aboutsummaryrefslogtreecommitdiffstats
path: root/mcp/reclass/classes/cluster/mcp-common-ha
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-04-07 05:27:48 +0200
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-06-19 15:47:11 +0200
commit33c017d388bf0f9cef5199c186bec5b4fd01f767 (patch)
tree7a90ebe50f00224bb51dce6bc772b9ec9d8c5e8c /mcp/reclass/classes/cluster/mcp-common-ha
parent3dbd313cc111455f8cf88d0d072ec8a2f3c6f705 (diff)
Enforce static configuration instead of DHCP
- noha: 'accept_policy: open_mode' to align with ha scenarios; - s/cmp01/cmp001/g to align all scenarios and allow code reuse; - rename network params: s/dhcp/mcpcontrol/g, cleanup; - computes XDF data: drop 'opnfv_*' layer of params, cleanup; - local vPDF: add comments with default roles by node index; - parameterize all netmasks; - drop unused address/netmask for 'proto: manual' interfaces; - virsh_net: cleanup definitions, remove hardcodes, align IP on jumpserver and DHCP range with MaaS for pxebr; - maas: parameterize hardcoded '/24' cidr for PXE/admin, refactor maas.region.machines parameterization; - merge <all-mcp-arch-common/infra/config_*pdf.yaml.j2> templates; - move reclass.storage definitions of compute nodes to common dir; - drop 'openstack_compute_*' reclass params in favor of expanding them via j2 directly in reclass.storage params; - adopt `nm.cluster.has_*_nodes` where possible; - obsolete `runtime.yml` from reclass model; - refactor arch-specific reclass param selection; - remove unused defaults in favor of mandatory IDF properties; - noha: prepare for baremetal node support in cinder_lvm_devices; - interfaces: add interface_mtu and 'noifupdown: true' everywhere; - interfaces: use j2 macros to generate eth/vlan config; - states cleanup: remove DHCP route disable workaround on prx/cmp; - allow configuring NTP servers via: `idf.fuel.network.ntp_strata_host{1,2}`; - ovs_bridge: Allow setting gateway, dns-nameservers - apache: Adjust module list for novcp class inheritance; - glusterfs PPA: pin with same prio of MCP repos for novcp scenario; JIRA: FUEL-319 JIRA: FUEL-326 JIRA: FUEL-337 Change-Id: Ia6ad64ba8cade85a75fb22c9a2505decc3834360 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Diffstat (limited to 'mcp/reclass/classes/cluster/mcp-common-ha')
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml.j2 (renamed from mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml)2
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 (renamed from mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml)85
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j29
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j219
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j248
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml69
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2 (renamed from mcp/reclass/classes/cluster/mcp-common-ha/infra/maas_pdf.yml.j2)85
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml1
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j259
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j23
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j232
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j214
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j231
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j214
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 (renamed from mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml)4
15 files changed, 216 insertions, 259 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml b/mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml.j2
index e5b263fe8..58ea46cad 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/include/maas_proxy.yml.j2
@@ -6,6 +6,7 @@
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
---
+{%- if 'maas' in conf.cluster.states %}
parameters:
# NOTE: Apt proxy is set by curtin, Salt minion proxy is configured below,
# only enable proxy via /etc/environment if you need it for smth else
@@ -23,3 +24,4 @@ parameters:
enabled: true
http: http://${_param:infra_maas_node01_deploy_address}:8000
https: http://${_param:infra_maas_node01_deploy_address}:8000
+{%- endif %}
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2
index 208393e52..f6e0baa11 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2
@@ -5,16 +5,10 @@
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
+{%- import 'net_map.j2' as nm with context %}
---
classes:
- - service.git.client
- - system.linux.system.single
- - system.linux.system.repo.mcp.salt
- system.linux.system.repo.saltstack.xenial
- - system.salt.master.api
- - system.salt.master.pkg
- - system.salt.minion.ca.salt_master
- - system.reclass.storage.salt
- system.reclass.storage.system.physical_control_cluster
- system.reclass.storage.system.openstack_control_cluster
- system.reclass.storage.system.openstack_proxy_cluster
@@ -26,43 +20,38 @@ classes:
# - system.reclass.storage.system.stacklight_telemetry_cluster
- system.reclass.storage.system.infra_maas_single
- cluster.mcp-common-ha.include.lab_proxy_pdf
+ - cluster.all-mcp-arch-common.infra.config_pdf
parameters:
_param:
- salt_master_base_environment: prd
- reclass_data_repository: local
- salt_master_environment_repository: "https://github.com/tcpcloud"
- salt_master_environment_revision: master
+ salt_master_host: ${_param:infra_config_deploy_address}
single_address: ${_param:infra_config_address}
deploy_address: ${_param:infra_config_deploy_address}
- pxe_address: ${_param:opnfv_infra_config_pxe_address}
- salt_master_host: ${_param:infra_config_deploy_address}
- # yamllint disable rule:line-length
- salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
- dhcp_nic: ${_param:opnfv_fn_vm_primary_interface}
+ pxe_admin_address: ${_param:opnfv_infra_config_pxe_admin_address}
+ mcpcontrol_nic: ${_param:opnfv_fn_vm_primary_interface}
single_nic: ${_param:opnfv_fn_vm_secondary_interface}
- pxe_nic: ${_param:opnfv_fn_vm_tertiary_interface}
+ pxe_admin_nic: ${_param:opnfv_fn_vm_tertiary_interface}
linux:
network:
interface:
- dhcp:
+ mcpcontrol_int:
enabled: true
type: eth
proto: dhcp
- name: ${_param:dhcp_nic}
+ name: ${_param:mcpcontrol_nic}
single:
enabled: true
type: eth
proto: static
name: ${_param:single_nic}
address: ${_param:single_address}
- netmask: 255.255.255.0
- pxe:
+ netmask: ${_param:opnfv_net_mgmt_mask}
+ pxe_admin_int:
enabled: true
type: eth
proto: static
- name: ${_param:pxe_nic}
- address: ${_param:pxe_address}
- netmask: 255.255.255.0
+ name: ${_param:pxe_admin_nic}
+ address: ${_param:pxe_admin_address}
+ netmask: ${_param:opnfv_net_admin_mask}
salt:
master:
accept_policy: open_mode
@@ -71,21 +60,27 @@ parameters:
command_timeout: 20
reclass:
storage:
- data_source:
- engine: local
node:
+ # NOTE: compute nodes definitions are defined in <all-mcp-arch-common/infra>
infra_kvm_node01:
params:
keepalived_vip_priority: 100
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_infra_kvm_node01_pxe_admin_address}
infra_kvm_node02:
+{%- if not conf.MCP_VCP %}
+ classes:
+ - cluster.mcp-common-ha.infra.kvm_novcp
+{%- endif %}
params:
keepalived_vip_priority: 101
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_infra_kvm_node02_pxe_admin_address}
infra_kvm_node03:
params:
keepalived_vip_priority: 102
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_infra_kvm_node03_pxe_admin_address}
openstack_telemetry_node01:
params:
linux_system_codename: xenial
@@ -93,29 +88,37 @@ parameters:
# to prevent race conditions
ceilometer_create_gnocchi_resources: true
redis_cluster_role: 'master'
+ pxe_admin_address: ${_param:opnfv_openstack_telemetry_node01_pxe_admin_address}
openstack_telemetry_node02:
params:
linux_system_codename: xenial
redis_cluster_role: 'slave'
+ pxe_admin_address: ${_param:opnfv_openstack_telemetry_node02_pxe_admin_address}
openstack_telemetry_node03:
params:
linux_system_codename: xenial
