diff options
Diffstat (limited to 'mcp/reclass/classes/cluster/mcp-common-ha/infra')
-rw-r--r-- | mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 | 66 | ||||
-rw-r--r-- | mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 | 6 | ||||
-rw-r--r-- | mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 (renamed from mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml) | 58 | ||||
-rw-r--r-- | mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 | 2 | ||||
-rw-r--r-- | mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2 | 174 |
5 files changed, 57 insertions, 249 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 index f6e0baa11..0ecc2e364 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 @@ -8,7 +8,6 @@ {%- import 'net_map.j2' as nm with context %} --- classes: - - system.linux.system.repo.saltstack.xenial - system.reclass.storage.system.physical_control_cluster - system.reclass.storage.system.openstack_control_cluster - system.reclass.storage.system.openstack_proxy_cluster @@ -18,40 +17,11 @@ classes: # - system.reclass.storage.system.stacklight_log_cluster # - system.reclass.storage.system.stacklight_monitor_cluster # - system.reclass.storage.system.stacklight_telemetry_cluster - - system.reclass.storage.system.infra_maas_single - - cluster.mcp-common-ha.include.lab_proxy_pdf + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf - cluster.all-mcp-arch-common.infra.config_pdf parameters: _param: salt_master_host: ${_param:infra_config_deploy_address} - single_address: ${_param:infra_config_address} - deploy_address: ${_param:infra_config_deploy_address} - pxe_admin_address: ${_param:opnfv_infra_config_pxe_admin_address} - mcpcontrol_nic: ${_param:opnfv_fn_vm_primary_interface} - single_nic: ${_param:opnfv_fn_vm_secondary_interface} - pxe_admin_nic: ${_param:opnfv_fn_vm_tertiary_interface} - linux: - network: - interface: - mcpcontrol_int: - enabled: true - type: eth - proto: dhcp - name: ${_param:mcpcontrol_nic} - single: - enabled: true - type: eth - proto: static - name: ${_param:single_nic} - address: ${_param:single_address} - netmask: ${_param:opnfv_net_mgmt_mask} - pxe_admin_int: - enabled: true - type: eth - proto: static - name: ${_param:pxe_admin_nic} - address: ${_param:pxe_admin_address} - netmask: ${_param:opnfv_net_admin_mask} salt: master: accept_policy: open_mode @@ -65,7 +35,7 @@ parameters: infra_kvm_node01: params: keepalived_vip_priority: 100 - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_infra_kvm_node01_pxe_admin_address} infra_kvm_node02: {%- if not conf.MCP_VCP %} @@ -74,16 +44,16 @@ parameters: {%- endif %} params: keepalived_vip_priority: 101 - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_infra_kvm_node02_pxe_admin_address} infra_kvm_node03: params: keepalived_vip_priority: 102 - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_infra_kvm_node03_pxe_admin_address} openstack_telemetry_node01: params: - linux_system_codename: xenial + linux_system_codename: bionic # create resources only from 1 controller # to prevent race conditions ceilometer_create_gnocchi_resources: true @@ -91,33 +61,33 @@ parameters: pxe_admin_address: ${_param:opnfv_openstack_telemetry_node01_pxe_admin_address} openstack_telemetry_node02: params: - linux_system_codename: xenial + linux_system_codename: bionic redis_cluster_role: 'slave' pxe_admin_address: ${_param:opnfv_openstack_telemetry_node02_pxe_admin_address} openstack_telemetry_node03: params: - linux_system_codename: xenial + linux_system_codename: bionic redis_cluster_role: 'slave' pxe_admin_address: ${_param:opnfv_openstack_telemetry_node03_pxe_admin_address} openstack_message_queue_node01: params: - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_openstack_message_queue_node01_pxe_admin_address} openstack_message_queue_node02: params: - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_openstack_message_queue_node02_pxe_admin_address} openstack_message_queue_node03: params: - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_openstack_message_queue_node03_pxe_admin_address} openstack_proxy_node01: params: - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address} openstack_proxy_node02: params: - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address} # stacklight_log_node01: # classes: @@ -130,31 +100,31 @@ parameters: classes: - cluster.mcp-common-ha.openstack_control_init params: - linux_system_codename: xenial + linux_system_codename: bionic # NOTE: When VCP is present, external_address is not used external_address: ${_param:openstack_proxy_node01_address} pxe_admin_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address} openstack_control_node02: params: - linux_system_codename: xenial + linux_system_codename: bionic external_address: 0.0.0.0 pxe_admin_address: ${_param:opnfv_openstack_control_node02_pxe_admin_address} openstack_control_node03: params: - linux_system_codename: xenial + linux_system_codename: bionic external_address: ${_param:openstack_proxy_node02_address} pxe_admin_address: ${_param:opnfv_openstack_control_node03_pxe_admin_address} openstack_database_node01: classes: - cluster.mcp-common-ha.openstack_database_init params: - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_openstack_database_node01_pxe_admin_address} openstack_database_node02: params: - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_openstack_database_node02_pxe_admin_address} openstack_database_node03: params: - linux_system_codename: xenial + linux_system_codename: bionic pxe_admin_address: ${_param:opnfv_openstack_database_node03_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 index 931dd1bab..2f4686767 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 @@ -7,22 +7,18 @@ ############################################################################## --- classes: - - system.linux.system.single - cluster.all-mcp-arch-common # - cluster.mcp-common-ha.stacklight # - cluster.mcp-common-ha.stacklight.client parameters: _param: - apt_mk_version: nightly - mcp_repo_version: 1.1 - salt_version: 2016.11 + salt_version: 2017.7 cluster_domain: ${_param:cluster_name}.local # stacklight_environment: ${_param:cluster_domain} reclass_data_revision: master reclass_config_master: ${_param:opnfv_infra_config_pxe_admin_address} cluster_public_host: ${_param:openstack_proxy_address} infra_config_hostname: cfg01 - infra_maas_database_password: opnfv_secret # infra service addresses infra_config_address: ${_param:opnfv_infra_config_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 index 868f324f6..37bc42225 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 @@ -5,9 +5,9 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- classes: - - system.linux.system.repo.glusterfs - service.keepalived.cluster.single - system.glusterfs.server.volume.glance - system.glusterfs.server.volume.keystone @@ -21,13 +21,14 @@ classes: # - system.salt.control.cluster.stacklight_server_cluster # - system.salt.control.cluster.stacklight_log_cluster # - system.salt.control.cluster.stacklight_telemetry_cluster + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-ha.glusterfs_repo - cluster.mcp-common-ha.infra.kvm_pdf - - cluster.mcp-common-ha.include.maas_proxy - - cluster.mcp-common-ha.include.lab_proxy_pdf + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf parameters: _param: - linux_system_codename: xenial - glusterfs_version: '3.13' + linux_system_codename: bionic cluster_vip_address: ${_param:infra_kvm_address} cluster_node01_address: ${_param:infra_kvm_node01_address} cluster_node02_address: ${_param:infra_kvm_node02_address} @@ -40,6 +41,12 @@ parameters: boot_options: - spectre_v2=off - nopti + - kpti=off + - nospec_store_bypass_disable + - noibrs + - noibpb + sysctl: + net.ipv4.ip_forward: 