diff options
author | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-01-29 06:02:10 +0100 |
---|---|---|
committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-02-05 06:03:35 +0100 |
commit | 9c3ecbb5238fa815e3f6b46c1933d69d588a5430 (patch) | |
tree | 793f75e8e13cfe82d125f82c5d6732dcf3df539f | |
parent | 5f95f52021fa08de3a0a46bdd98b0b711fec1ecc (diff) |
[virtual] Split 'pxebr' from 'mcpcontrol' net
- add new virsh managed network 'pxebr' (to mimic baremetal behavior
on virtual PODs, this will be the equivalent of PXE/admin network);
- connect 'pxebr' to 3rd interface for cfg01, mas01 for all deploys
(used to be baremetal-specific), replacing 'internal';
- keep 'mcpcontrol' connected only to 'cfg01' (+ 'mas01' if present)
for initial infrastructure bring-up (1st interface);
- switch all virtual cluster nodes to 'pxebr' (1st interface);
- use 'pxebr' for all Salt cluster nodes traffic, 'mcpcontrol' only
for mas01<=>cfg01 Salt traffic;
- convert <user-data.template> to jinja2 and expand it based on PDF
instead of using `envsubst`;
- split <user-data.sh.j2> into two versions, one for each network
used for Salt traffic;
- ci/deploy.sh: Read scenario data before template parsing for
cluster domain variable, needed in virsh network def;
- leave docs diagram refresh to later after all possible deploy types
have settled;
- limit keyserver proxy usage to nodes where the configured http proxy
matches the first nameserver (true for all MaaS-provisioned nodes),
so we can re-use the same pillar for FN VMs and baremetal nodes;
- add PXE/admin IP on cfg01's 3rd interface and switch other vnodes
`salt_master_host` to point to it;
JIRA: FUEL-322
Change-Id: Ie4f7aedddf2ef81046f1127b377d88dce79f0fda
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
-rwxr-xr-x | ci/deploy.sh | 11 | ||||
-rw-r--r-- | mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch | 12 | ||||
-rw-r--r-- | mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml | 2 | ||||
-rw-r--r-- | mcp/salt-formulas/opendaylight/server.sls | 4 | ||||
-rw-r--r-- | mcp/scripts/.gitignore | 1 | ||||
-rw-r--r-- | mcp/scripts/lib.sh | 19 | ||||
-rw-r--r-- | mcp/scripts/user-data.admin.sh.j2 | 14 | ||||
-rw-r--r-- | mcp/scripts/user-data.mcp.sh.j2 (renamed from mcp/scripts/user-data.template) | 4 | ||||
-rw-r--r-- | mcp/scripts/virsh_net/net_pxebr.xml.j2 | 26 |
9 files changed, 72 insertions, 21 deletions
diff --git a/ci/deploy.sh b/ci/deploy.sh index ef941b005..fb22cc45a 100755 --- a/ci/deploy.sh +++ b/ci/deploy.sh @@ -277,19 +277,20 @@ if [ ! -f "${SCENARIO_DIR}/defaults-$(uname -i).yaml" ]; then notify_e "[ERROR] Scenario defaults file is missing!" fi +# Get scenario data and (jumpserver) arch defaults +eval "$(parse_yaml "${SCENARIO_DIR}/defaults-$(uname -i).yaml")" +eval "$(parse_yaml "${SCENARIO_DIR}/${DEPLOY_TYPE}/${DEPLOY_SCENARIO}.yaml")" +export CLUSTER_DOMAIN=${cluster_domain} + # Expand jinja2 templates based on PDF data and env vars do_templates "${REPO_ROOT_PATH}" "${STORAGE_DIR}" "${TARGET_LAB}" \ "${TARGET_POD}" "${BASE_CONFIG_URI}" -# Get required infra deployment data +# Get required infra deployment data based on PDF/IDF (after template parsing) set +x -eval "$(parse_yaml "${SCENARIO_DIR}/defaults-$(uname -i).yaml")" -eval "$(parse_yaml "${SCENARIO_DIR}/${DEPLOY_TYPE}/${DEPLOY_SCENARIO}.yaml")" eval "$(parse_yaml "${LOCAL_PDF_RECLASS}")" [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x -export CLUSTER_DOMAIN=${cluster_domain} - # Serialize vnode data as '<name0>,<ram0>,<vcpu0>|<name1>,<ram1>,<vcpu1>[...]' for node in "${virtual_nodes[@]}"; do virtual_custom_ram="virtual_${node}_ram" diff --git a/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch b/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch index fdf84dcd1..cf6009107 100644 --- a/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch +++ b/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch @@ -31,6 +31,11 @@ When the new http(s) proxy param is set: If linux:system:proxy:keyserver is not defined, the behavior is unchanged for backwards compatibility. +To allow runtime decisions whether the keyserver proxy should be used +add an additional condition for it to match the first nameserver. +This allows us to mix virtual nodes with MaaS-provisioned nodes in +Fuel@OPNFV, while keeping the ext_pillar common. + Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> --- README.rst | 16 ++++++++++++++++ @@ -38,14 +43,13 @@ Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> 2 files changed, 56 insertions(+) diff --git a/linux/system/repo.sls b/linux/system/repo.sls -index 5d4d059..724db5a 100644 --- a/linux/system/repo.sls +++ b/linux/system/repo.sls @@ -96,13 +96,50 @@ linux_repo_{{ name }}_key: - name: "curl -s {{ repo.key_url }} | apt-key add -" - watch: - file: default_repo_list -+{%- if system.proxy.keyserver is defined %} ++{%- if system.proxy.keyserver is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.http %} + - env: + - http_proxy: {{ system.proxy.get('keyserver', {}).get('http', '') }} + - https_proxy: {{ system.proxy.get('keyserver', {}).get('https', '') }} @@ -58,7 +62,7 @@ index 5d4d059..724db5a 100644 {%- if repo.get('enabled', True) %} -+{%- if system.proxy.keyserver is defined %} ++{%- if system.proxy.keyserver is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.http %} + +{%- if repo.get('key') %} + @@ -96,7 +100,7 @@ index 5d4d059..724db5a 100644 {%- endif %} - file: /etc/apt/sources.list.d/{{ name }}.list - clean_file: {{ repo.clean|default(True) }} -+ {%- if system.proxy.keyserver is not defined %} ++ {%- if system.proxy.keyserver is not defined or grains['dns']['nameservers'][0] not in system.proxy.keyserver.http %} {%- if repo.key_id is defined %} - keyid: {{ repo.key_id }} {%- endif %} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml index 908ba7719..555af31c7 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml +++ b/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml @@ -21,7 +21,7 @@ parameters: _param: openstack_control_node01_hostname: ctl01 reclass_data_repository: local - reclass_config_master: ${_param:opnfv_salt_master_ip} + reclass_config_master: ${_param:opnfv_infra_config_pxe_address} salt_master_environment_repository: "https://github.com/tcpcloud" salt_master_environment_revision: master single_address: 172.16.10.100 diff --git a/mcp/salt-formulas/opendaylight/server.sls b/mcp/salt-formulas/opendaylight/server.sls index f953cddc0..e70931301 100644 --- a/mcp/salt-formulas/opendaylight/server.sls +++ b/mcp/salt-formulas/opendaylight/server.sls @@ -15,10 +15,10 @@ opendaylight_repo_key: - name: "apt-key adv --keyserver keyserver.ubuntu.com --recv 44C05248" {%- if system.proxy is defined and system.proxy.keyserver is defined %} - env: -{%- if system.proxy.keyserver.http is defined %} +{%- if system.proxy.keyserver.http is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.http %} - http_proxy: {{ system.proxy.keyserver.http }} {%- endif %} -{%- if system.proxy.keyserver.https is defined %} +{%- if system.proxy.keyserver.https is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.https %} - https_proxy: {{ system.proxy.keyserver.https }} {%- endif %} {%- endif %} diff --git a/mcp/scripts/.gitignore b/mcp/scripts/.gitignore new file mode 100644 index 000000000..b235933e2 --- /dev/null +++ b/mcp/scripts/.gitignore @@ -0,0 +1 @@ +user-data.