summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-01-29 06:02:10 +0100
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-02-05 06:03:35 +0100
commit9c3ecbb5238fa815e3f6b46c1933d69d588a5430 (patch)
tree793f75e8e13cfe82d125f82c5d6732dcf3df539f
parent5f95f52021fa08de3a0a46bdd98b0b711fec1ecc (diff)
[virtual] Split 'pxebr' from 'mcpcontrol' net
- add new virsh managed network 'pxebr' (to mimic baremetal behavior on virtual PODs, this will be the equivalent of PXE/admin network); - connect 'pxebr' to 3rd interface for cfg01, mas01 for all deploys (used to be baremetal-specific), replacing 'internal'; - keep 'mcpcontrol' connected only to 'cfg01' (+ 'mas01' if present) for initial infrastructure bring-up (1st interface); - switch all virtual cluster nodes to 'pxebr' (1st interface); - use 'pxebr' for all Salt cluster nodes traffic, 'mcpcontrol' only for mas01<=>cfg01 Salt traffic; - convert <user-data.template> to jinja2 and expand it based on PDF instead of using `envsubst`; - split <user-data.sh.j2> into two versions, one for each network used for Salt traffic; - ci/deploy.sh: Read scenario data before template parsing for cluster domain variable, needed in virsh network def; - leave docs diagram refresh to later after all possible deploy types have settled; - limit keyserver proxy usage to nodes where the configured http proxy matches the first nameserver (true for all MaaS-provisioned nodes), so we can re-use the same pillar for FN VMs and baremetal nodes; - add PXE/admin IP on cfg01's 3rd interface and switch other vnodes `salt_master_host` to point to it; JIRA: FUEL-322 Change-Id: Ie4f7aedddf2ef81046f1127b377d88dce79f0fda Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
-rwxr-xr-xci/deploy.sh11
-rw-r--r--mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch12
-rw-r--r--mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml2
-rw-r--r--mcp/salt-formulas/opendaylight/server.sls4
-rw-r--r--mcp/scripts/.gitignore1
-rw-r--r--mcp/scripts/lib.sh19
-rw-r--r--mcp/scripts/user-data.admin.sh.j214
-rw-r--r--mcp/scripts/user-data.mcp.sh.j2 (renamed from mcp/scripts/user-data.template)4
-rw-r--r--mcp/scripts/virsh_net/net_pxebr.xml.j226
9 files changed, 72 insertions, 21 deletions
diff --git a/ci/deploy.sh b/ci/deploy.sh
index ef941b005..fb22cc45a 100755
--- a/ci/deploy.sh
+++ b/ci/deploy.sh
@@ -277,19 +277,20 @@ if [ ! -f "${SCENARIO_DIR}/defaults-$(uname -i).yaml" ]; then
notify_e "[ERROR] Scenario defaults file is missing!"
fi
+# Get scenario data and (jumpserver) arch defaults
+eval "$(parse_yaml "${SCENARIO_DIR}/defaults-$(uname -i).yaml")"
+eval "$(parse_yaml "${SCENARIO_DIR}/${DEPLOY_TYPE}/${DEPLOY_SCENARIO}.yaml")"
+export CLUSTER_DOMAIN=${cluster_domain}
+
# Expand jinja2 templates based on PDF data and env vars
do_templates "${REPO_ROOT_PATH}" "${STORAGE_DIR}" "${TARGET_LAB}" \
"${TARGET_POD}" "${BASE_CONFIG_URI}"
-# Get required infra deployment data
+# Get required infra deployment data based on PDF/IDF (after template parsing)
set +x
-eval "$(parse_yaml "${SCENARIO_DIR}/defaults-$(uname -i).yaml")"
-eval "$(parse_yaml "${SCENARIO_DIR}/${DEPLOY_TYPE}/${DEPLOY_SCENARIO}.yaml")"
eval "$(parse_yaml "${LOCAL_PDF_RECLASS}")"
[[ "${CI_DEBUG}" =~ (false|0) ]] || set -x
-export CLUSTER_DOMAIN=${cluster_domain}
-
# Serialize vnode data as '<name0>,<ram0>,<vcpu0>|<name1>,<ram1>,<vcpu1>[...]'
for node in "${virtual_nodes[@]}"; do
virtual_custom_ram="virtual_${node}_ram"
diff --git a/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch b/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch
index fdf84dcd1..cf6009107 100644
--- a/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch
+++ b/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch
@@ -31,6 +31,11 @@ When the new http(s) proxy param is set:
If linux:system:proxy:keyserver is not defined, the behavior is
unchanged for backwards compatibility.
+To allow runtime decisions whether the keyserver proxy should be used
+add an additional condition for it to match the first nameserver.