0 libvirt: server: service: libvirtd @@ -47,6 +54,7 @@ parameters: unix_sock_group: libvirt salt: control: + virt_service: libvirtd size: # RAM 4096,8192,16384,32768,65536 # Default production sizing openstack.control: @@ -92,34 +100,44 @@ parameters: cluster: internal: node: - mdb01: - image: ${_param:salt_control_xenial_image} + mdb01: &salt_control_bionic_image_common_attr + image: ${_param:salt_control_bionic_image} +{%- if conf.nodes[nm.ctl01.idx].node.arch == 'aarch64' %} + seed: qemu-nbd + ~cloud_init: ~ + machine: virt + cpu_mode: host-passthrough + loader: + readonly: 'yes' + type: pflash + path: /usr/share/AAVMF/AAVMF_CODE.fd +{%- endif %} mdb02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr mdb03: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr ctl01: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr ctl02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr ctl03: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr dbs01: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr dbs02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr dbs03: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr msg01: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr msg02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr msg03: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr prx01: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr prx02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr provider: kvm03.${_param:cluster_domain} virt: nic: diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 index 6754d13dd..484e53299 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 @@ -13,8 +13,6 @@ {%- set vlans = { nm.vlan_admin: nm.ctl01.nic_admin, nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %} --- parameters: - _param: - interface_mtu: 1500 linux: network: interface: diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2 deleted file mode 100644 index 29b12ab99..000000000 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/maas.yml.j2 +++ /dev/null @@ -1,174 +0,0 @@ -############################################################################## -# Copyright (c) 2018 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{%- import 'net_map.j2' as nm with context %} ---- -# NOTE: pod_config is generated and transferred into its final location on -# cfg01 only during deployment to prevent leaking sensitive data -classes: - - system.maas.region.single - - service.maas.cluster.single - - cluster.mcp-common-ha.include.lab_proxy_pdf - - cluster.all-mcp-arch-common.opnfv.pod_config -parameters: - _param: - mcpcontrol_interface: ${_param:opnfv_fn_vm_primary_interface} - primary_interface: ${_param:opnfv_fn_vm_secondary_interface} - pxe_admin_interface: ${_param:opnfv_fn_vm_tertiary_interface} - interface_mtu: 1500 - # MaaS has issues using MTU > 1500 for PXE interface - pxe_admin_interface_mtu: 1500 - linux_system_codename: xenial - maas_admin_username: opnfv - maas_admin_password: opnfv_secret - maas_db_password: opnfv_secret - dns_server01: '{{ nm.dns_public[0] }}' - single_address: ${_param:infra_maas_node01_deploy_address} - hwe_kernel: 'hwe-16.04' - opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }} - opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }} - maas: - region: - boot_sources_delete_all_others: true - boot_sources: - resources_mirror: - url: http://images.maas.io/ephemeral-v3/daily - keyring_file: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg - boot_sources_selections: - xenial: - url: "http://images.maas.io/ephemeral-v3/daily" - os: "ubuntu" - release: "${_param:linux_system_codename}" - arches: -{%- for arch in nm.cluster.arch %} - - "{{ arch | dpkg_arch }}" -{%- endfor %} - subarches: - - "generic" - - "ga-16.04" - - "hwe-16.04" - labels: '"*"' - fabrics: - pxe_admin: - name: 'pxe_admin' - description: Fabric for