Enforce static configuration instead of DHCP

- noha: 'accept_policy: open_mode' to align with ha scenarios;
- s/cmp01/cmp001/g to align all scenarios and allow code reuse;
- rename network params: s/dhcp/mcpcontrol/g, cleanup;
- computes XDF data: drop 'opnfv_*' layer of params, cleanup;
- local vPDF: add comments with default roles by node index;
- parameterize all netmasks;
- drop unused address/netmask for 'proto: manual' interfaces;
- virsh_net: cleanup definitions, remove hardcodes, align IP on
  jumpserver and DHCP range with MaaS for pxebr;
- maas: parameterize hardcoded '/24' cidr for PXE/admin, refactor
  maas.region.machines parameterization;
- merge <all-mcp-arch-common/infra/config_*pdf.yaml.j2> templates;
- move reclass.storage definitions of compute nodes to common dir;
- drop 'openstack_compute_*' reclass params in favor of expanding
  them via j2 directly in reclass.storage params;
- adopt `nm.cluster.has_*_nodes` where possible;
- obsolete `runtime.yml` from reclass model;
- refactor arch-specific reclass param selection;
- remove unused defaults in favor of mandatory IDF properties;
- noha: prepare for baremetal node support in cinder_lvm_devices;
- interfaces: add interface_mtu and 'noifupdown: true' everywhere;
- interfaces: use j2 macros to generate eth/vlan config;
- states cleanup: remove DHCP route disable workaround on prx/cmp;
- allow configuring NTP servers via:
  `idf.fuel.network.ntp_strata_host{1,2}`;
- ovs_bridge: Allow setting gateway, dns-nameservers
- apache: Adjust module list for novcp class inheritance;
- glusterfs PPA: pin with same prio of MCP repos for novcp scenario;

JIRA: FUEL-319
JIRA: FUEL-326
JIRA: FUEL-337

Change-Id: Ia6ad64ba8cade85a75fb22c9a2505decc3834360
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>