+This allows us to mix virtual nodes with MaaS-provisioned nodes in
+Fuel@OPNFV, while keeping the ext_pillar common.
+
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
---
README.rst | 16 ++++++++++++++++
@@ -38,14 +43,13 @@ Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2 files changed, 56 insertions(+)
diff --git a/linux/system/repo.sls b/linux/system/repo.sls
-index 5d4d059..724db5a 100644
--- a/linux/system/repo.sls
+++ b/linux/system/repo.sls
@@ -96,13 +96,50 @@ linux_repo_{{ name }}_key:
- name: "curl -s {{ repo.key_url }} | apt-key add -"
- watch:
- file: default_repo_list
-+{%- if system.proxy.keyserver is defined %}
++{%- if system.proxy.keyserver is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.http %}
+ - env:
+ - http_proxy: {{ system.proxy.get('keyserver', {}).get('http', '') }}
+ - https_proxy: {{ system.proxy.get('keyserver', {}).get('https', '') }}
@@ -58,7 +62,7 @@ index 5d4d059..724db5a 100644
{%- if repo.get('enabled', True) %}
-+{%- if system.proxy.keyserver is defined %}
++{%- if system.proxy.keyserver is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.http %}
+
+{%- if repo.get('key') %}
+
@@ -96,7 +100,7 @@ index 5d4d059..724db5a 100644
{%- endif %}
- file: /etc/apt/sources.list.d/{{ name }}.list
- clean_file: {{ repo.clean|default(True) }}
-+ {%- if system.proxy.keyserver is not defined %}
++ {%- if system.proxy.keyserver is not defined or grains['dns']['nameservers'][0] not in system.proxy.keyserver.http %}
{%- if repo.key_id is defined %}
- keyid: {{ repo.key_id }}
{%- endif %}
diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml
index 908ba7719..555af31c7 100644
--- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml
+++ b/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml
@@ -21,7 +21,7 @@ parameters:
_param:
openstack_control_node01_hostname: ctl01
reclass_data_repository: local
- reclass_config_master: ${_param:opnfv_salt_master_ip}
+ reclass_config_master: ${_param:opnfv_infra_config_pxe_address}
salt_master_environment_repository: "https://github.com/tcpcloud"
salt_master_environment_revision: master
single_address: 172.16.10.100
diff --git a/mcp/salt-formulas/opendaylight/server.sls b/mcp/salt-formulas/opendaylight/server.sls
index f953cddc0..e70931301 100644
--- a/mcp/salt-formulas/opendaylight/server.sls
+++ b/mcp/salt-formulas/opendaylight/server.sls
@@ -15,10 +15,10 @@ opendaylight_repo_key:
- name: "apt-key adv --keyserver keyserver.ubuntu.com --recv 44C05248"
{%- if system.proxy is defined and system.proxy.keyserver is defined %}
- env:
-{%- if system.proxy.keyserver.http is defined %}
+{%- if system.proxy.keyserver.http is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.http %}
- http_proxy: {{ system.proxy.keyserver.http }}
{%- endif %}
-{%- if system.proxy.keyserver.https is defined %}
+{%- if system.proxy.keyserver.https is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.https %}
- https_proxy: {{ system.proxy.keyserver.https }}
{%- endif %}
{%- endif %}
diff --git a/mcp/scripts/.gitignore b/mcp/scripts/.gitignore
new file mode 100644
index 000000000..b235933e2
--- /dev/null
+++ b/mcp/scripts/.gitignore
@@ -0,0 +1 @@
+user-data.*.sh
diff --git a/mcp/scripts/lib.sh b/mcp/scripts/lib.sh
index 7920a4e0d..6f3c4383c 100644
--- a/mcp/scripts/lib.sh
+++ b/mcp/scripts/lib.sh
@@ -282,12 +282,15 @@ function prepare_vms {
ln -sf "${image_dir}/${_tmp}" "${image_dir}/${image}"
fi
- envsubst < user-data.template > user-data.sh # CWD should be <mcp/scripts>
-
# Create config ISO and resize OS disk image for each foundation node VM
for node in "${vnodes[@]}"; do
- ./create-config-drive.sh -k "$(basename "${SSH_KEY}").pub" -u user-data.sh \
- -h "${node}" "${image_dir}/mcp_${node}.iso"
+ if [[ "${node}" =~ ^(cfg01|mas01) ]]; then
+ user_data='user-data.mcp.sh'
+ else
+ user_data='user-data.admin.sh'
+ fi
+ ./create-config-drive.sh -k "$(basename "${SSH_KEY}").pub" \
+ -u "${user_data}" -h "${node}" "${image_dir}/mcp_${node}.iso"
cp "${image_dir}/${image}" "${image_dir}/mcp_${node}.qcow2"