PXE/admin - vlans: - 0: - name: 'vlan 0' - description: PXE/admin VLAN - dhcp: true - primary_rack: "${linux:network:hostname}" - subnets: - {{ nm.net_admin }}: - name: {{ nm.net_admin }} - cidr: {{ nm.net_admin }} - gateway_ip: ${_param:single_address} - fabric: ${maas:region:fabrics:pxe_admin:name} - vlan: 0 - ipranges: - 1: - start: {{ nm.net_admin_pool_start }} - end: {{ nm.net_admin_pool_end }} - type: dynamic - sshprefs: - - '{{ conf.MAAS_SSH_KEY }}' -{%- if 'aarch64' in nm.cluster.arch %} - package_repositories: - armband: - name: armband - enabled: '1' - url: 'http://linux.enea.com/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}' - distributions: '${_param:openstack_version}-armband' - components: 'main' - arches: 'arm64' - key: &armband_key | - -----BEGIN PGP PUBLIC KEY BLOCK----- - Version: GnuPG v2.0.14 (GNU/Linux) - - mQENBFagAroBCADWboNIjuF6lB1mWv2+EbvqY3lKl5mLKhr2DnSUkKeHUPBv8gNM - qK8Q00AMIyPiyEhgjA+dWizZ+5aBgxoiY7oMeLJ2Xym36U/8SYq2BWd3SGCbMNoz - SJDxDUSM/HFVs6atF1M3DY9oN65hSVnu4uy5Tu6asf6k4rhAyk0z4+pRcPBCu2vq - mnGi3COM/+9PShrEKeVOx5W2vRJywUFuq8EDvQnRoJ0GvM28JiJIanw17YwIPxhg - BKZVpZjan5X+ihVMXwA2h/G/FS5Omhd50RqV6LWSYs94VJJgYqHx8UMm7izcxI+P - ct3IcbD195bPbJ+SbuiFe45ZLsdY1MyGiU2BABEBAAG0K0VuZWEgQXJtYmFuZCBE - ZXZvcHMgVGVhbSA8YXJtYmFuZEBlbmVhLmNvbT6JATgEEwECACICGwMGCwkIBwMC - BhUIAgkKCwQWAgMBAh4BAheABQJaY3bYAAoJEN6rkLp5irHRoQMH/0PYl0A/6eWw - nQ/szhEFrr76Ln6wA4vEO+PiuWj9kTkZM2NaCnkisrIuHSPIVvOLfFmztbE6sKGe - t+a2b7Jqw48DZ/gq508aZE4Q307ookxdCOrzIu/796hFO34yXg3sqZoJh3VmKIjY - 4DL8yG1iAiQ5vOw3IFWQnATwIZUgaCcjmE7HGap+9ePuJfFuQ8mIG5cy28t8qocx - AB/B2tucfBMwomYxKqgbLI5AG7iSt58ajvrrNa9f8IX7Ihj/jiuXhUwX+geEp98K - IWVI1ftEthZvfBpZW4BS98J4z//dEPi31L4jb9RQXq3afF2RpXchDeUN85bW45nu - W/9PMAlgE/U= - =m+zE - -----END PGP PUBLIC KEY BLOCK----- -{%- endif %} - machines: - {%- set pxe_interface = conf.idf.net_config.admin.interface %} - {#- We only support exactly 5 nodes for now, hardcoded order #} - {%- set node_roles = ['kvm01', 'kvm02', 'kvm03', 'cmp001', 'cmp002'] %} - {%- for node in conf.nodes %} - {%- if node.node.type == 'baremetal' %} - {{ node_roles[loop.index0] }}: - interface: - mac: {{ node.interfaces[pxe_interface].mac_address }} - power_parameters: - power_address: {{ node.remote_management.address.rsplit('/')[0] }} - power_password: {{ node.remote_management.pass }} - power_type: {{ node.remote_management.type }} - power_user: {{ node.remote_management.user }} - architecture: {{ node.node.arch | dpkg_arch }}/generic - distro_series: xenial - hwe_kernel: ${_param:hwe_kernel} - {%- if loop.index0 >= node_roles.index('cmp001') %} - disk_layout: - type: lvm - root_device: sda - volume_group: vgroot - volume_name: lvroot - volume_size: 100 - {%- endif %} - {%- endif %} - {%- endfor %} - salt_master_ip: ${_param:reclass_config_master} - domain: ${_param:cluster_domain} - maas_config: - commissioning_distro_series: 'xenial' - default_distro_series: 'xenial' - default_osystem: 'ubuntu' - default_storage_layout: 'lvm' - enable_http_proxy: true - disk_erase_with_secure_erase: false - dnssec_validation: 'no' - enable_third_party_drivers: true - network_discovery: 'enabled' - default_min_hwe_kernel: ${_param:hwe_kernel} - cluster: - saltstack_repo_xenial: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.11/ xenial main" - linux: - network: - interface: - mcpcontrol_interface: - enabled: true - name: ${_param:mcpcontrol_interface} - type: eth - proto: dhcp - primary_interface: - enabled: true - name: ${_param:primary_interface} - mtu: ${_param:interface_mtu} - proto: static - address: ${_param:infra_maas_node01_address} - netmask: ${_param:opnfv_net_mgmt_mask} - type: eth - pxe_admin_interface: - enabled: true - name: ${_param:pxe_admin_interface} - mtu: ${_param:pxe_admin_interface_mtu} - proto: static - address: ${_param:single_address} - netmask: ${_param:opnfv_net_admin_mask} - type: eth |