diff options
author | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-04-07 05:27:48 +0200 |
---|---|---|
committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-06-19 15:47:11 +0200 |
commit | 33c017d388bf0f9cef5199c186bec5b4fd01f767 (patch) | |
tree | 7a90ebe50f00224bb51dce6bc772b9ec9d8c5e8c /mcp/reclass/classes/cluster/mcp-common-ha | |
parent | 3dbd313cc111455f8cf88d0d072ec8a2f3c6f705 (diff) |
Enforce static configuration instead of DHCP
- noha: 'accept_policy: open_mode' to align with ha scenarios;
- s/cmp01/cmp001/g to align all scenarios and allow code reuse;
- rename network params: s/dhcp/mcpcontrol/g, cleanup;
- computes XDF data: drop 'opnfv_*' layer of params, cleanup;
- local vPDF: add comments with default roles by node index;
- parameterize all netmasks;
- drop unused address/netmask for 'proto: manual' interfaces;
- virsh_net: cleanup definitions, remove hardcodes, align IP on
jumpserver and DHCP range with MaaS for pxebr;
- maas: parameterize hardcoded '/24' cidr for PXE/admin, refactor
maas.region.machines parameterization;
- merge <all-mcp-arch-common/infra/config_*pdf.yaml.j2> templates;
- move reclass.storage definitions of compute nodes to common dir;
- drop 'openstack_compute_*' reclass params in favor of expanding
them via j2 directly in reclass.storage params;
- adopt `nm.cluster.has_*_nodes` where possible;
- obsolete `runtime.yml` from reclass model;
- refactor arch-specific reclass param selection;
- remove unused defaults in favor of mandatory IDF properties;
- noha: prepare for baremetal node support in cinder_lvm_devices;
- interfaces: add interface_mtu and 'noifupdown: true' everywhere;
- interfaces: use j2 macros to generate eth/vlan config;
- states cleanup: remove DHCP route disable workaround on prx/cmp;
- allow configuring NTP servers via:
`idf.fuel.network.ntp_strata_host{1,2}`;
- ovs_bridge: Allow setting gateway, dns-nameservers
- apache: Adjust module list for novcp class inheritance;
- glusterfs PPA: pin with same prio of MCP repos for novcp scenario;
JIRA: FUEL-319
JIRA: FUEL-326
JIRA: FUEL-337
Change-Id: Ia6ad64ba8cade85a75fb22c9a2505decc3834360
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Diffstat (limited to 'mcp/reclass/classes/cluster/mcp-common-ha')
15 files changed, 216 insertions, 259 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml b/mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml.j2 index e5b263fe8..58ea46cad 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml.j2 @@ -6,6 +6,7 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- +{%- if 'maas' in conf.cluster.states %} parameters: # NOTE: Apt proxy is set by curtin, Salt minion proxy is configured below, # only enable proxy via /etc/environment if you need it for smth else @@ -23,3 +24,4 @@ parameters: enabled: true http: http://${_param:infra_maas_node01_deploy_address}:8000 https: http://${_param:infra_maas_node01_deploy_address}:8000 +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 index 208393e52..f6e0baa11 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 @@ -5,16 +5,10 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- classes: - - service.git.client - - system.linux.system.single - - system.linux.system.repo.mcp.salt - system.linux.system.repo.saltstack.xenial - - system.salt.master.api - - system.salt.master.pkg - - system.salt.minion.ca.salt_master - - system.reclass.storage.salt - system.reclass.storage.system.physical_control_cluster - system.reclass.storage.system.openstack_control_cluster - system.reclass.storage.system.openstack_proxy_cluster @@ -26,43 +20,38 @@ classes: # - system.reclass.storage.system.stacklight_telemetry_cluster - system.reclass.storage.system.infra_maas_single - cluster.mcp-common-ha.include.lab_proxy_pdf + - cluster.all-mcp-arch-common.infra.config_pdf parameters: _param: - salt_master_base_environment: prd - reclass_data_repository: local - salt_master_environment_repository: "https://github.com/tcpcloud" - salt_master_environment_revision: master + salt_master_host: ${_param:infra_config_deploy_address} single_address: ${_param:infra_config_address} deploy_address: ${_param:infra_config_deploy_address} - pxe_address: ${_param:opnfv_infra_config_pxe_address} - salt_master_host: ${_param:infra_config_deploy_address} - # yamllint disable rule:line-length - salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1" - dhcp_nic: ${_param:opnfv_fn_vm_primary_interface} + pxe_admin_address: ${_param:opnfv_infra_config_pxe_admin_address} + mcpcontrol_nic: ${_param:opnfv_fn_vm_primary_interface} single_nic: ${_param:opnfv_fn_vm_secondary_interface} - pxe_nic: ${_param:opnfv_fn_vm_tertiary_interface} + pxe_admin_nic: ${_param:opnfv_fn_vm_tertiary_interface} linux: network: interface: - dhcp: + mcpcontrol_int: enabled: true type: eth proto: dhcp - name: ${_param:dhcp_nic} + name: ${_param:mcpcontrol_nic} single: enabled: true type: eth proto: static name: ${_param:single_nic} address: ${_param:single_address} - netmask: 255.255.255.0 - pxe: + netmask: ${_param:opnfv_net_mgmt_mask} + pxe_admin_int: enabled: true type: eth proto: static - name: ${_param:pxe_nic} - address: ${_param:pxe_address} - netmask: 255.255.255.0 + name: ${_param:pxe_admin_nic} + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} salt: master: accept_policy: open_mode @@ -71,21 +60,27 @@ parameters: command_timeout: 20 reclass: storage: - data_source: - engine: local node: + # NOTE: compute nodes definitions are defined in <all-mcp-arch-common/infra> infra_kvm_node01: params: keepalived_vip_priority: 100 linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_infra_kvm_node01_pxe_admin_address} infra_kvm_node02: +{%- if not conf.MCP_VCP %} + classes: + - cluster.mcp-common-ha.infra.kvm_novcp +{%- endif %} params: keepalived_vip_priority: 101 linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_infra_kvm_node02_pxe_admin_address} infra_kvm_node03: params: keepalived_vip_priority: 102 linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_infra_kvm_node03_pxe_admin_address} openstack_telemetry_node01: params: linux_system_codename: xenial @@ -93,29 +88,37 @@ parameters: # to prevent race conditions ceilometer_create_gnocchi_resources: true redis_cluster_role: 'master' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node01_pxe_admin_address} openstack_telemetry_node02: params: linux_system_codename: xenial redis_cluster_role: 'slave' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node02_pxe_admin_address} openstack_telemetry_node03: params: linux_system_codename: xenial redis_cluster_role: 'slave' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node03_pxe_admin_address} openstack_message_queue_node01: params: linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node01_pxe_admin_address} openstack_message_queue_node02: params: linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node02_pxe_admin_address} openstack_message_queue_node03: params: linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node03_pxe_admin_address} openstack_proxy_node01: params: linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address} openstack_proxy_node02: params: linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address} # stacklight_log_node01: # classes: # - system.elasticsearch.client.single @@ -130,46 +133,28 @@ parameters: linux_system_codename: xenial # NOTE: When VCP is present, external_address is not used external_address: ${_param:openstack_proxy_node01_address} + pxe_admin_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address} openstack_control_node02: params: linux_system_codename: xenial external_address: 0.0.0.0 + pxe_admin_address: ${_param:opnfv_openstack_control_node02_pxe_admin_address} openstack_control_node03: params: linux_system_codename: xenial external_address: ${_param:openstack_proxy_node02_address} + pxe_admin_address: ${_param:opnfv_openstack_control_node03_pxe_admin_address} openstack_database_node01: classes: - cluster.mcp-common-ha.openstack_database_init params: linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_openstack_database_node01_pxe_admin_address} openstack_database_node02: params: linux_system_codename: xenial + pxe_admin_address: ${_param:opnfv_openstack_database_node02_pxe_admin_address} openstack_database_node03: params: linux_system_codename: xenial - openstack_compute_node01: - name: ${_param:openstack_compute_node01_hostname} - domain: ${_param:cluster_domain} - classes: - - cluster.