1 files changed, 149 insertions, 0 deletions

diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2
new file mode 100644
index 000000000..bafdcf302
--- /dev/null
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2
@@ -0,0 +1,149 @@
+##############################################################################
+# Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+{%- import 'net_map.j2' as nm with context %}
+---
+# NOTE: pod_config is generated and transferred into its final location on
+# cfg01 only during deployment to prevent leaking sensitive data
+classes:
+  - system.maas.region.single
+  - service.maas.cluster.single
+  - cluster.mcp-common-ha.include.lab_proxy_pdf
+  - cluster.all-mcp-arch-common.opnfv.pod_config
+parameters:
+  _param:
+    mcpcontrol_interface: ${_param:opnfv_fn_vm_primary_interface}
+    primary_interface: ${_param:opnfv_fn_vm_secondary_interface}
+    pxe_admin_interface: ${_param:opnfv_fn_vm_tertiary_interface}
+    interface_mtu: 1500
+    # MaaS has issues using MTU > 1500 for PXE interface
+    pxe_admin_interface_mtu: 1500
+    linux_system_codename: xenial
+    maas_admin_username: opnfv
+    maas_admin_password: opnfv_secret
+    maas_db_password: opnfv_secret
+    dns_server01: '{{ nm.dns_public[0] }}'
+    single_address: ${_param:infra_maas_node01_deploy_address}
+    hwe_kernel: 'hwe-16.04'
+    opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }}
+    opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }}
+  maas:
+    region:
+      subnets:
+        {{ nm.net_admin }}:
+          name: {{ nm.net_admin }}
+          cidr: {{ nm.net_admin }}
+          gateway_ip: ${_param:single_address}
+          iprange:
+            start: {{ nm.net_admin_pool_start }}
+            end: {{ nm.net_admin_pool_end }}
+            type: dynamic
+          vlans:
+            untagged:
+              vid: 0
+              dhcp_on: true
+              primary_rack: ${_param:infra_maas_node01_hostname}
+      # Space-separated list of dpkg architectures to be supported by MaaS
+      opnfv_arches:{%- for arch in nm.cluster.arch %} {{ arch | dpkg_arch }}{%- endfor %}
+      sshprefs:
+        - '{{ conf.MAAS_SSH_KEY }}'
+{%- if 'aarch64' in nm.cluster.arch %}
+      package_repositories:
+        armband:
+          name: armband
+          enabled: '1'
+          url: 'http://linux.enea.com/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}'
+          distributions: '${_param:openstack_version}-armband'
+          components: 'main'
+          arches: 'arm64'
+          key: &armband_key |
+            -----BEGIN PGP PUBLIC KEY BLOCK-----
+            Version: GnuPG v2.0.14 (GNU/Linux)
+
+            mQENBFagAroBCADWboNIjuF6lB1mWv2+EbvqY3lKl5mLKhr2DnSUkKeHUPBv8gNM
+            qK8Q00AMIyPiyEhgjA+dWizZ+5aBgxoiY7oMeLJ2Xym36U/8SYq2BWd3SGCbMNoz
+            SJDxDUSM/HFVs6atF1M3DY9oN65hSVnu4uy5Tu6asf6k4rhAyk0z4+pRcPBCu2vq
+            mnGi3COM/+9PShrEKeVOx5W2vRJywUFuq8EDvQnRoJ0GvM28JiJIanw17YwIPxhg
+            BKZVpZjan5X+ihVMXwA2h/G/FS5Omhd50RqV6LWSYs94VJJgYqHx8UMm7izcxI+P
+            ct3IcbD195bPbJ+SbuiFe45ZLsdY1MyGiU2BABEBAAG0K0VuZWEgQXJtYmFuZCBE
+            ZXZvcHMgVGVhbSA8YXJtYmFuZEBlbmVhLmNvbT6JATgEEwECACICGwMGCwkIBwMC
+            BhUIAgkKCwQWAgMBAh4BAheABQJaY3bYAAoJEN6rkLp5irHRoQMH/0PYl0A/6eWw
+            nQ/szhEFrr76Ln6wA4vEO+PiuWj9kTkZM2NaCnkisrIuHSPIVvOLfFmztbE6sKGe
+            t+a2b7Jqw48DZ/gq508aZE4Q307ookxdCOrzIu/796hFO34yXg3sqZoJh3VmKIjY
+            4DL8yG1iAiQ5vOw3IFWQnATwIZUgaCcjmE7HGap+9ePuJfFuQ8mIG5cy28t8qocx
+            AB/B2tucfBMwomYxKqgbLI5AG7iSt58ajvrrNa9f8IX7Ihj/jiuXhUwX+geEp98K
+            IWVI1ftEthZvfBpZW4BS98J4z//dEPi31L4jb9RQXq3afF2RpXchDeUN85bW45nu
+            W/9PMAlgE/U=
+            =m+zE
+            -----END PGP PUBLIC KEY BLOCK-----
+{%- endif %}
+      machines:
+      {%- set pxe_interface = conf.idf.net_config.admin.interface %}
+      {#- We only support exactly 5 nodes for now, hardcoded order #}
+      {%- set node_roles = ['kvm01', 'kvm02', 'kvm03', 'cmp001', 'cmp002'] %}
+      {%- for node in conf.nodes %}
+      {%- if node.node.type == 'baremetal' %}
+        {{ node_roles[loop.index0] }}:
+          interface:
+            mac: {{ node.interfaces[pxe_interface].mac_address }}
+          power_parameters:
+            power_address: {{ node.remote_management.address.rsplit('/')[0] }}
+            power_password: {{ node.remote_management.pass }}
+            power_type: {{ node.remote_management.type }}
+            power_user: {{ node.remote_management.user }}
+          architecture: {{ node.node.arch | dpkg_arch }}/generic
+          distro_series: xenial
+          hwe_kernel: ${_param:hwe_kernel}
+          {%- if loop.index0 >= node_roles.index('cmp001')  %}
+          disk_layout:
+            type: lvm
+            root_device: sda
+            volume_group: vgroot
+            volume_name: lvroot
+            volume_size: 100
+          {%- endif %}
+      {%- endif %}
+      {%- endfor %}
+      salt_master_ip: ${_param:reclass_config_master}
+      domain: ${_param:cluster_domain}
+      maas_config:
+        commissioning_distro_series: 'xenial'
+        default_distro_series: 'xenial'
+        default_osystem: 'ubuntu'
+        default_storage_layout: 'lvm'
+        enable_http_proxy: true
+        disk_erase_with_secure_erase: false
+        dnssec_validation: 'no'
+        enable_third_party_drivers: true
+        network_discovery: 'enabled'
+        default_min_hwe_kernel: ${_param:hwe_kernel}
+    cluster:
+      saltstack_repo_xenial: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/ xenial main"
+  linux:
+    network:
+      interface:
+        mcpcontrol_interface:
+          enabled: true
+          name: ${_param:mcpcontrol_interface}
+          type: eth
+          proto: dhcp
+        primary_interface:
+          enabled: true
+          name: ${_param:primary_interface}
+          mtu: ${_param:interface_mtu}
+          proto: static
+          address: ${_param:infra_maas_node01_address}
+          netmask: ${_param:opnfv_net_mgmt_mask}
+          type: eth
+        pxe_admin_interface:
+          enabled: true
+          name: ${_param:pxe_admin_interface}
+          mtu: ${_param:pxe_admin_interface_mtu}
+          proto: static
+          address: ${_param:single_address}
+          netmask: ${_param:opnfv_net_admin_mask}
+          type: eth