redis_cluster_role: 'slave'
+ pxe_admin_address: ${_param:opnfv_openstack_telemetry_node03_pxe_admin_address}
openstack_message_queue_node01:
params:
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_openstack_message_queue_node01_pxe_admin_address}
openstack_message_queue_node02:
params:
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_openstack_message_queue_node02_pxe_admin_address}
openstack_message_queue_node03:
params:
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_openstack_message_queue_node03_pxe_admin_address}
openstack_proxy_node01:
params:
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address}
openstack_proxy_node02:
params:
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address}
# stacklight_log_node01:
# classes:
# - system.elasticsearch.client.single
@@ -130,46 +133,28 @@ parameters:
linux_system_codename: xenial
# NOTE: When VCP is present, external_address is not used
external_address: ${_param:openstack_proxy_node01_address}
+ pxe_admin_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address}
openstack_control_node02:
params:
linux_system_codename: xenial
external_address: 0.0.0.0
+ pxe_admin_address: ${_param:opnfv_openstack_control_node02_pxe_admin_address}
openstack_control_node03:
params:
linux_system_codename: xenial
external_address: ${_param:openstack_proxy_node02_address}
+ pxe_admin_address: ${_param:opnfv_openstack_control_node03_pxe_admin_address}
openstack_database_node01:
classes:
- cluster.mcp-common-ha.openstack_database_init
params:
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_openstack_database_node01_pxe_admin_address}
openstack_database_node02:
params:
linux_system_codename: xenial
+ pxe_admin_address: ${_param:opnfv_openstack_database_node02_pxe_admin_address}
openstack_database_node03:
params:
linux_system_codename: xenial
- openstack_compute_node01:
- name: ${_param:openstack_compute_node01_hostname}
- domain: ${_param:cluster_domain}
- classes:
- - cluster.${_param:cluster_name}.openstack.compute
- params:
- salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: xenial
- control_address: ${_param:openstack_compute_node01_control_address}
- single_address: ${_param:openstack_compute_node01_single_address}
- tenant_address: ${_param:openstack_compute_node01_tenant_address}
- external_address: ${_param:openstack_compute_node01_external_address}
- openstack_compute_node02:
- name: ${_param:openstack_compute_node02_hostname}
- domain: ${_param:cluster_domain}
- classes:
- - cluster.${_param:cluster_name}.openstack.compute
- params:
- salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: xenial
- control_address: ${_param:openstack_compute_node02_control_address}
- single_address: ${_param:openstack_compute_node02_single_address}
- tenant_address: ${_param:openstack_compute_node02_tenant_address}
- external_address: ${_param:openstack_compute_node02_external_address}
+ pxe_admin_address: ${_param:opnfv_openstack_database_node03_pxe_admin_address}
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2
index 8c601f61b..c01042f54 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2
@@ -19,14 +19,14 @@ parameters:
cluster_domain: ${_param:cluster_name}.local
# stacklight_environment: ${_param:cluster_domain}
reclass_data_revision: master
- reclass_config_master: ${_param:opnfv_infra_config_pxe_address}
+ reclass_config_master: ${_param:opnfv_infra_config_pxe_admin_address}
cluster_public_host: ${_param:openstack_proxy_address}
infra_config_hostname: cfg01
infra_maas_database_password: opnfv_secret
# infra service addresses
infra_config_address: ${_param:opnfv_infra_config_address}
- infra_config_deploy_address: ${_param:opnfv_salt_master_ip}
+ infra_config_deploy_address: {{ conf.SALT_MASTER }}
infra_maas_node01_address: ${_param:opnfv_infra_maas_node01_address}
infra_maas_node01_deploy_address: ${_param:opnfv_infra_maas_node01_deploy_address}
@@ -47,9 +47,6 @@ parameters:
infra_kvm_node02_hostname: kvm02
infra_kvm_node03_hostname: kvm03
- ntp_strata_host1: 1.pool.ntp.org
- ntp_strata_host2: 0.pool.ntp.org
-
# Interface definitions
reclass:
storage:
@@ -64,9 +61,11 @@ parameters:
openstack_proxy_node01:
params:
control_address: ${_param:openstack_proxy_node01_control_address}
+ pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address}
openstack_proxy_node02:
params:
control_address: ${_param:openstack_proxy_node02_control_address}
+ pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address}
linux:
system:
apt:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2
new file mode 100644
index 000000000..8959a7856
--- /dev/null
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2
@@ -0,0 +1,19 @@
+##############################################################################
+# Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #}
+{#- This class should only be inherited in NOVCP scenarios for kvm02 #}
+{%- import 'net_map.j2' as nm with context %}
+---
+parameters:
+ linux:
+ network:
+ interface:
+ br-mgmt:
+ gateway: {{ nm.net_admin_gw }}
+ name_servers:
+ - {{ nm.net_admin_gw }}
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2
index 97166c62c..6754d13dd 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2
@@ -7,60 +7,52 @@
##############################################################################
{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #}
{%- import 'net_map.j2' as nm with context %}
+{%- import 'net_macros.j2' as ma with context %}
{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #}
{%- set nics = { nm.ctl01.nic_admin: True, nm.ctl01.nic_mgmt: True, nm.ctl01.nic_public: True } %}
{%- set vlans = { nm.vlan_admin: nm.ctl01.nic_admin, nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %}
---
parameters:
+ _param:
+ interface_mtu: 1500
linux:
network:
interface:
-{%- for nic in nics %}
- {{ nic }}:
- enabled: true
- type: eth
- proto: manual
- address: 0.0.0.0
- netmask: 255.255.255.0
- name: {{ nic }}
- noifupdown: true
-{%- endfor %}
-{%- for vlan in vlans %}
- {%- if vlan | int > 0 %}
- {{ vlans[vlan] }}.{{ vlan }}:
- enabled: true
- proto: manual
- type: vlan
- name: {{ vlans[vlan] }}.{{ vlan }}
- use_interfaces:
- - {{ vlans[vlan] }}
- noifupdown: true
- {%- endif %}
-{%- endfor %}
+{{ ma.linux_network_interfaces_nic(nics) }}
+
+{{ ma.linux_network_interfaces_vlan(vlans) }}
br-mgmt:
enabled: true
- proto: dhcp
+ proto: static
+ address: ${_param:pxe_admin_address}
+ netmask: ${_param:opnfv_net_admin_mask}
+{%- if conf.MCP_VCP %}
+{#- For NOVCP scenarios, kvm02 gateway will be added via kvm_novcp class #}
+ gateway: {{ nm.net_admin_gw }}
+ name_servers:
+ - {{ nm.net_admin_gw }}
+{%- endif %}
type: bridge
use_interfaces:
- - {{ nm.ctl01.nic_admin }}{% if nm.vlan_admin | int > 0 %}.{{ nm.vlan_admin }}{% endif %}
+ - {{ ma.interface_str(nm.ctl01.nic_admin, nm.vlan_admin) }}
noifupdown: true
br-ctl:
enabled: true
type: bridge
proto: static
address: ${_param:single_address}
- netmask: 255.255.255.0
+ netmask: ${_param:opnfv_net_mgmt_mask}
use_interfaces:
- - {{ nm.ctl01.nic_mgmt }}{% if nm.vlan_mgmt | int > 0 %}.{{ nm.vlan_mgmt }}{% endif %}
+ - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }}
noifupdown: true
+{#- For NOVCP scenarios, kvm{01,03} external gateway will be added via triport class #}
br-ex:
enabled: true
proto: manual
- address: 0.0.0.0
netmask: ${_param:opnfv_net_public_mask}
type: bridge
use_interfaces:
- - {{ nm.ctl01.nic_public }}{% if nm.vlan_public | int > 0 %}.{{ nm.vlan_public }}{% endif %}
+ - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }}
noifupdown: true
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml
deleted file mode 100644
index 36c674b85..000000000
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml
+++ /dev/null
@@ -1,69 +0,0 @@
-##############################################################################
-# Copyright (c) 2018 Mirantis Inc., Enea AB and others.