qemu-img resize "${image_dir}/mcp_${node}.qcow2" 100G
done
@@ -335,7 +338,6 @@ function create_vms {
# vnode data should be serialized with the following format:
# '<name0>,<ram0>,<vcpu0>|<name1>,<ram1>,<vcpu1>[...]'
IFS='|' read -r -a vnodes <<< "$1"; shift
- local vnode_networks=("$@")
# AArch64: prepare arch specific arguments
local virt_extra_args=""
@@ -349,10 +351,13 @@ function create_vms {
IFS=',' read -r -a vnode_data <<< "${serialized_vnode_data}"
# prepare network args
- net_args=" --network network=mcpcontrol,model=virtio"
- if [ "${DEPLOY_TYPE:-}" = 'baremetal' ]; then
+ local vnode_networks=("$@")
+ if [[ "${vnode_data[0]}" =~ ^(cfg01|mas01) ]]; then
+ net_args=" --network network=mcpcontrol,model=virtio"
# 3rd interface gets connected to PXE/Admin Bridge (cfg01, mas01)
vnode_networks[2]="${vnode_networks[0]}"
+ else
+ net_args=" --network bridge=${vnode_networks[0]},model=virtio"
fi
for net in "${vnode_networks[@]:1}"; do
net_args="${net_args} --network bridge=${net},model=virtio"
diff --git a/mcp/scripts/user-data.admin.sh.j2 b/mcp/scripts/user-data.admin.sh.j2
new file mode 100644
index 000000000..b4c89b29c
--- /dev/null
+++ b/mcp/scripts/user-data.admin.sh.j2
@@ -0,0 +1,14 @@
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+rm /etc/salt/minion_id
+rm -f /etc/salt/pki/minion/minion_master.pub
+echo "id: $(hostname).{{ conf.CLUSTER_DOMAIN }}" > /etc/salt/minion
+{#- should be in sync with 'opnfv_infra_config_pxe_address' in 'pharos/config/installers/fuel/pod_config.yml.j2 #}
+echo "master: {{ conf.idf.net_config.admin.network | ipaddr_index(2) }}" >> /etc/salt/minion
+service salt-minion restart
diff --git a/mcp/scripts/user-data.template b/mcp/scripts/user-data.mcp.sh.j2
index 189310be4..4bd0d1d09 100644
--- a/mcp/scripts/user-data.template
+++ b/mcp/scripts/user-data.mcp.sh.j2
@@ -8,6 +8,6 @@
##############################################################################
rm /etc/salt/minion_id
rm -f /etc/salt/pki/minion/minion_master.pub
-echo "id: $(hostname).${CLUSTER_DOMAIN}" > /etc/salt/minion
-echo "master: ${SALT_MASTER}" >> /etc/salt/minion
+echo "id: $(hostname).{{ conf.CLUSTER_DOMAIN }}" > /etc/salt/minion
+echo "master: {{ conf.SALT_MASTER }}" >> /etc/salt/minion
service salt-minion restart
diff --git a/mcp/scripts/virsh_net/net_pxebr.xml.j2 b/mcp/scripts/virsh_net/net_pxebr.xml.j2
new file mode 100644
index 000000000..f82780cf7
--- /dev/null
+++ b/mcp/scripts/virsh_net/net_pxebr.xml.j2
@@ -0,0 +1,26 @@
+<!--
+ Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+
+ All rights reserved. This program and the accompanying materials
+ are made available under the terms of the Apache License, Version 2.0
+ which accompanies this distribution, and is available at
+ http://www.apache.org/licenses/LICENSE-2.0
+-->
+{%- if conf.idf.net_config.admin is defined %}
+ {%- set pxebr_network = conf.idf.net_config.admin.network %}
+ {%- set pxebr_prefix = conf.idf.net_config.admin.mask %}
+{%- else %}
+ {%- set pxebr_network = '192.168.11.0' %}
+ {%- set pxebr_prefix = '24' %}
+{%- endif %}
+<network>
+ <name>pxebr</name>
+ <forward mode="nat"/>
+ <bridge name="pxebr"/>
+ <ip address="{{ pxebr_network | ipaddr_index(1) }}" netmask="{{ pxebr_prefix | netmask }}">
+ <!-- NOTE: .254 is harcoded for now (for /24 prefix), should be computed instead. -->
+ <dhcp>
+ <range start="{{ pxebr_network | ipaddr_index(4) }}" end="{{ pxebr_network | ipaddr_index(254) }}"/>
+ </dhcp>
+ </ip>
+</network>