${_param:cluster_name}.openstack.compute - params: - salt_master_host: ${_param:reclass_config_master} - linux_system_codename: xenial - control_address: ${_param:openstack_compute_node01_control_address} - single_address: ${_param:openstack_compute_node01_single_address} - tenant_address: ${_param:openstack_compute_node01_tenant_address} - external_address: ${_param:openstack_compute_node01_external_address} - openstack_compute_node02: - name: ${_param:openstack_compute_node02_hostname} - domain: ${_param:cluster_domain} - classes: - - cluster.${_param:cluster_name}.openstack.compute - params: - salt_master_host: ${_param:reclass_config_master} - linux_system_codename: xenial - control_address: ${_param:openstack_compute_node02_control_address} - single_address: ${_param:openstack_compute_node02_single_address} - tenant_address: ${_param:openstack_compute_node02_tenant_address} - external_address: ${_param:openstack_compute_node02_external_address} + pxe_admin_address: ${_param:opnfv_openstack_database_node03_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 index 8c601f61b..c01042f54 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 @@ -19,14 +19,14 @@ parameters: cluster_domain: ${_param:cluster_name}.local # stacklight_environment: ${_param:cluster_domain} reclass_data_revision: master - reclass_config_master: ${_param:opnfv_infra_config_pxe_address} + reclass_config_master: ${_param:opnfv_infra_config_pxe_admin_address} cluster_public_host: ${_param:openstack_proxy_address} infra_config_hostname: cfg01 infra_maas_database_password: opnfv_secret # infra service addresses infra_config_address: ${_param:opnfv_infra_config_address} - infra_config_deploy_address: ${_param:opnfv_salt_master_ip} + infra_config_deploy_address: {{ conf.SALT_MASTER }} infra_maas_node01_address: ${_param:opnfv_infra_maas_node01_address} infra_maas_node01_deploy_address: ${_param:opnfv_infra_maas_node01_deploy_address} @@ -47,9 +47,6 @@ parameters: infra_kvm_node02_hostname: kvm02 infra_kvm_node03_hostname: kvm03 - ntp_strata_host1: 1.pool.ntp.org - ntp_strata_host2: 0.pool.ntp.org - # Interface definitions reclass: storage: @@ -64,9 +61,11 @@ parameters: openstack_proxy_node01: params: control_address: ${_param:openstack_proxy_node01_control_address} + pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address} openstack_proxy_node02: params: control_address: ${_param:openstack_proxy_node02_control_address} + pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address} linux: system: apt: diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 new file mode 100644 index 000000000..8959a7856 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 @@ -0,0 +1,19 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{#- This class should only be inherited in NOVCP scenarios for kvm02 #} +{%- import 'net_map.j2' as nm with context %} +--- +parameters: + linux: + network: + interface: + br-mgmt: + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 index 97166c62c..6754d13dd 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 @@ -7,60 +7,52 @@ ############################################################################## {#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} {%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} {#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} {%- set nics = { nm.ctl01.nic_admin: True, nm.ctl01.nic_mgmt: True, nm.ctl01.nic_public: True } %} {%- set vlans = { nm.vlan_admin: nm.ctl01.nic_admin, nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %} --- parameters: + _param: + interface_mtu: 1500 linux: network: interface: -{%- for nic in nics %} - {{ nic }}: - enabled: true - type: eth - proto: manual - address: 0.0.0.0 - netmask: 255.255.255.0 - name: {{ nic }} - noifupdown: true -{%- endfor %} -{%- for vlan in vlans %} - {%- if vlan | int > 0 %} - {{ vlans[vlan] }}.{{ vlan }}: - enabled: true - proto: manual - type: vlan - name: {{ vlans[vlan] }}.