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
----
-classes:
- - system.maas.region.single
- - service.maas.cluster.single
- - cluster.mcp-common-ha.include.lab_proxy_pdf
- - cluster.mcp-common-ha.infra.maas_pdf
-parameters:
- _param:
- dhcp_interface: ${_param:opnfv_fn_vm_primary_interface}
- primary_interface: ${_param:opnfv_fn_vm_secondary_interface}
- pxe_interface: ${_param:opnfv_fn_vm_tertiary_interface}
- interface_mtu: 1500
- # MaaS has issues using MTU > 1500 for PXE interface
- pxe_interface_mtu: 1500
- linux_system_codename: xenial
- maas_admin_username: opnfv
- maas_admin_password: opnfv_secret
- maas_db_password: opnfv_secret
- dns_server01: ${_param:opnfv_dns_server01}
- single_address: ${_param:infra_maas_node01_deploy_address}
- hwe_kernel: 'hwe-16.04'
- maas:
- region:
- salt_master_ip: ${_param:reclass_config_master}
- domain: ${_param:cluster_domain}
- maas_config:
- commissioning_distro_series: 'xenial'
- default_distro_series: 'xenial'
- default_osystem: 'ubuntu'
- default_storage_layout: 'lvm'
- enable_http_proxy: true
- disk_erase_with_secure_erase: false
- dnssec_validation: 'no'
- enable_third_party_drivers: true
- network_discovery: 'enabled'
- default_min_hwe_kernel: ${_param:hwe_kernel}
- cluster:
- saltstack_repo_xenial: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.11/ xenial main"
- linux:
- network:
- interface:
- dhcp_interface:
- enabled: true
- name: ${_param:dhcp_interface}
- type: eth
- proto: dhcp
- primary_interface:
- enabled: true
- name: ${_param:primary_interface}
- mtu: ${_param:interface_mtu}
- proto: static
- address: ${_param:infra_maas_node01_address}
- netmask: 255.255.255.0
- type: eth
- pxe_interface:
- enabled: true
- name: ${_param:pxe_interface}
- mtu: ${_param:pxe_interface_mtu}
- proto: static
- address: ${_param:single_address}
- netmask: 255.255.255.0
- type: eth
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2
index 1838590e9..bafdcf302 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas_pdf.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2
@@ -5,26 +5,42 @@
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
-{%- set cluster_arch = [] %}
-{%- for node in conf.nodes %}
- {%- if node.node.arch not in cluster_arch %}
- {%- do cluster_arch.append(node.node.arch) %}
- {%- endif %}
-{%- endfor %}
-{%- set net_admin = [conf.idf.net_config.admin.network,
- conf.idf.net_config.admin.mask] | join("/") %}
+{%- import 'net_map.j2' as nm with context %}
---
+# NOTE: pod_config is generated and transferred into its final location on
+# cfg01 only during deployment to prevent leaking sensitive data
+classes:
+ - system.maas.region.single
+ - service.maas.cluster.single
+ - cluster.mcp-common-ha.include.lab_proxy_pdf
+ - cluster.all-mcp-arch-common.opnfv.pod_config
parameters:
+ _param:
+ mcpcontrol_interface: ${_param:opnfv_fn_vm_primary_interface}
+ primary_interface: ${_param:opnfv_fn_vm_secondary_interface}
+ pxe_admin_interface: ${_param:opnfv_fn_vm_tertiary_interface}
+ interface_mtu: 1500
+ # MaaS has issues using MTU > 1500 for PXE interface
+ pxe_admin_interface_mtu: 1500
+ linux_system_codename: xenial
+ maas_admin_username: opnfv
+ maas_admin_password: opnfv_secret
+ maas_db_password: opnfv_secret
+ dns_server01: '{{ nm.dns_public[0] }}'
+ single_address: ${_param:infra_maas_node01_deploy_address}
+ hwe_kernel: 'hwe-16.04'
+ opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }}
+ opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }}
maas:
region:
subnets:
- {{ net_admin }}:
- name: {{ net_admin }}
- cidr: {{ net_admin }}
+ {{ nm.net_admin }}:
+ name: {{ nm.net_admin }}
+ cidr: {{ nm.net_admin }}
gateway_ip: ${_param:single_address}
iprange:
- start: ${_param:opnfv_infra_maas_pxe_start_address}
- end: ${_param:opnfv_infra_maas_pxe_end_address}
+ start: {{ nm.net_admin_pool_start }}
+ end: {{ nm.net_admin_pool_end }}
type: dynamic
vlans:
untagged:
@@ -32,10 +48,10 @@ parameters:
dhcp_on: true
primary_rack: ${_param:infra_maas_node01_hostname}
# Space-separated list of dpkg architectures to be supported by MaaS
- opnfv_arches:{%- for arch in cluster_arch %} {{ arch | dpkg_arch }}{%- endfor %}
+ opnfv_arches:{%- for arch in nm.cluster.arch %} {{ arch | dpkg_arch }}{%- endfor %}
sshprefs:
- '{{ conf.MAAS_SSH_KEY }}'
-{%- if 'aarch64' in cluster_arch %}
+{%- if 'aarch64' in nm.cluster.arch %}
package_repositories:
armband:
name: armband
@@ -92,3 +108,42 @@ parameters:
{%- endif %}
{%- endif %}
{%- endfor %}
+ salt_master_ip: ${_param:reclass_config_master}
+ domain: ${_param:cluster_domain}
+ maas_config:
+ commissioning_distro_series: 'xenial'
+ default_distro_series: 'xenial'
+ default_osystem: 'ubuntu'
+ default_storage_layout: 'lvm'
+ enable_http_proxy: true
+ disk_erase_with_secure_erase: false
+ dnssec_validation: 'no'
+ enable_third_party_drivers: true
+ network_discovery: 'enabled'
+ default_min_hwe_kernel: ${_param:hwe_kernel}
+ cluster:
+ saltstack_repo_xenial: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/ xenial main"
+ linux:
+ network:
+ interface:
+ mcpcontrol_interface:
+ enabled: true
+ name: ${_param:mcpcontrol_interface}
+ type: eth
+ proto: dhcp
+ primary_interface:
+ enabled: true
+ name: ${_param:primary_interface}
+ mtu: ${_param:interface_mtu}
+ proto: static
+ address: ${_param:infra_maas_node01_address}
+ netmask: ${_param:opnfv_net_mgmt_mask}
+ type: eth
+ pxe_admin_interface:
+ enabled: true
+ name: ${_param:pxe_admin_interface}
+ mtu: ${_param:pxe_admin_interface_mtu}
+ proto: static
+ address: ${_param:single_address}
+ netmask: ${_param:opnfv_net_admin_mask}
+ type: eth
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
index c8605462b..4a0764fd9 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
@@ -35,6 +35,7 @@ parameters:
keepalived_vip_interface: br-ctl
keepalived_vip_virtual_router_id: 69
linux_system_codename: xenial
+ single_address: ${_param:control_address}
glusterfs_version: '3.13'
glusterfs:
client:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2
index fd51f5fea..396334c6d 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2
@@ -7,9 +7,10 @@
##############################################################################
{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #}
{%- import 'net_map.j2' as nm with context %}
+{%- import 'net_macros.j2' as ma with context %}
{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #}
-{%- set nics = { nm.cmp001.nic_admin: True, nm.cmp001.nic_mgmt: True } %}
-{%- set vlans = { nm.vlan_admin: nm.cmp001.nic_admin, nm.vlan_mgmt: nm.cmp001.nic_mgmt } %}
+{%- set nics = { nm.cmp001.nic_mgmt: True } %}
+{%- set vlans = { nm.vlan_mgmt: nm.cmp001.nic_mgmt } %}
---
parameters:
_param:
@@ -26,49 +27,28 @@ parameters:
network:
bridge: openvswitch
interface:
-{%- for nic in nics %}
- {%- if nic == nm.cmp001.nic_admin %}
- {{ nic }}:
- enabled: true
- type: eth
- proto: dhcp
- name: {{ nic }}
- {%- else %}
- {{ nic }}:
+ # PXE/admin is always untagged on computes
+ pxe_admin_int:
enabled: true
+ name: {{ nm.cmp001.nic_admin }}
+ proto: static
type: eth
- proto: manual
- address: 0.0.0.0
- {%- if nic == nm.cmp001.nic_public %}
- netmask: ${_param:opnfv_net_public_mask}
- {%- else %}
- netmask: 255.255.255.0
- {%- endif %}
+ address: ${_param:pxe_admin_address}
+ netmask: ${_param:opnfv_net_admin_mask}
mtu: ${_param:interface_mtu}
- name: {{ nic }}
- {%- endif %}
-{%- endfor %}
-{%- for vlan in vlans %}
- {%- if vlan | int > 0 %}
- {{ vlans[vlan] }}.{{ vlan }}:
- enabled: true
- proto: manual
- type: vlan
- name: {{ vlans[vlan] }}.{{ vlan }}
- use_interfaces:
- - {{ vlans[vlan] }}
- {%- endif %}
-{%- endfor %}
+{{ ma.linux_network_interfaces_nic(nics) }}
+
+{{ ma.linux_network_interfaces_vlan(vlans) }}
br-ctl:
enabled: true
type: bridge
proto: static
address: ${_param:single_address}
- netmask: 255.255.255.0
+ netmask: ${_param:opnfv_net_mgmt_mask}
