.appender.A3=org.apache.log4j.FileAppender +log4j.appender.A3.file=irond_raw.log +log4j.appender.A3.layout=org.apache.log4j.PatternLayout +log4j.appender.A3.layout.ConversionPattern=%d %-5p %x - %m%n + +log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender +log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout +log4j.appender.CONSOLE.layout.ConversionPattern=%-8r [%t] %-5p %C{1} %x - %m%n diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-publisher-properties.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-publisher-properties.j2 new file mode 100755 index 00000000..90d2a887 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/ifmap-publisher-properties.j2 @@ -0,0 +1,16 @@ +#Sun May 27 15:47:44 PDT 2012 +visual=visual--1877135140-1 +test=test--1870931913-1 +test2=test2--1870931914-1 +test3=test3--1870931915-1 +api-server=api-server-1--0000000001-1 +control-node-1=control-node-1--1870931921-1 +control-node-2=control-node-1--1870931922-1 +control-node-3=control-node-1--1870931923-1 +control-node-4=control-node-1--1870931924-1 +control-node-5=control-node-1--1870931925-1 +control-node-6=control-node-1--1870931926-1 +control-node-7=control-node-1--1870931927-1 +control-node-8=control-node-1--1870931928-1 +control-node-9=control-node-1--1870931929-1 +control-node-10=control-node-10--1870931930-1 diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/keepalived-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/keepalived-conf.j2 new file mode 100755 index 00000000..b16c4a25 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/keepalived-conf.j2 @@ -0,0 +1,29 @@ +vrrp_script chk_haproxy { + script "killall -0 haproxy" + interval 1 + timeout 3 + rise 2 + fall 2 +} + +vrrp_instance INTERNAL_1 { + interface {{ contrail_device }} + state MASTER + preemt_delay 7 + grap_master_delay 5 + grap_master_repeat 3 + grap_master_refresh 1 + advert_int 1 + virtual_router_id 85 + vmac_xmit_base + priority 10{{ item.0 }} + virtual_ipaddress { + {{ contrail_haproxy_address }} dev {{ contrail_device }} + } + track_script { + chk_haproxy + } + track_interface { + {{ contrail_device }} + } +} diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/neutron-contrail-plugin-ini.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/neutron-contrail-plugin-ini.j2 new file mode 100755 index 00000000..13e5965a --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/neutron-contrail-plugin-ini.j2 @@ -0,0 +1,15 @@ +[APISERVER] +api_server_ip={{ contrail_haproxy_address }} +api_server_port=8082 +multi_tenancy=True +contrail_extensions=ipam:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_ipam.NeutronPluginContrailIpam,policy:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_policy.NeutronPluginContrailPolicy,route-table:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_vpc.NeutronPluginContrailVpc,contrail:None + +[COLLECTOR] +analytics_api_ip={{ contrail_haproxy_address }} +analytics_api_port=8081 + +[KEYSTONE] +auth_url=http://{{ contrail_keystone_address }}:35357/v2.0 +admin_tenant_name=admin +admin_user={{ contrail_admin_user }} +admin_password={{ contrail_admin_password }} diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/nova.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/nova.j2 new file mode 100755 index 00000000..ea4dbbad --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/nova.j2 @@ -0,0 +1,58 @@ +[DEFAULT] +dhcpbridge_flagfile=/etc/nova/nova.conf +dhcpbridge=/usr/bin/nova-dhcpbridge +logdir=/var/log/nova +state_path=/var/lib/nova +lock_path=/var/lib/nova/tmp +force_dhcp_release=True +libvirt_use_virtio_for_bridges=True +verbose=True +ec2_private_dns_show_ip=False +auth_strategy = keystone +libvirt_nonblocking = True +libvirt_inject_partition = -1 +compute_driver = libvirt.LibvirtDriver +novncproxy_base_url = http://{{ contrail_keystone_address }}:6080/vnc_auto.html +vncserver_enabled = true +vncserver_listen = {{ contrail_address }} +vncserver_proxyclient_address = {{ contrail_address }} +security_group_api = neutron +heal_instance_info_cache_interval = 0 +image_cache_manager_interval = 0 +libvirt_cpu_mode = none +libvirt_vif_driver = nova_contrail_vif.contrailvif.VRouterVIFDriver +firewall_driver = nova.virt.firewall.NoopFirewallDriver +glance_host = {{ contrail_keystone_address }} +glance_port = 9292 +glance_num_retries = 10 +rabbit_host = {{ contrail_keystone_address }} +rabbit_port = 5672 +rabbit_password = {{ rabbit_password }} +rabbit_retry_interval = 1 +rabbit_retry_backoff = 2 +rabbit_max_retries = 0 +rabbit_ha_queues = True +rpc_cast_timeout = 30 +rpc_conn_pool_size = 40 +rpc_response_timeout = 60 +rpc_thread_pool_size = 70 +report_interval = 15 +novncproxy_port = 6080 +vnc_port = 5900 +vnc_port_total = 100 +resume_guests_state_on_host_boot = True +service_down_time = 300 +periodic_fuzzy_delay = 30 +disable_process_locking = True +neutron_admin_auth_url = + +[keystone_authtoken] +admin_tenant_name = service +admin_user = nova +admin_password = {{ contrail_admin_password }} +auth_host = {{ contrail_keystone_address }} +auth_protocol = http +auth_port = 5000 +signing_dir = /tmp/keystone-signing-nova + + diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/qemu-device-acl-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/qemu-device-acl-conf.j2 new file mode 100755 index 00000000..53dfbba2 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/qemu-device-acl-conf.j2 @@ -0,0 +1,6 @@ +cgroup_device_acl = [ + "/dev/null", "/dev/full", "/dev/zero", + "/dev/random", "/dev/urandom", + "/dev/ptmx", "/dev/kvm", "/dev/kqemu", + "/dev/rtc", "/dev/hpet","/dev/net/tun" +] diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-conf-single.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-conf-single.j2 new file mode 100755 index 00000000..a276d3e2 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-conf-single.j2 @@ -0,0 +1,6 @@ +[ + {rabbit, [ {tcp_listeners, [{"{{ contrail_address }}", 5672}]}, + {loopback_users, []}, + {log_levels,[{connection, info},{mirroring, info}]} ] + } +]. diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-conf.j2 new file mode 100755 index 00000000..c8cbe63f --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-conf.j2 @@ -0,0 +1,25 @@ +[ + {rabbit, [ {tcp_listeners, [{"{{ contrail_address }}", 5672}]}, {cluster_partition_handling, autoheal},{loopback_users, []}, + {cluster_nodes, {[{% for cur_host in groups['opencontrail_config'] %}'rabbit@{{ cur_host }}-ctrl'{% if not loop.last %}, {% endif %}{% endfor %}], disc}}, + {vm_memory_high_watermark, 0.4}, + {disk_free_limit,50000000}, + {log_levels,[{connection, info},{mirroring, info}]}, + {heartbeat,10}, + {delegate_count,20}, + {channel_max,5000}, + {tcp_listen_options, + [binary, + {packet, raw}, + {reuseaddr, true}, + {backlog, 128}, + {nodelay, true}, + {exit_on_close, false}, + {keepalive, true} + ] + }, + {collect_statistics_interval, 60000} + ] + }, + {rabbitmq_management_agent, [ {force_fine_statistics, true} ] }, + {kernel, [{net_ticktime, 30}]} +]. diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-cookie.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-cookie.j2 new file mode 100755 index 00000000..838d0332 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-cookie.j2 @@ -0,0 +1 @@ +{{ ansible_date_time.iso8601_micro | to_uuid }} diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-env-conf.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-env-conf.j2 new file mode 100755 index 00000000..1b3e60f7 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/rabbitmq-env-conf.j2 @@ -0,0 +1,2 @@ +NODE_IP_ADDRESS={{ contrail_address }} +NODENAME=rabbit@{{ ansible_hostname }}-ctrl diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/vrouter-nodemgr-param.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/vrouter-nodemgr-param.j2 new file mode 100755 index 00000000..7eee51ba --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/vrouter-nodemgr-param.j2 @@ -0,0 +1 @@ +DISCOVERY={{ hostvars[groups['opencontrail_config'][0]]['contrail_address'] }} diff --git a/deploy/adapters/ansible/roles/open-contrail/templates/provision/zookeeper-unique-id.j2 b/deploy/adapters/ansible/roles/open-contrail/templates/provision/zookeeper-unique-id.j2 new file mode 100755 index 00000000..ec0033b3 --- /dev/null +++ b/deploy/adapters/ansible/roles/open-contrail/templates/provision/zookeeper-unique-id.j2 @@ -0,0 +1 @@ +{{ item.0 + 1 }} -- cgit 1.2.3-korg