{{ vlan }} - use_interfaces: - - {{ vlans[vlan] }} - noifupdown: true - {%- endif %} -{%- endfor %} +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} br-mgmt: enabled: true - proto: dhcp + proto: static + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} +{%- if conf.MCP_VCP %} +{#- For NOVCP scenarios, kvm02 gateway will be added via kvm_novcp class #} + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} +{%- endif %} type: bridge use_interfaces: - - {{ nm.ctl01.nic_admin }}{% if nm.vlan_admin | int > 0 %}.{{ nm.vlan_admin }}{% endif %} + - {{ ma.interface_str(nm.ctl01.nic_admin, nm.vlan_admin) }} noifupdown: true br-ctl: enabled: true type: bridge proto: static address: ${_param:single_address} - netmask: 255.255.255.0 + netmask: ${_param:opnfv_net_mgmt_mask} use_interfaces: - - {{ nm.ctl01.nic_mgmt }}{% if nm.vlan_mgmt | int > 0 %}.{{ nm.vlan_mgmt }}{% endif %} + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} noifupdown: true +{#- For NOVCP scenarios, kvm{01,03} external gateway will be added via triport class #} br-ex: enabled: true proto: manual - address: 0.0.0.0 netmask: ${_param:opnfv_net_public_mask} type: bridge use_interfaces: - - {{ nm.ctl01.nic_public }}{% if nm.vlan_public | int > 0 %}.{{ nm.vlan_public }}{% endif %} + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} noifupdown: true diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml deleted file mode 100644 index 36c674b85..000000000 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml +++ /dev/null @@ -1,69 +0,0 @@ -############################################################################## -# Copyright (c) 2018 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.maas.region.single - - service.maas.cluster.single - - cluster.mcp-common-ha.include.lab_proxy_pdf - - cluster.mcp-common-ha.infra.maas_pdf -parameters: - _param: - dhcp_interface: ${_param:opnfv_fn_vm_primary_interface} - primary_interface: ${_param:opnfv_fn_vm_secondary_interface} - pxe_interface: ${_param:opnfv_fn_vm_tertiary_interface} - interface_mtu: 1500 - # MaaS has issues using MTU > 1500 for PXE interface - pxe_interface_mtu: 1500 - linux_system_codename: xenial - maas_admin_username: opnfv - maas_admin_password: opnfv_secret - maas_db_password: opnfv_secret - dns_server01: ${_param:opnfv_dns_server01} - single_address: ${_param:infra_maas_node01_deploy_address} - hwe_kernel: 'hwe-16.04' - maas: - region: - salt_master_ip: ${_param:reclass_config_master} - domain: ${_param:cluster_domain} - maas_config: - commissioning_distro_series: 'xenial' - default_distro_series: 'xenial' - default_osystem: 'ubuntu' - default_storage_layout: 'lvm' - enable_http_proxy: true - disk_erase_with_secure_erase: false - dnssec_validation: 'no' - enable_third_party_drivers: true - network_discovery: 'enabled' - default_min_hwe_kernel: ${_param:hwe_kernel} - cluster: - saltstack_repo_xenial: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.11/ xenial main" - linux: - network: - interface: - dhcp_interface: - enabled: true - name: ${_param:dhcp_interface} - type: eth - proto: dhcp - primary_interface: - enabled: true - name: ${_param:primary_interface} - mtu: ${_param:interface_mtu} - proto: static - address: ${_param:infra_maas_node01_address} - netmask: 255.255.255.0 - type: eth - pxe_interface: - enabled: true - name: ${_param:pxe_interface} - mtu: ${_param:pxe_interface_mtu} - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 - type: eth diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2 index 1838590e9..bafdcf302 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2 @@ -5,26 +5,42 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## -{%- set cluster_arch = [] %} -{%- for node in conf.nodes %} - {%- if node.node.arch not in cluster_arch %} - {%- do cluster_arch.append(node.node.arch) %} - {%- endif %} -{%- endfor %} -{%- set net_admin = [conf.idf.net_config.admin.network, - conf.idf.net_config.admin.mask] | join("/") %} +{%- import 'net_map.j2' as nm with context %} --- +# NOTE: pod_config is generated and transferred into its final location on +# cfg01 only during deployment to prevent leaking sensitive data +classes: + - system.maas.region.single + - service.maas.cluster.single + - cluster.mcp-common-ha.include.lab_proxy_pdf + - cluster.all-mcp-arch-common.opnfv.pod_config parameters: + _param: + mcpcontrol_interface: ${_param:opnfv_fn_vm_primary_interface} + primary_interface: ${_param:opnfv_fn_vm_secondary_interface} + pxe_admin_interface: ${_param:opnfv_fn_vm_tertiary_interface} + interface_mtu: 1500 + # MaaS has issues using MTU > 1500 for PXE interface + pxe_admin_interface_mtu: 1500 + linux_system_codename: xenial + maas_admin_username: opnfv + maas_admin_password: opnfv_secret + maas_db_password: opnfv_secret + dns_server01: '{{ nm.dns_public[0] }}' + single_address: ${_param:infra_maas_node01_deploy_address} + hwe_kernel: 'hwe-16.04' + opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }} + opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }} maas: region: subnets: - {{ net_admin }}: - name: {{ net_admin }} - cidr: {{ net_admin }} + {{ nm.net_admin }}: + name: {{ nm.net_admin }} + cidr: {{ nm.net_admin }} gateway_ip: ${_param:single_address} iprange: - start: ${_param:opnfv_infra_maas_pxe_start_address} - end: ${_param:opnfv_infra_maas_pxe_end_address} + start: {{ nm.net_admin_pool_start }} + end: {{ nm.net_admin_pool_end }} type: dynamic vlans: untagged: @@ -32,10 +48,10 @@ parameters: dhcp_on: true primary_rack: ${_param:infra_maas_node01_hostname} # Space-separated list of dpkg architectures to be supported by MaaS - opnfv_arches:{%- for arch in cluster_arch %} {{ arch | dpkg_arch }}{%- endfor %} + opnfv_arches:{%- for arch in nm.cluster.arch %} {{ arch | dpkg_arch }}{%- endfor %} sshprefs: - '{{ conf.MAAS_SSH_KEY }}' -{%- if 'aarch64' in cluster_arch %} +{%- if 'aarch64' in nm.cluster.arch %} package_repositories: armband: name: armband @@ -92,3 +108,42 @@ parameters: {%- endif %} {%- endif %} {%- endfor %} + salt_master_ip: ${_param:reclass_config_master} + domain: ${_param:cluster_domain} + maas_config: + commissioning_distro_series: 'xenial' + default_distro_series: 'xenial' + default_osystem: 'ubuntu' + default_storage_layout: 'lvm' + enable_http_proxy: true + disk_erase_with_secure_erase: false + dnssec_validation: 'no' + enable_third_party_drivers: true + network_discovery: 'enabled' + default_min_hwe_kernel: ${_param:hwe_kernel} + cluster: + saltstack_repo_xenial: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/ xenial main" + linux: + network: + interface: + mcpcontrol_interface: + enabled: true + name: ${_param:mcpcontrol_interface} + type: eth + proto: dhcp + primary_interface: + enabled: true + name: ${_param:primary_interface} + mtu: ${_param:interface_mtu} + proto: static + address: ${_param:infra_maas_node01_address} + netmask: ${_param:opnfv_net_mgmt_mask} + type: eth + pxe_admin_interface: + enabled: true + name: ${_param:pxe_admin_interface} + mtu: ${_param:pxe_admin_interface_mtu} + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_admin_mask} + type: eth diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml index c8605462b..4a0764fd9 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml @@ -35,6 +35,7 @@ parameters: keepalived_vip_interface: br-ctl keepalived_vip_virtual_router_id: 69 linux_system_codename: xenial + single_address: ${_param:control_address} glusterfs_version: '3.13' glusterfs: client: diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 index fd51f5fea..396334c6d 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 @@ -7,9 +7,10 @@ ############################################################################## {#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} {%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} {#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} -{%- set nics = { nm.cmp001.nic_admin: True, nm.cmp001.nic_mgmt: True } %} -{%- set vlans = { nm.vlan_admin: nm.cmp001.nic_admin, nm.vlan_mgmt: nm.cmp001.nic_mgmt } %} +{%- set nics = { nm.cmp001.nic_mgmt: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.cmp001.nic_mgmt } %} --- parameters: _param: @@ -26,49 +27,28 @@ parameters: network: bridge: openvswitch interface: -{%- for nic in nics %} - {%- if nic == nm.cmp001.nic_admin %} - {{ nic }}: - enabled: true - type: eth - proto: dhcp - name: {{ nic }} - {%- else %} - {{ nic }}: + # PXE/admin is always untagged on computes + pxe_admin_int: enabled: true + name: {{ nm.cmp001.nic_admin }} + proto: static type: eth - proto: manual - address: 0.0.0.0 - {%- if nic == nm.cmp001.nic_public %} - netmask: ${_param:opnfv_net_public_mask} - {%- else %} - netmask: 255.255.255.0 - {%- endif %} + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} mtu: ${_param:interface_mtu} - name: {{ nic }} - {%- endif %} -{%- endfor %} -{%- for vlan in vlans %} - {%- if vlan | int > 0 %} - {{ vlans[vlan] }}.{{ vlan }}: - enabled: true - proto: manual - type: vlan - name: {{ vlans[vlan] }}.{{ vlan }} - use_interfaces: - - {{ vlans[vlan] }} - {%- endif %} -{%- endfor %} +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} br-ctl: enabled: true type: bridge proto: static address: ${_param:single_address} - netmask: 255.255.255.0 + netmask: ${_param:opnfv_net_mgmt_mask} use_interfaces: - - {{ nm.cmp001.nic_mgmt }}{% if nm.vlan_mgmt | int > 0 %}.{{ nm.vlan_mgmt }}{% endif %} + - {{ ma.interface_str(nm.cmp001.nic_mgmt, nm.vlan_mgmt) }} br-floating: enabled: true type: ovs_bridge @@ -77,15 +57,12 @@ parameters: address: ${_param:external_address} netmask: ${_param:opnfv_net_public_mask} use_interfaces: - - {{ nm.cmp001.nic_public }}{% if nm.vlan_public | int > 0 %}.{{ nm.vlan_public }}{% endif %} - route: - public: - address: 0.0.0.0 - netmask: 0.0.0.0 - gateway: ${_param:opnfv_net_public_gw} + - {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} ovs_port_{{ nm.cmp001.nic_public }}: enabled: true - name: {{ nm.cmp001.nic_public }}{% if nm.vlan_public | int > 0 %}.{{ nm.vlan_public }}{% endif %} + name: {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} proto: manual ovs_port_type: OVSPort type: ovs_port diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 index 1870cc46b..ceb3622b1 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 @@ -99,9 +99,6 @@ parameters: server: bind: ~ports: ~ - ~modules: - - rewrite - - wsgi # sync from common-ha kvm role glusterfs: server: diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 index 00f24087e..9f05790c9 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 @@ -5,6 +5,7 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- parameters: _param: @@ -63,19 +64,6 @@ parameters: openstack_telemetry_node03_address: ${_param:openstack_control_node03_address} {%- endif %} - # OpenStack Compute - openstack_compute_node01_single_address: ${_param:opnfv_openstack_compute_node01_single_address} - openstack_compute_node02_single_address: ${_param:opnfv_openstack_compute_node02_single_address} - openstack_compute_node03_single_address: ${_param:opnfv_openstack_compute_node03_single_address} - openstack_compute_node01_control_address: ${_param:opnfv_openstack_compute_node01_control_address} - openstack_compute_node02_control_address: ${_param:opnfv_openstack_compute_node02_control_address} - openstack_compute_node03_control_address: ${_param:opnfv_openstack_compute_node03_control_address} - openstack_compute_node01_tenant_address: ${_param:opnfv_openstack_compute_node01_tenant_address} - openstack_compute_node02_tenant_address: ${_param:opnfv_openstack_compute_node02_tenant_address} - openstack_compute_node03_tenant_address: ${_param:opnfv_openstack_compute_node03_tenant_address} - openstack_compute_node01_external_address: ${_param:opnfv_openstack_compute_node01_external_address} - openstack_compute_node02_external_address: ${_param:opnfv_openstack_compute_node02_external_address} - # openstack service hostnames {%- if conf.MCP_VCP %} openstack_proxy_hostname: prx @@ -387,13 +375,13 @@ parameters: - ${_param:openstack_control_node03_hostname} - ${_param:openstack_control_node03_hostname}.${_param:cluster_domain} {%- endif %} - cmp001: - address: ${_param:openstack_compute_node01_control_address} - names: - - ${_param:openstack_compute_node01_hostname} - - ${_param:openstack_compute_node01_hostname}.