use_interfaces:
- - {{ nm.cmp001.nic_mgmt }}{% if nm.vlan_mgmt | int > 0 %}.{{ nm.vlan_mgmt }}{% endif %}
+ - {{ ma.interface_str(nm.cmp001.nic_mgmt, nm.vlan_mgmt) }}
br-floating:
enabled: true
type: ovs_bridge
@@ -77,15 +57,12 @@ parameters:
address: ${_param:external_address}
netmask: ${_param:opnfv_net_public_mask}
use_interfaces:
- - {{ nm.cmp001.nic_public }}{% if nm.vlan_public | int > 0 %}.{{ nm.vlan_public }}{% endif %}
- route:
- public:
- address: 0.0.0.0
- netmask: 0.0.0.0
- gateway: ${_param:opnfv_net_public_gw}
+ - {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}
+ gateway: ${_param:opnfv_net_public_gw}
+ name_servers: {{ nm.dns_public }}
ovs_port_{{ nm.cmp001.nic_public }}:
enabled: true
- name: {{ nm.cmp001.nic_public }}{% if nm.vlan_public | int > 0 %}.{{ nm.vlan_public }}{% endif %}
+ name: {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}
proto: manual
ovs_port_type: OVSPort
type: ovs_port
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
index 1870cc46b..ceb3622b1 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
@@ -99,9 +99,6 @@ parameters:
server:
bind:
~ports: ~
- ~modules:
- - rewrite
- - wsgi
# sync from common-ha kvm role
glusterfs:
server:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2
index 00f24087e..9f05790c9 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2
@@ -5,6 +5,7 @@
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
+{%- import 'net_map.j2' as nm with context %}
---
parameters:
_param:
@@ -63,19 +64,6 @@ parameters:
openstack_telemetry_node03_address: ${_param:openstack_control_node03_address}
{%- endif %}
- # OpenStack Compute
- openstack_compute_node01_single_address: ${_param:opnfv_openstack_compute_node01_single_address}
- openstack_compute_node02_single_address: ${_param:opnfv_openstack_compute_node02_single_address}
- openstack_compute_node03_single_address: ${_param:opnfv_openstack_compute_node03_single_address}
- openstack_compute_node01_control_address: ${_param:opnfv_openstack_compute_node01_control_address}
- openstack_compute_node02_control_address: ${_param:opnfv_openstack_compute_node02_control_address}
- openstack_compute_node03_control_address: ${_param:opnfv_openstack_compute_node03_control_address}
- openstack_compute_node01_tenant_address: ${_param:opnfv_openstack_compute_node01_tenant_address}
- openstack_compute_node02_tenant_address: ${_param:opnfv_openstack_compute_node02_tenant_address}
- openstack_compute_node03_tenant_address: ${_param:opnfv_openstack_compute_node03_tenant_address}
- openstack_compute_node01_external_address: ${_param:opnfv_openstack_compute_node01_external_address}
- openstack_compute_node02_external_address: ${_param:opnfv_openstack_compute_node02_external_address}
-
# openstack service hostnames
{%- if conf.MCP_VCP %}
openstack_proxy_hostname: prx
@@ -387,13 +375,13 @@ parameters:
- ${_param:openstack_control_node03_hostname}
- ${_param:openstack_control_node03_hostname}.${_param:cluster_domain}
{%- endif %}
- cmp001:
- address: ${_param:openstack_compute_node01_control_address}
- names:
- - ${_param:openstack_compute_node01_hostname}
- - ${_param:openstack_compute_node01_hostname}.${_param:cluster_domain}
- cmp002:
- address: ${_param:openstack_compute_node02_control_address}
+{#- For compute nodes, expand values in-place, bypassing reclass param expansion #}
+{%- for cmp in range(1, nm.cmp_nodes + 1) %}
+ {%- set h = 'cmp%03d' | format(cmp) %}
+ {%- set mgmt = nm.net_mgmt_hosts | length + nm.start_ip[nm.net_mgmt] + loop.index %}
+ {{ h }}:
+ address: {{ nm.net_mgmt | ipnet_hostaddr(mgmt) }}
names:
- - ${_param:openstack_compute_node02_hostname}
- - ${_param:openstack_compute_node02_hostname}.${_param:cluster_domain}
+ - {{ h }}
+ - {{ h }}.${_param:cluster_domain}
+{%- endfor %}
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2
index 18576b257..3576acc2f 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2
@@ -5,6 +5,7 @@