*.sh diff --git a/mcp/scripts/lib.sh b/mcp/scripts/lib.sh index 7920a4e0d..6f3c4383c 100644 --- a/mcp/scripts/lib.sh +++ b/mcp/scripts/lib.sh @@ -282,12 +282,15 @@ function prepare_vms { ln -sf "${image_dir}/${_tmp}" "${image_dir}/${image}" fi - envsubst < user-data.template > user-data.sh # CWD should be <mcp/scripts> - # Create config ISO and resize OS disk image for each foundation node VM for node in "${vnodes[@]}"; do - ./create-config-drive.sh -k "$(basename "${SSH_KEY}").pub" -u user-data.sh \ - -h "${node}" "${image_dir}/mcp_${node}.iso" + if [[ "${node}" =~ ^(cfg01|mas01) ]]; then + user_data='user-data.mcp.sh' + else + user_data='user-data.admin.sh' + fi + ./create-config-drive.sh -k "$(basename "${SSH_KEY}").pub" \ + -u "${user_data}" -h "${node}" "${image_dir}/mcp_${node}.iso" cp "${image_dir}/${image}" "${image_dir}/mcp_${node}.qcow2" qemu-img resize "${image_dir}/mcp_${node}.qcow2" 100G done @@ -335,7 +338,6 @@ function create_vms { # vnode data should be serialized with the following format: # '<name0>,<ram0>,<vcpu0>|<name1>,<ram1>,<vcpu1>[...]' IFS='|' read -r -a vnodes <<< "$1"; shift - local vnode_networks=("$@") # AArch64: prepare arch specific arguments local virt_extra_args="" @@ -349,10 +351,13 @@ function create_vms { IFS=',' read -r -a vnode_data <<< "${serialized_vnode_data}" # prepare network args - net_args=" --network network=mcpcontrol,model=virtio" - if [ "${DEPLOY_TYPE:-}" = 'baremetal' ]; then + local vnode_networks=("$@") + if [[ "${vnode_data[0]}" =~ ^(cfg01|mas01) ]]; then + net_args=" --network network=mcpcontrol,model=virtio" # 3rd interface gets connected to PXE/Admin Bridge (cfg01, mas01) vnode_networks[2]="${vnode_networks[0]}" + else + net_args=" --network bridge=${vnode_networks[0]},model=virtio" fi for net in "${vnode_networks[@]:1}"; do net_args="${net_args} --network bridge=${net},model=virtio" diff --git a/mcp/scripts/user-data.admin.sh.j2 b/mcp/scripts/user-data.admin.sh.j2 new file mode 100644 index 000000000..b4c89b29c --- /dev/null +++ b/mcp/scripts/user-data.admin.sh.j2 @@ -0,0 +1,14 @@ +#!/bin/bash +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +rm /etc/salt/minion_id +rm -f /etc/salt/pki/minion/minion_master.pub +echo "id: $(hostname).{{ conf.CLUSTER_DOMAIN }}" > /etc/salt/minion +{#- should be in sync with 'opnfv_infra_config_pxe_address' in 'pharos/config/installers/fuel/pod_config.yml.j2 #} +echo "master: {{ conf.idf.net_config.admin.network | ipaddr_index(2) }}" >> /etc/salt/minion +service salt-minion restart diff --git a/mcp/scripts/user-data.template b/mcp/scripts/user-data.mcp.sh.j2 index 189310be4..4bd0d1d09 100644 --- a/mcp/scripts/user-data.template +++ b/mcp/scripts/user-data.mcp.sh.j2 @@ -8,6 +8,6 @@ ############################################################################## rm /etc/salt/minion_id rm -f /etc/salt/pki/minion/minion_master.pub -echo "id: $(hostname).${CLUSTER_DOMAIN}" > /etc/salt/minion -echo "master: ${SALT_MASTER}" >> /etc/salt/minion +echo "id: $(hostname).{{ conf.CLUSTER_DOMAIN }}" > /etc/salt/minion +echo "master: {{ conf.SALT_MASTER }}" >> /etc/salt/minion service salt-minion restart diff --git a/mcp/scripts/virsh_net/net_pxebr.xml.j2 b/mcp/scripts/virsh_net/net_pxebr.xml.j2 new file mode 100644 index 000000000..f82780cf7 --- /dev/null +++ b/mcp/scripts/virsh_net/net_pxebr.xml.j2 @@ -0,0 +1,26 @@ +<!-- + Copyright (c) 2018 Mirantis Inc., Enea AB and others. + + All rights reserved. This program and the accompanying materials + are made available under the terms of the Apache License, Version 2.0 + which accompanies this distribution, and is available at + http://www.apache.org/licenses/LICENSE-2.0 +--> +{%- if conf.idf.net_config.admin is defined %} + {%- set pxebr_network = conf.idf.net_config.admin.network %} + {%- set pxebr_prefix = conf.idf.net_config.admin.mask %} +{%- else %} + {%- set pxebr_network = '192.168.11.0' %} + {%- set pxebr_prefix = '24' %} +{%- endif %} +<network> + <name>pxebr</name> + <forward mode="nat"/> + <bridge name="pxebr"/> + <ip address="{{ pxebr_network | ipaddr_index(1) }}" netmask="{{ pxebr_prefix | netmask }}"> + <!-- NOTE: .254 is harcoded for now (for /24 prefix), should be computed instead. --> + <dhcp> + <range start="{{ pxebr_network | ipaddr_index(4) }}" end="{{ pxebr_network | ipaddr_index(254) }}"/> + </dhcp> + </ip> +</network> |