${_param:cluster_domain} - cmp002: - address: ${_param:openstack_compute_node02_control_address} +{#- For compute nodes, expand values in-place, bypassing reclass param expansion #} +{%- for cmp in range(1, nm.cmp_nodes + 1) %} + {%- set h = 'cmp%03d' | format(cmp) %} + {%- set mgmt = nm.net_mgmt_hosts | length + nm.start_ip[nm.net_mgmt] + loop.index %} + {{ h }}: + address: {{ nm.net_mgmt | ipnet_hostaddr(mgmt) }} names: - - ${_param:openstack_compute_node02_hostname} - - ${_param:openstack_compute_node02_hostname}.${_param:cluster_domain} + - {{ h }} + - {{ h }}.${_param:cluster_domain} +{%- endfor %} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 index 18576b257..3576acc2f 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 @@ -5,6 +5,7 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- {%- if conf.MCP_VCP %} classes: @@ -12,16 +13,21 @@ classes: - cluster.mcp-common-ha.include.lab_proxy_pdf parameters: _param: - dhcp_nic: ${_param:opnfv_vcp_vm_primary_interface} + pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface} single_nic: ${_param:opnfv_vcp_vm_secondary_interface} linux: network: interface: - dhcp: + pxe_admin: enabled: true type: eth - proto: dhcp - name: ${_param:dhcp_nic} + proto: static + name: ${_param:pxe_admin_interface} + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} single: enabled: true type: eth diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 index 2cd74992a..1fa22aa7f 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 @@ -5,6 +5,8 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} --- {%- if conf.MCP_VCP %} classes: @@ -12,17 +14,19 @@ classes: - cluster.mcp-common-ha.include.lab_proxy_pdf parameters: _param: - dhcp_nic: ${_param:opnfv_vcp_vm_primary_interface} + pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface} single_nic: ${_param:opnfv_vcp_vm_secondary_interface} control_nic: ${_param:opnfv_vcp_vm_tertiary_interface} linux: network: interface: - dhcp_int: + pxe_admin: enabled: true type: eth - proto: dhcp - name: ${_param:dhcp_nic} + proto: static + name: ${_param:pxe_admin_interface} + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} single_int: enabled: true type: eth @@ -30,16 +34,23 @@ parameters: name: ${_param:single_nic} address: ${_param:single_address} netmask: ${_param:opnfv_net_public_mask} - route: - public: - address: 0.0.0.0 - netmask: 0.0.0.0 - gateway: ${_param:opnfv_net_public_gw} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} control_int: enabled: true type: eth proto: static name: ${_param:control_nic} address: ${_param:control_address} - netmask: 255.255.255.0 + netmask: ${_param:opnfv_net_mgmt_mask} +{%- else %} +{#- For NOVCP scenarios, base config is in kvm_pdf, only add/override gw #} +parameters: + linux: + network: + interface: + br-ex: + proto: static + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} {%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 index 5ddb9860a..d7ccff532 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 @@ -39,15 +39,6 @@ parameters: libapache2-mod-wsgi: version: latest {%- if not conf.MCP_VCP %} - # Set up routes similar to prx*ovs-ha - network: - interface: - br-ex: - route: - public: - address: 0.0.0.0 - netmask: 0.0.0.0 - gateway: ${_param:opnfv_net_public_gw} nginx: server: # NOTE(armband): Define host.address for all proxies for uniformity @@ -67,6 +58,9 @@ parameters: <<: *nginx_openstack_proxy_address nginx_proxy_openstack_api_heat_cfn: <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_heat_cloudwatch: + <<: *nginx_openstack_proxy_address + enabled: false nginx_proxy_openstack_api_keystone: <<: *nginx_openstack_proxy_address nginx_proxy_openstack_api_keystone_private: @@ -75,8 +69,6 @@ parameters: <<: *nginx_openstack_proxy_address nginx_proxy_openstack_api_nova: <<: *nginx_openstack_proxy_address - nginx_proxy_openstack_api_nova_ec2: - <<: *nginx_openstack_proxy_address nginx_proxy_openstack_web: <<: *nginx_openstack_proxy_address nginx_ssl_redirect_openstack_web: diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 index b7bb83b35..2ed7c5336 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 @@ -70,8 +70,10 @@ parameters: apache: server: ~modules: - - wsgi - rewrite +{%- if conf.MCP_VCP %} {#- wsgi module will be enabled by a different class inherited later #} + - wsgi +{%- endif %} site: gnocchi: wsgi: |