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
+{%- import 'net_map.j2' as nm with context %}
---
{%- if conf.MCP_VCP %}
classes:
@@ -12,16 +13,21 @@ classes:
- cluster.mcp-common-ha.include.lab_proxy_pdf
parameters:
_param:
- dhcp_nic: ${_param:opnfv_vcp_vm_primary_interface}
+ pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface}
single_nic: ${_param:opnfv_vcp_vm_secondary_interface}
linux:
network:
interface:
- dhcp:
+ pxe_admin:
enabled: true
type: eth
- proto: dhcp
- name: ${_param:dhcp_nic}
+ proto: static
+ name: ${_param:pxe_admin_interface}
+ address: ${_param:pxe_admin_address}
+ netmask: ${_param:opnfv_net_admin_mask}
+ gateway: {{ nm.net_admin_gw }}
+ name_servers:
+ - {{ nm.net_admin_gw }}
single:
enabled: true
type: eth
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2
index 2cd74992a..1fa22aa7f 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2
@@ -5,6 +5,8 @@
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
+{%- import 'net_map.j2' as nm with context %}
+{%- import 'net_macros.j2' as ma with context %}
---
{%- if conf.MCP_VCP %}
classes:
@@ -12,17 +14,19 @@ classes:
- cluster.mcp-common-ha.include.lab_proxy_pdf
parameters:
_param:
- dhcp_nic: ${_param:opnfv_vcp_vm_primary_interface}
+ pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface}
single_nic: ${_param:opnfv_vcp_vm_secondary_interface}
control_nic: ${_param:opnfv_vcp_vm_tertiary_interface}
linux:
network:
interface:
- dhcp_int:
+ pxe_admin:
enabled: true
type: eth
- proto: dhcp
- name: ${_param:dhcp_nic}
+ proto: static
+ name: ${_param:pxe_admin_interface}
+ address: ${_param:pxe_admin_address}
+ netmask: ${_param:opnfv_net_admin_mask}
single_int:
enabled: true
type: eth
@@ -30,16 +34,23 @@ parameters:
name: ${_param:single_nic}
address: ${_param:single_address}
netmask: ${_param:opnfv_net_public_mask}
- route:
- public:
- address: 0.0.0.0
- netmask: 0.0.0.0
- gateway: ${_param:opnfv_net_public_gw}
+ gateway: ${_param:opnfv_net_public_gw}
+ name_servers: {{ nm.dns_public }}
control_int:
enabled: true
type: eth
proto: static
name: ${_param:control_nic}
address: ${_param:control_address}
- netmask: 255.255.255.0
+ netmask: ${_param:opnfv_net_mgmt_mask}
+{%- else %}
+{#- For NOVCP scenarios, base config is in kvm_pdf, only add/override gw #}
+parameters:
+ linux:
+ network:
+ interface:
+ br-ex:
+ proto: static
+ gateway: ${_param:opnfv_net_public_gw}
+ name_servers: {{ nm.dns_public }}
{%- endif %}
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2
index 5ddb9860a..d7ccff532 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2
@@ -39,15 +39,6 @@ parameters:
libapache2-mod-wsgi:
version: latest
{%- if not conf.MCP_VCP %}
- # Set up routes similar to prx*ovs-ha
- network:
- interface:
- br-ex:
- route:
- public:
- address: 0.0.0.0
- netmask: 0.0.0.0
- gateway: ${_param:opnfv_net_public_gw}
nginx:
server:
# NOTE(armband): Define host.address for all proxies for uniformity
@@ -67,6 +58,9 @@ parameters:
<<: *nginx_openstack_proxy_address
nginx_proxy_openstack_api_heat_cfn:
<<: *nginx_openstack_proxy_address
+ nginx_proxy_openstack_api_heat_cloudwatch:
+ <<: *nginx_openstack_proxy_address
+ enabled: false
nginx_proxy_openstack_api_keystone:
<<: *nginx_openstack_proxy_address
nginx_proxy_openstack_api_keystone_private:
@@ -75,8 +69,6 @@ parameters:
<<: *nginx_openstack_proxy_address
nginx_proxy_openstack_api_nova:
<<: *nginx_openstack_proxy_address
- nginx_proxy_openstack_api_nova_ec2:
- <<: *nginx_openstack_proxy_address
nginx_proxy_openstack_web:
<<: *nginx_openstack_proxy_address
nginx_ssl_redirect_openstack_web:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2
index b7bb83b35..2ed7c5336 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2
@@ -70,8 +70,10 @@ parameters:
apache:
server:
~modules:
- - wsgi
- rewrite
+{%- if conf.MCP_VCP %} {#- wsgi module will be enabled by a different class inherited later #}
+ - wsgi
+{%- endif %}
site:
gnocchi:
wsgi: