diff options
Diffstat (limited to 'mcp/reclass/classes/cluster/mcp-common-ha')
18 files changed, 1717 insertions, 0 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/glusterfs_repo.yml b/mcp/reclass/classes/cluster/mcp-common-ha/glusterfs_repo.yml new file mode 100644 index 000000000..3ec73bec0 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/glusterfs_repo.yml @@ -0,0 +1,24 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.linux.system.repo.keystorage.glusterfs +parameters: + _param: + glusterfs_version: "3.13" + linux: + system: + repo: + mcp_glusterfs: + # yamllint disable-line rule:line-length + source: "deb http://ppa.launchpad.net/gluster/glusterfs-${_param:glusterfs_version}/ubuntu ${_param:linux_system_codename} main" + key: ${_param:linux_system_repo_mcp_glusterfs_key} + pin: + - package: '*' + pin: release o=LP-PPA-gluster-glusterfs-${_param:glusterfs_version} + priority: 1100 diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 new file mode 100644 index 000000000..0ecc2e364 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 @@ -0,0 +1,130 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - system.reclass.storage.system.physical_control_cluster + - system.reclass.storage.system.openstack_control_cluster + - system.reclass.storage.system.openstack_proxy_cluster + - system.reclass.storage.system.openstack_database_cluster + - system.reclass.storage.system.openstack_message_queue_cluster + - system.reclass.storage.system.openstack_telemetry_cluster + # - system.reclass.storage.system.stacklight_log_cluster + # - system.reclass.storage.system.stacklight_monitor_cluster + # - system.reclass.storage.system.stacklight_telemetry_cluster + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf + - cluster.all-mcp-arch-common.infra.config_pdf +parameters: + _param: + salt_master_host: ${_param:infra_config_deploy_address} + salt: + master: + accept_policy: open_mode + file_recv: true + worker_threads: 8 + command_timeout: 20 + reclass: + storage: + node: + # NOTE: compute nodes definitions are defined in <all-mcp-arch-common/infra> + infra_kvm_node01: + params: + keepalived_vip_priority: 100 + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_infra_kvm_node01_pxe_admin_address} + infra_kvm_node02: +{%- if not conf.MCP_VCP %} + classes: + - cluster.mcp-common-ha.infra.kvm_novcp +{%- endif %} + params: + keepalived_vip_priority: 101 + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_infra_kvm_node02_pxe_admin_address} + infra_kvm_node03: + params: + keepalived_vip_priority: 102 + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_infra_kvm_node03_pxe_admin_address} + openstack_telemetry_node01: + params: + linux_system_codename: bionic + # create resources only from 1 controller + # to prevent race conditions + ceilometer_create_gnocchi_resources: true + redis_cluster_role: 'master' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node01_pxe_admin_address} + openstack_telemetry_node02: + params: + linux_system_codename: bionic + redis_cluster_role: 'slave' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node02_pxe_admin_address} + openstack_telemetry_node03: + params: + linux_system_codename: bionic + redis_cluster_role: 'slave' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node03_pxe_admin_address} + openstack_message_queue_node01: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node01_pxe_admin_address} + openstack_message_queue_node02: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node02_pxe_admin_address} + openstack_message_queue_node03: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node03_pxe_admin_address} + openstack_proxy_node01: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address} + openstack_proxy_node02: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address} + # stacklight_log_node01: + # classes: + # - system.elasticsearch.client.single + # stacklight_monitor_node01: + # classes: + # - system.grafana.client.single + # - system.kibana.client.single + openstack_control_node01: + classes: + - cluster.mcp-common-ha.openstack_control_init + params: + linux_system_codename: bionic + # NOTE: When VCP is present, external_address is not used + external_address: ${_param:openstack_proxy_node01_address} + pxe_admin_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address} + openstack_control_node02: + params: + linux_system_codename: bionic + external_address: 0.0.0.0 + pxe_admin_address: ${_param:opnfv_openstack_control_node02_pxe_admin_address} + openstack_control_node03: + params: + linux_system_codename: bionic + external_address: ${_param:openstack_proxy_node02_address} + pxe_admin_address: ${_param:opnfv_openstack_control_node03_pxe_admin_address} + openstack_database_node01: + classes: + - cluster.mcp-common-ha.openstack_database_init + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_database_node01_pxe_admin_address} + openstack_database_node02: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_database_node02_pxe_admin_address} + openstack_database_node03: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_database_node03_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 new file mode 100644 index 000000000..2f4686767 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 @@ -0,0 +1,109 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.all-mcp-arch-common + # - cluster.mcp-common-ha.stacklight + # - cluster.mcp-common-ha.stacklight.client +parameters: + _param: + salt_version: 2017.7 + cluster_domain: ${_param:cluster_name}.local + # stacklight_environment: ${_param:cluster_domain} + reclass_data_revision: master + reclass_config_master: ${_param:opnfv_infra_config_pxe_admin_address} + cluster_public_host: ${_param:openstack_proxy_address} + infra_config_hostname: cfg01 + + # infra service addresses + infra_config_address: ${_param:opnfv_infra_config_address} + infra_config_deploy_address: {{ conf.SALT_MASTER }} + infra_maas_node01_address: ${_param:opnfv_infra_maas_node01_address} + infra_maas_node01_deploy_address: ${_param:opnfv_infra_maas_node01_deploy_address} + + infra_kvm_address: ${_param:opnfv_infra_kvm_address} +{%- if conf.MCP_VCP %} + infra_kvm_node01_address: ${_param:opnfv_infra_kvm_node01_address} + infra_kvm_node02_address: ${_param:opnfv_infra_kvm_node02_address} + infra_kvm_node03_address: ${_param:opnfv_infra_kvm_node03_address} +{%- else %} + # For NOVCP, we override kvm addresses to overlap with ctl + infra_kvm_node01_address: ${_param:openstack_control_node01_address} + infra_kvm_node02_address: ${_param:openstack_control_node02_address} + infra_kvm_node03_address: ${_param:openstack_control_node03_address} +{%- endif %} + + infra_maas_node01_hostname: mas01 + infra_kvm_node01_hostname: kvm01 + infra_kvm_node02_hostname: kvm02 + infra_kvm_node03_hostname: kvm03 + + # Interface definitions + reclass: + storage: + node: + name: default + + # yamllint disable-line rule:line-length + salt_api_password_hash: "$6$WV0P1shnoDh2gI/Z$22/Bcd7ffMv0jDlFpT63cAU4PiXHz9pjXwngToKwqAsgoeK4HNR3PiKaushjxp3JsQ8hNoJmAC6TxzVqfV8WH/" + reclass: + storage: + node: + openstack_proxy_node01: + params: + control_address: ${_param:openstack_proxy_node01_control_address} + pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address} + openstack_proxy_node02: + params: + control_address: ${_param:openstack_proxy_node02_control_address} + pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address} + linux: + system: + apt: + config: + prefer_ipv4: + Acquire::ForceIPv4: true + allow_downgrades: + APT::Get::allow-downgrades: true + user: + ubuntu: + enabled: true + sudo: true + home: /home/ubuntu + network: + host: + cfg01: + address: ${_param:infra_config_address} + names: + - cfg01 + - cfg01.${_param:cluster_domain} + cfg: + address: ${_param:infra_config_address} + names: + - ${_param:infra_config_hostname} + - ${_param:infra_config_hostname}.${_param:cluster_domain} + mas01: + address: ${_param:infra_maas_node01_address} + names: + - ${_param:infra_maas_node01_hostname} + - ${_param:infra_maas_node01_hostname}.${_param:cluster_domain} + kvm01: + address: ${_param:infra_kvm_node01_address} + names: + - ${_param:infra_kvm_node01_hostname} + - ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + kvm02: + address: ${_param:infra_kvm_node02_address} + names: + - ${_param:infra_kvm_node02_hostname} + - ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + kvm03: + address: ${_param:infra_kvm_node03_address} + names: + - ${_param:infra_kvm_node03_hostname} + - ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 new file mode 100644 index 000000000..37bc42225 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 @@ -0,0 +1,178 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - service.keepalived.cluster.single + - system.glusterfs.server.volume.glance + - system.glusterfs.server.volume.keystone + - system.glusterfs.server.cluster + - system.salt.control.virt + - system.salt.control.cluster.openstack_control_cluster + - system.salt.control.cluster.openstack_proxy_cluster + - system.salt.control.cluster.openstack_database_cluster + - system.salt.control.cluster.openstack_message_queue_cluster + - system.salt.control.cluster.openstack_telemetry_cluster + # - system.salt.control.cluster.stacklight_server_cluster + # - system.salt.control.cluster.stacklight_log_cluster + # - system.salt.control.cluster.stacklight_telemetry_cluster + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-ha.glusterfs_repo + - cluster.mcp-common-ha.infra.kvm_pdf + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf +parameters: + _param: + linux_system_codename: bionic + cluster_vip_address: ${_param:infra_kvm_address} + cluster_node01_address: ${_param:infra_kvm_node01_address} + cluster_node02_address: ${_param:infra_kvm_node02_address} + cluster_node03_address: ${_param:infra_kvm_node03_address} + keepalived_vip_interface: br-ctl + keepalived_vip_virtual_router_id: 69 + linux: + system: + kernel: + boot_options: + - spectre_v2=off + - nopti + - kpti=off + - nospec_store_bypass_disable + - noibrs + - noibpb + sysctl: + net.ipv4.ip_forward: 0 + libvirt: + server: + service: libvirtd + config_sys: /etc/default/libvirtd + unix_sock_group: libvirt + salt: + control: + virt_service: libvirtd + size: # RAM 4096,8192,16384,32768,65536 + # Default production sizing + openstack.control: + cpu: 4 + ram: 12288 + disk_profile: small + net_profile: default + openstack.database: + cpu: 4 + ram: 6144 + disk_profile: large + net_profile: default + openstack.message_queue: + cpu: 4 + ram: 2048 + disk_profile: small + net_profile: default + openstack.telemetry: + cpu: 2 + ram: 3072 + disk_profile: xxlarge + net_profile: default + # stacklight.log: + # cpu: 2 + # ram: 4096 + # disk_profile: xxlarge + # net_profile: default + # stacklight.server: + # cpu: 2 + # ram: 4096 + # disk_profile: small + # net_profile: default + # stacklight.telemetry: + # cpu: 2 + # ram: 4096 + # disk_profile: xxlarge + # net_profile: default + openstack.proxy: + cpu: 2 + ram: 2048 + disk_profile: small + net_profile: default_ext + cluster: + internal: + node: + mdb01: &salt_control_bionic_image_common_attr + image: ${_param:salt_control_bionic_image} +{%- if conf.nodes[nm.ctl01.idx].node.arch == 'aarch64' %} + seed: qemu-nbd + ~cloud_init: ~ + machine: virt + cpu_mode: host-passthrough + loader: + readonly: 'yes' + type: pflash + path: /usr/share/AAVMF/AAVMF_CODE.fd +{%- endif %} + mdb02: + <<: *salt_control_bionic_image_common_attr + mdb03: + <<: *salt_control_bionic_image_common_attr + ctl01: + <<: *salt_control_bionic_image_common_attr + ctl02: + <<: *salt_control_bionic_image_common_attr + ctl03: + <<: *salt_control_bionic_image_common_attr + dbs01: + <<: *salt_control_bionic_image_common_attr + dbs02: + <<: *salt_control_bionic_image_common_attr + dbs03: + <<: *salt_control_bionic_image_common_attr + msg01: + <<: *salt_control_bionic_image_common_attr + msg02: + <<: *salt_control_bionic_image_common_attr + msg03: + <<: *salt_control_bionic_image_common_attr + prx01: + <<: *salt_control_bionic_image_common_attr + prx02: + <<: *salt_control_bionic_image_common_attr + provider: kvm03.${_param:cluster_domain} + virt: + nic: + default: + eth1: + bridge: br-mgmt + model: virtio + eth0: + bridge: br-ctl + model: virtio + default_ext: + eth2: + bridge: br-mgmt + model: virtio + eth1: + bridge: br-ex + model: virtio + eth0: + bridge: br-ctl + model: virtio + glusterfs: + server: + service: glusterd + volumes: + nova_instances: + storage: /srv/glusterfs/nova_instances + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/nova_instances + - ${_param:cluster_node02_address}:/srv/glusterfs/nova_instances + - ${_param:cluster_node03_address}:/srv/glusterfs/nova_instances + options: + cluster.readdir-optimize: 'True' + nfs.disable: 'True' + network.remote-dio: 'True' + cluster.favorite-child-policy: mtime + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 new file mode 100644 index 000000000..8959a7856 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 @@ -0,0 +1,19 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{#- This class should only be inherited in NOVCP scenarios for kvm02 #} +{%- import 'net_map.j2' as nm with context %} +--- +parameters: + linux: + network: + interface: + br-mgmt: + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 new file mode 100644 index 000000000..484e53299 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 @@ -0,0 +1,56 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.ctl01.nic_admin: True, nm.ctl01.nic_mgmt: True, nm.ctl01.nic_public: True } %} +{%- set vlans = { nm.vlan_admin: nm.ctl01.nic_admin, nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %} +--- +parameters: + linux: + network: + interface: + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-mgmt: + enabled: true + proto: static + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} +{%- if conf.MCP_VCP %} +{#- For NOVCP scenarios, kvm02 gateway will be added via kvm_novcp class #} + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} +{%- endif %} + type: bridge + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_admin, nm.vlan_admin) }} + noifupdown: true + br-ctl: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} + noifupdown: true +{#- For NOVCP scenarios, kvm{01,03} external gateway will be added via triport class #} + br-ex: + enabled: true + proto: manual + netmask: ${_param:opnfv_net_public_mask} + type: bridge + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + noifupdown: true diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml new file mode 100644 index 000000000..af87d9c2f --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml @@ -0,0 +1,101 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.glusterfs.client.cluster + - system.nova.compute.cluster + - system.nova.compute.nfv.hugepages + - system.neutron.gateway.cluster + - system.cinder.volume.single + - system.cinder.volume.backend.lvm + - system.ceilometer.agent.cluster + - system.ceilometer.agent.polling.default + - service.barbican.client.cluster + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-ha.glusterfs_repo + - cluster.mcp-common-ha.openstack_compute_pdf + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf +parameters: + _param: + cluster_vip_address: ${_param:openstack_control_address} + cluster_local_address: ${_param:single_address} + cluster_node01_hostname: ${_param:openstack_control_node01_hostname} + cluster_node01_address: ${_param:openstack_control_node01_address} + cluster_node02_hostname: ${_param:openstack_control_node02_hostname} + cluster_node02_address: ${_param:openstack_control_node02_address} + cluster_node03_hostname: ${_param:openstack_control_node03_hostname} + cluster_node03_address: ${_param:openstack_control_node03_address} + nova_vncproxy_url: https://${_param:cluster_public_host}:6080 + keepalived_vip_interface: br-ctl + keepalived_vip_virtual_router_id: 69 + linux_system_codename: bionic + glusterfs: + client: + volumes: + nova_instances: + path: /var/lib/nova/instances + server: ${_param:glusterfs_service_host} + # yamllint disable-line rule:line-length + opts: "defaults,backup-volfile-servers=${_param:cluster_node01_address}:${_param:cluster_node02_address}:${_param:cluster_node03_address}" + cinder: + volume: + my_ip: ${_param:single_address} + backend: + lvm-driver: + # Align system.cinder.volume.backend.lvm and MaaS data + volume_group: ${linux:storage:lvm:cinder-vg:name} + database: + connection_recycle_time: ${_param:db_connection_recycle_time} + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - cinder-volume + openiscsi_services: + - tgt + - iscsid + linux: + storage: + lvm: + # Align with both system.cinder.volume.backend.lvm and MaaS data + cinder-vg: + name: vgroot + system: + kernel: + sysctl: + vm.dirty_ratio: 10 + vm.dirty_background_ratio: 5 + boot_options: + - spectre_v2=off + - nopti + - kpti=off + - nospec_store_bypass_disable + - noibrs + - noibpb + neutron: + gateway: + vlan_aware_vms: true + root_helper_daemon: false + dhcp_lease_duration: 3600 + report_interval: 120 + nova: + compute: + libvirt_service: libvirtd + libvirt_bin: /etc/default/libvirtd + disk_cachemodes: file=directsync,block=none + preallocate_images: space + heal_instance_info_cache_interval: 300 + barbican: + enabled: ${_param:barbican_integration_enabled} + image: + verify_glance_signatures: false + pkgs: + - nova-compute + - python3-novaclient + - pm-utils + - sysfsutils diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 new file mode 100644 index 000000000..0b1c5bbf2 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 @@ -0,0 +1,82 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.cmp001.nic_mgmt: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.cmp001.nic_mgmt } %} +--- +parameters: + _param: + # Should later be determined via PDF/IDF, AArch64 has ESP on /dev/sda1 +{%- if nm.cmp001.idx < conf.nodes | length %} +{%- if conf.nodes[nm.cmp001.idx].node.type == 'virtual' %} + ~cinder_lvm_devices: ['/dev/vdb'] +{%- elif conf.nodes[nm.cmp001.idx].node.arch == 'aarch64' or + conf.nodes[nm.cmp001.idx].disks.0.disk_capacity | storage_size_num | float > 2000000000000 %} + ~cinder_lvm_devices: ['/dev/sda2'] +{%- else %} + ~cinder_lvm_devices: ['/dev/sda1'] +{%- endif %} +{%- endif %} + linux: + network: + bridge: openvswitch + interface: + # PXE/admin is always untagged on computes + pxe_admin_int: + enabled: true + name: ${_param:pxe_admin_interface} + proto: static + type: eth + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + mtu: ${_param:interface_mtu} + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.cmp001.nic_admin in nics %} + {%- do nics.pop(nm.cmp001.nic_admin) %} +{%- endif %} +{%- if ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) in nics %} + {%- do nics.pop(nm.cmp001.nic_public) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-ctl: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_mgmt, nm.vlan_mgmt) }} + br-floating: + enabled: true + type: ovs_bridge + mtu: ${_param:interface_mtu} + proto: static + address: ${_param:external_address} + netmask: ${_param:opnfv_net_public_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + noifupdown: true + {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}: + enabled: true + proto: manual + ovs_port_type: OVSPort + type: ovs_port + ovs_bridge: br-floating + bridge: br-floating + mtu: ${_param:interface_mtu} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 new file mode 100644 index 000000000..b3ab9e2c7 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 @@ -0,0 +1,244 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.ceilometer.client + - system.memcached.server.single + - system.keystone.server.cluster + - system.keystone.server.wsgi + - system.glance.control.cluster + - system.nova.control.cluster + - system.cinder.control.cluster + - system.cinder.control.backend.lvm + - system.heat.server.cluster + - system.designate.server.cluster + - system.designate.server.backend.bind + - system.barbican.server.cluster + - system.apache.server.site.barbican + - service.barbican.server.plugin.simple_crypto + - system.apache.server.single + - system.bind.server.single + - system.haproxy.proxy.listen.openstack.placement + - system.glusterfs.client.cluster + - system.glusterfs.client.volume.glance + - system.glusterfs.client.volume.keystone + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-ha.glusterfs_repo +{%- if not conf.MCP_VCP %} + # sync from kvm + - service.keepalived.cluster.single + - system.glusterfs.server.volume.glance + - system.glusterfs.server.volume.keystone + - system.glusterfs.server.cluster + # NOTE(armband): Disabled for novcp + # - system.salt.control.virt + # - system.salt.control.cluster.openstack_control_cluster + # - system.salt.control.cluster.openstack_proxy_cluster + # - system.salt.control.cluster.openstack_database_cluster + # - system.salt.control.cluster.openstack_message_queue_cluster + # - system.salt.control.cluster.openstack_telemetry_cluster + # - system.salt.control.cluster.stacklight_server_cluster + # - system.salt.control.cluster.stacklight_log_cluster + # - system.salt.control.cluster.stacklight_telemetry_cluster + - cluster.mcp-common-ha.infra.kvm_pdf + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf +{%- endif %} +parameters: + _param: +{%- if not conf.MCP_VCP %} + linux_system_codename: bionic # sync from kvm + # For NOVCP, we switch keepalived VIPs, to keep cluster_vip_address in ctl + single_nic: br-ctl # for keepalive_vip_interface interpolation + control_nic: ~ # Dummy value to keep reclass 1.5.2 happy + keepalived_openstack_web_public_vip_address: ${_param:openstack_proxy_address} + keepalived_openstack_web_public_vip_interface: br-ex +{%- endif %} + keepalived_vip_interface: ${_param:single_nic} + keepalived_vip_virtual_router_id: 50 + cluster_vip_address: ${_param:openstack_control_address} + cluster_local_address: ${_param:single_address} + cluster_node01_hostname: ${_param:openstack_control_node01_hostname} + cluster_node01_address: ${_param:openstack_control_node01_address} + cluster_node02_hostname: ${_param:openstack_control_node02_hostname} + cluster_node02_address: ${_param:openstack_control_node02_address} + cluster_node03_hostname: ${_param:openstack_control_node03_hostname} + cluster_node03_address: ${_param:openstack_control_node03_address} + nova_vncproxy_url: https://${_param:cluster_public_host}:6080 + barbican_integration_enabled: 'false' + fernet_rotation_driver: 'shared_filesystem' + credential_rotation_driver: 'shared_filesystem' + common_conn_recycle_time: &db_conn_recycle_time + database: + connection_recycle_time: ${_param:db_connection_recycle_time} + nova: + controller: + <<: *db_conn_recycle_time + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - nova-api + - nova-conductor + - nova-consoleauth + - nova-scheduler + - nova-novncproxy + - python3-novaclient + cinder: + controller: + pkgs: + - cinder-api + - cinder-scheduler + <<: *db_conn_recycle_time + neutron: + server: + <<: *db_conn_recycle_time + vlan_aware_vms: true + root_helper_daemon: false + agent_down_time: 300 + global_physnet_mtu: ${_param:interface_mtu} + backend: + external_mtu: ${_param:interface_mtu} + pkgs: + - neutron-server + keystone: + server: + <<: *db_conn_recycle_time + cacert: /etc/ssl/certs/mcp_os_cacert + openrc_extra: + volume_device_name: sdc + pkgs: + - keystone + - python3-memcache + - python3-openstackclient + glance: + server: + <<: *db_conn_recycle_time + identity: + barbican_endpoint: ${barbican:server:host_href} + pkgs: + - glance + services: + - glance-api +{%- if conf.MCP_VCP %} + heat: + server: + <<: *db_conn_recycle_time + metadata: + host: ${_param:openstack_proxy_control_address} + port: 8000 + protocol: http + waitcondition: + host: ${_param:openstack_proxy_control_address} + port: 8000 + protocol: http + watch: + host: ${_param:openstack_proxy_control_address} + port: 8003 + protocol: http + apache: + server: + mod_wsgi: libapache2-mod-wsgi-py3 +{%- else %} + libvirt: + server: + service: libvirtd + config_sys: /etc/default/libvirtd + unix_sock_group: libvirt + linux: + network: + # Add public IPs here as overrides, no need to fork another kvm_pdf.j2 + interface: + br-ex: + address: ${_param:external_address} + proto: static + apache: + server: + bind: + listen_default_ports: false + mod_wsgi: libapache2-mod-wsgi-py3 + # sync from common-ha kvm role + glusterfs: + server: + service: glusterd + volumes: + nova_instances: + storage: /srv/glusterfs/nova_instances + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/nova_instances + - ${_param:cluster_node02_address}:/srv/glusterfs/nova_instances + - ${_param:cluster_node03_address}:/srv/glusterfs/nova_instances + options: + cluster.readdir-optimize: 'True' + nfs.disable: 'True' + network.remote-dio: 'True' + cluster.favorite-child-policy: mtime + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING +{%- endif %} + haproxy: + proxy: + listen: + heat_cloudwatch_api: + enabled: false + barbican: + server: + ks_notifications_enable: true + store: + software: + crypto_plugin: simple_crypto + store_plugin: store_crypto + global_default: true + database: + connection_recycle_time: ${_param:db_connection_recycle_time} + host: ${_param:openstack_database_address} + bind: + server: + control: + mgmt: + enabled: true + bind: + address: ${_param:single_address} + port: 953 + allow: + - ${_param:openstack_control_node01_address} + - ${_param:openstack_control_node02_address} + - ${_param:openstack_control_node03_address} + keys: + - designate + designate: + _support: + sphinx: + enabled: False # Workaround broken meta/sphinx.yml in salt-formula-designate + server: + pools: + default: + description: 'test pool' + targets: + default: + description: 'test target1' + default1: + type: ${_param:designate_pool_target_type} + description: 'test target2' + masters: ${_param:designate_pool_target_masters} + options: + host: ${_param:openstack_control_node02_address} + port: 53 + rndc_host: ${_param:openstack_control_node02_address} + rndc_port: 953 + rndc_key_file: /etc/designate/rndc.key + default2: + type: ${_param:designate_pool_target_type} + description: 'test target3' + masters: ${_param:designate_pool_target_masters} + options: + host: ${_param:openstack_control_node03_address} + port: 53 + rndc_host: ${_param:openstack_control_node03_address} + rndc_port: 953 + rndc_key_file: /etc/designate/rndc.key diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml new file mode 100644 index 000000000..aaa5e65f0 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml @@ -0,0 +1,45 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.keystone.client.single + - system.keystone.client.service.aodh + - system.keystone.client.service.nova21 + - system.keystone.client.service.nova-placement + - system.keystone.client.service.cinder3 + - system.keystone.client.service.designate + - system.keystone.client.service.ceilometer + - system.keystone.client.service.gnocchi + - system.keystone.client.service.panko + - system.keystone.client.service.barbican + - system.keystone.client.v3.service.keystone +parameters: + _param: + ceilometer_endpoint_status: absent + keystone: + client: + enabled: true + resources: + v3: + enabled: true + services: + ceilometer: + status: absent + # required only for Rally validation + cinder: + type: volume + description: OpenStack Volume Service + server: + identity: + admin: + api_version: 3 + admin_identity: + admin: + api_version: '' + user_domain_name: 'Default' + project_domain_name: 'Default' diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml new file mode 100644 index 000000000..9ed3f70cd --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml @@ -0,0 +1,38 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.galera.server.cluster + - system.galera.server.database.aodh + - system.galera.server.database.cinder + - system.galera.server.database.designate + - system.galera.server.database.glance + - system.galera.server.database.gnocchi + - system.galera.server.database.grafana + - system.galera.server.database.heat + - system.galera.server.database.keystone + - system.galera.server.database.nova + - system.galera.server.database.neutron + - system.galera.server.database.panko + - system.galera.server.database.barbican + - cluster.all-mcp-arch-common.backports +parameters: + _param: + keepalived_vip_interface: ${_param:single_nic} + keepalived_vip_virtual_router_id: 80 + galera_server_cluster_name: openstack_cluster + galera_max_connections: 3072 + galera_innodb_buffer_pool_size: 2048M + cluster_vip_address: ${_param:openstack_database_address} + cluster_local_address: ${_param:single_address} + cluster_node01_hostname: ${_param:openstack_database_node01_hostname} + cluster_node01_address: ${_param:openstack_database_node01_address} + cluster_node02_hostname: ${_param:openstack_database_node02_hostname} + cluster_node02_address: ${_param:openstack_database_node02_address} + cluster_node03_hostname: ${_param:openstack_database_node03_hostname} + cluster_node03_address: ${_param:openstack_database_node03_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database_init.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database_init.yml new file mode 100644 index 000000000..b7d09cfff --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database_init.yml @@ -0,0 +1,10 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.mysql.client.single diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 new file mode 100644 index 000000000..a55485ea0 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 @@ -0,0 +1,355 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +parameters: + _param: + # openstack service addresses +{%- if conf.MCP_VCP %} + openstack_proxy_control_address: ${_param:opnfv_openstack_proxy_control_address} + openstack_proxy_node01_control_address: ${_param:opnfv_openstack_proxy_node01_control_address} + openstack_proxy_node02_control_address: ${_param:opnfv_openstack_proxy_node02_control_address} +{%- else %} + openstack_proxy_control_address: ${_param:opnfv_openstack_control_address} + openstack_proxy_node01_control_address: ${_param:opnfv_openstack_control_node01_address} + openstack_proxy_node02_control_address: ${_param:opnfv_openstack_control_node03_address} +{%- endif %} + + openstack_proxy_address: ${_param:opnfv_openstack_proxy_address} + openstack_proxy_node01_address: ${_param:opnfv_openstack_proxy_node01_address} + openstack_proxy_node02_address: ${_param:opnfv_openstack_proxy_node02_address} + + openstack_control_address: ${_param:opnfv_openstack_control_address} + openstack_control_node01_address: ${_param:opnfv_openstack_control_node01_address} + openstack_control_node02_address: ${_param:opnfv_openstack_control_node02_address} + openstack_control_node03_address: ${_param:opnfv_openstack_control_node03_address} + +{%- if conf.MCP_VCP %} + openstack_database_address: ${_param:opnfv_openstack_database_address} + openstack_database_node01_address: ${_param:opnfv_openstack_database_node01_address} + openstack_database_node02_address: ${_param:opnfv_openstack_database_node02_address} + openstack_database_node03_address: ${_param:opnfv_openstack_database_node03_address} + + openstack_message_queue_address: ${_param:opnfv_openstack_message_queue_address} + openstack_message_queue_node01_address: ${_param:opnfv_openstack_message_queue_node01_address} + openstack_message_queue_node02_address: ${_param:opnfv_openstack_message_queue_node02_address} + openstack_message_queue_node03_address: ${_param:opnfv_openstack_message_queue_node03_address} + + openstack_telemetry_address: ${_param:opnfv_openstack_telemetry_address} + openstack_telemetry_node01_address: ${_param:opnfv_openstack_telemetry_node01_address} + openstack_telemetry_node02_address: ${_param:opnfv_openstack_telemetry_node02_address} + openstack_telemetry_node03_address: ${_param:opnfv_openstack_telemetry_node03_address} +{%- else %} + openstack_database_address: ${_param:openstack_control_address} + openstack_database_node01_address: ${_param:openstack_control_node01_address} + openstack_database_node02_address: ${_param:openstack_control_node02_address} + openstack_database_node03_address: ${_param:openstack_control_node03_address} + + openstack_message_queue_address: ${_param:openstack_control_address} + openstack_message_queue_node01_address: ${_param:openstack_control_node01_address} + openstack_message_queue_node02_address: ${_param:openstack_control_node02_address} + openstack_message_queue_node03_address: ${_param:openstack_control_node03_address} + + openstack_telemetry_address: ${_param:openstack_control_address} + openstack_telemetry_node01_address: ${_param:openstack_control_node01_address} + openstack_telemetry_node02_address: ${_param:openstack_control_node02_address} + openstack_telemetry_node03_address: ${_param:openstack_control_node03_address} +{%- endif %} + + # openstack service hostnames +{%- if conf.MCP_VCP %} + openstack_proxy_hostname: prx + openstack_proxy_node01_hostname: prx01 + openstack_proxy_node02_hostname: prx02 + openstack_control_hostname: ctl + openstack_control_node01_hostname: ctl01 + openstack_control_node02_hostname: ctl02 + openstack_control_node03_hostname: ctl03 + openstack_database_hostname: dbs + openstack_database_node01_hostname: dbs01 + openstack_database_node02_hostname: dbs02 + openstack_database_node03_hostname: dbs03 + openstack_message_queue_hostname: msg + openstack_message_queue_node01_hostname: msg01 + openstack_message_queue_node02_hostname: msg02 + openstack_message_queue_node03_hostname: msg03 + openstack_telemetry_hostname: mdb + openstack_telemetry_node01_hostname: mdb01 + openstack_telemetry_node02_hostname: mdb02 + openstack_telemetry_node03_hostname: mdb03 +{%- else %} + openstack_proxy_hostname: ${_param:openstack_control_hostname} + openstack_proxy_node01_hostname: ${_param:openstack_control_node01_hostname} + openstack_proxy_node02_hostname: ${_param:openstack_control_node03_hostname} + openstack_control_hostname: kvm + openstack_control_node01_hostname: kvm01 + openstack_control_node02_hostname: kvm02 + openstack_control_node03_hostname: kvm03 + openstack_database_hostname: ${_param:openstack_control_hostname} + openstack_database_node01_hostname: ${_param:openstack_control_node01_hostname} + openstack_database_node02_hostname: ${_param:openstack_control_node02_hostname} + openstack_database_node03_hostname: ${_param:openstack_control_node03_hostname} + openstack_message_queue_hostname: ${_param:openstack_control_hostname} + openstack_message_queue_node01_hostname: ${_param:openstack_control_node01_hostname} + openstack_message_queue_node02_hostname: ${_param:openstack_control_node02_hostname} + openstack_message_queue_node03_hostname: ${_param:openstack_control_node03_hostname} + openstack_telemetry_hostname: ${_param:openstack_control_hostname} + openstack_telemetry_node01_hostname: ${_param:openstack_control_node01_hostname} + openstack_telemetry_node02_hostname: ${_param:openstack_control_node02_hostname} + openstack_telemetry_node03_hostname: ${_param:openstack_control_node03_hostname} +{%- endif %} + + # openstack compute + openstack_compute_node01_hostname: cmp001 + openstack_compute_node02_hostname: cmp002 + + openstack_region: RegionOne + admin_email: root@localhost + db_connection_recycle_time: 300 + # Neutron osv/nodvr + neutron_control_dvr: 'False' + neutron_global_physnet_mtu: 1500 + neutron_external_mtu: 1500 + neutron_gateway_dvr: 'False' + neutron_gateway_agent_mode: legacy + neutron_compute_dvr: 'False' + neutron_compute_agent_mode: legacy + neutron_compute_external_access: 'True' + galera_server_cluster_name: openstack_cluster + glance_version: ${_param:openstack_version} + glance_service_host: ${_param:openstack_control_address} + keystone_version: ${_param:openstack_version} + keystone_service_host: ${_param:openstack_control_address} + heat_version: ${_param:openstack_version} + heat_service_host: ${_param:openstack_control_address} + cinder_version: ${_param:openstack_version} + cinder_service_host: ${_param:openstack_control_address} + ceilometer_version: ${_param:openstack_version} + ceilometer_service_host: ${_param:openstack_telemetry_address} + nova_version: ${_param:openstack_version} + nova_service_host: ${_param:openstack_control_address} + neutron_version: ${_param:openstack_version} + neutron_service_host: ${_param:openstack_control_address} +{%- if conf.MCP_VCP %} + glusterfs_service_host: ${_param:infra_kvm_address} +{%- else %} + glusterfs_service_host: ${_param:openstack_control_address} +{%- endif %} + mysql_admin_user: root + aodh_version: ${_param:openstack_version} + barbican_version: ${_param:openstack_version} + barbican_service_host: ${_param:openstack_control_address} + apache_barbican_api_address: ${_param:single_address} + barbican_integration_enabled: true + horizon_version: ${_param:openstack_version} + horizon_identity_host: ${_param:openstack_control_address} + horizon_identity_encryption: none + horizon_identity_version: 3 + apache_mods_status_enabled: false + nginx_server_site_nginx_proxy_openstack_web_enabled: true + aodh_service_host: ${_param:openstack_telemetry_address} + gnocchi_version: 4.3 + gnocchi_service_host: ${_param:openstack_telemetry_address} + panko_version: ${_param:openstack_version} + panko_service_host: ${_param:openstack_telemetry_address} + ceilometer_agent_default_polling_interval: 180 + ceilometer_agent_default_polling_meters: + - "*" + designate_service_host: ${_param:openstack_control_address} + designate_domain_id: 5186883b-91fb-4891-bd49-e6769234a8fc + designate_pool_ns_records: + - hostname: 'ns1.example.org.' + priority: 10 + designate_pool_nameservers: + - host: ${_param:openstack_control_node01_address} + port: 53 + - host: ${_param:openstack_control_node02_address} + port: 53 + - host: ${_param:openstack_control_node03_address} + port: 53 + designate_pool_target_type: bind9 + designate_pool_target_masters: + - host: ${_param:openstack_control_node01_address} + port: 5354 + - host: ${_param:openstack_control_node02_address} + port: 5354 + - host: ${_param:openstack_control_node03_address} + port: 5354 + designate_pool_target_options: + host: ${_param:openstack_control_node01_address} + port: 53 + rndc_host: ${_param:openstack_control_node01_address} + rndc_port: 953 + rndc_key_file: /etc/designate/rndc.key + designate_version: ${_param:openstack_version} + # Billing + # keystone_billometer_password: opnfv_secret + # keystone_billometer_address: ${_param:billometer_service_host} + # billometer_service_host: ${_param:openstack_billing_address} + # billometer_version: ${_param:openstack_version} + # billometer_secret_key: opnfv_secretpasswordpasswordpassword + # billometer_identity_password: ${_param:keystone_billometer_password} + # billometer_identity_host: ${_param:openstack_control_address} + # billometer_identity_token: ${_param:keystone_service_token} + linux: + system: +{%- if 'aarch64' in nm.cluster.arch %} + repo: + armband_3: # Should be in sync with the repo config generated via curtin/MaaS + source: "deb http://linux.enea.com/mcp-repos/${_param:armband_repo_version}/xenial ${_param:armband_repo_version}-armband main" + key: ${_param:armband_key} + pinning: + 15: + enabled: true + pin: 'release a=${_param:armband_repo_version}-armband' + priority: 15 + package: '*' + 1200: + enabled: true + pin: 'release a=${_param:armband_repo_version}-armband' + priority: 1200 + package: 'qemu-efi' +{%- endif %} + kernel: + sysctl: + net.ipv4.tcp_congestion_control: yeah + net.ipv4.tcp_slow_start_after_idle: 0 + net.ipv4.tcp_fin_timeout: 30 + package: + python-tornado: + version: latest + network: + host: +{%- if conf.MCP_VCP %} + prx: + address: ${_param:openstack_proxy_control_address} + names: + - ${_param:openstack_proxy_hostname} + - ${_param:openstack_proxy_hostname}.${_param:cluster_domain} + prx01: + address: ${_param:openstack_proxy_node01_control_address} + names: + - ${_param:openstack_proxy_node01_hostname} + - ${_param:openstack_proxy_node01_hostname}.${_param:cluster_domain} + prx02: + address: ${_param:openstack_proxy_node02_control_address} + names: + - ${_param:openstack_proxy_node02_hostname} + - ${_param:openstack_proxy_node02_hostname}.${_param:cluster_domain} + ctl: + address: ${_param:openstack_control_address} + names: + - ${_param:openstack_control_hostname} + - ${_param:openstack_control_hostname}.${_param:cluster_domain} + ctl01: + address: ${_param:openstack_control_node01_address} + names: + - ${_param:openstack_control_node01_hostname} + - ${_param:openstack_control_node01_hostname}.${_param:cluster_domain} + ctl02: + address: ${_param:openstack_control_node02_address} + names: + - ${_param:openstack_control_node02_hostname} + - ${_param:openstack_control_node02_hostname}.${_param:cluster_domain} + ctl03: + address: ${_param:openstack_control_node03_address} + names: + - ${_param:openstack_control_node03_hostname} + - ${_param:openstack_control_node03_hostname}.${_param:cluster_domain} + msg: + address: ${_param:openstack_message_queue_address} + names: + - ${_param:openstack_message_queue_hostname} + - ${_param:openstack_message_queue_hostname}.${_param:cluster_domain} + msg01: + address: ${_param:openstack_message_queue_node01_address} + names: + - ${_param:openstack_message_queue_node01_hostname} + - ${_param:openstack_message_queue_node01_hostname}.${_param:cluster_domain} + msg02: + address: ${_param:openstack_message_queue_node02_address} + names: + - ${_param:openstack_message_queue_node02_hostname} + - ${_param:openstack_message_queue_node02_hostname}.${_param:cluster_domain} + msg03: + address: ${_param:openstack_message_queue_node03_address} + names: + - ${_param:openstack_message_queue_node03_hostname} + - ${_param:openstack_message_queue_node03_hostname}.${_param:cluster_domain} + dbs: + address: ${_param:openstack_database_address} + names: + - ${_param:openstack_database_hostname} + - ${_param:openstack_database_hostname}.${_param:cluster_domain} + dbs01: + address: ${_param:openstack_database_node01_address} + names: + - ${_param:openstack_database_node01_hostname} + - ${_param:openstack_database_node01_hostname}.${_param:cluster_domain} + dbs02: + address: ${_param:openstack_database_node02_address} + names: + - ${_param:openstack_database_node02_hostname} + - ${_param:openstack_database_node02_hostname}.${_param:cluster_domain} + dbs03: + address: ${_param:openstack_database_node03_address} + names: + - ${_param:openstack_database_node03_hostname} + - ${_param:openstack_database_node03_hostname}.${_param:cluster_domain} + mdb: + address: ${_param:openstack_telemetry_address} + names: + - ${_param:openstack_telemetry_hostname} + - ${_param:openstack_telemetry_hostname}.${_param:cluster_domain} + mdb01: + address: ${_param:openstack_telemetry_node01_address} + names: + - ${_param:openstack_telemetry_node01_hostname} + - ${_param:openstack_telemetry_node01_hostname}.${_param:cluster_domain} + mdb02: + address: ${_param:openstack_telemetry_node02_address} + names: + - ${_param:openstack_telemetry_node02_hostname} + - ${_param:openstack_telemetry_node02_hostname}.${_param:cluster_domain} + mdb03: + address: ${_param:openstack_telemetry_node03_address} + names: + - ${_param:openstack_telemetry_node03_hostname} + - ${_param:openstack_telemetry_node03_hostname}.${_param:cluster_domain} +{%- else %} + kvm: + address: ${_param:openstack_control_address} + names: + - ${_param:openstack_control_hostname} + - ${_param:openstack_control_hostname}.${_param:cluster_domain} + kvm01: + address: ${_param:openstack_control_node01_address} + names: + - ${_param:openstack_control_node01_hostname} + - ${_param:openstack_control_node01_hostname}.${_param:cluster_domain} + kvm02: + address: ${_param:openstack_control_node02_address} + names: + - ${_param:openstack_control_node02_hostname} + - ${_param:openstack_control_node02_hostname}.${_param:cluster_domain} + kvm03: + address: ${_param:openstack_control_node03_address} + names: + - ${_param:openstack_control_node03_hostname} + - ${_param:openstack_control_node03_hostname}.${_param:cluster_domain} +{%- endif %} +{#- For compute nodes, expand values in-place, bypassing reclass param expansion #} +{%- for cmp in range(1, nm.cmp_nodes + 1) %} + {%- set h = 'cmp%03d' | format(cmp) %} + {%- set mgmt = nm.net_mgmt_hosts | length + nm.start_ip[nm.net_mgmt] + loop.index %} + {{ h }}: + address: {{ nm.net_mgmt | ipnet_hostaddr(mgmt) }} + names: + - {{ h }} + - {{ h }}.${_param:cluster_domain} +{%- endfor %} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 new file mode 100644 index 000000000..3b302aca8 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 @@ -0,0 +1,41 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +{%- if conf.MCP_VCP %} +classes: + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf +parameters: + _param: + pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface} + single_nic: ${_param:opnfv_vcp_vm_secondary_interface} + linux: + network: + interface: + pxe_admin: + enabled: true + type: eth + proto: static + name: ${_param:pxe_admin_interface} + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} + noifupdown: true + mtu: ${_param:interface_mtu} + single: + enabled: true + type: eth + proto: static + name: ${_param:single_nic} + address: ${_param:single_address} + netmask: ${_param:opnfv_net_public_mask} + mtu: ${_param:interface_mtu} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 new file mode 100644 index 000000000..8815de99b --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 @@ -0,0 +1,60 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +--- +{%- if conf.MCP_VCP %} +classes: + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf +parameters: + _param: + pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface} + single_nic: ${_param:opnfv_vcp_vm_secondary_interface} + control_nic: ${_param:opnfv_vcp_vm_tertiary_interface} + linux: + network: + interface: + pxe_admin: + enabled: true + type: eth + proto: static + name: ${_param:pxe_admin_interface} + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + noifupdown: true + mtu: ${_param:interface_mtu} + single_int: + enabled: true + type: eth + proto: static + name: ${_param:single_nic} + address: ${_param:single_address} + netmask: ${_param:opnfv_net_public_mask} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + mtu: ${_param:interface_mtu} + control_int: + enabled: true + type: eth + proto: static + name: ${_param:control_nic} + address: ${_param:control_address} + netmask: ${_param:opnfv_net_mgmt_mask} + mtu: ${_param:interface_mtu} +{%- else %} +{#- For NOVCP scenarios, base config is in kvm_pdf, only add/override gw #} +parameters: + linux: + network: + interface: + br-ex: + proto: static + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_message_queue.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_message_queue.yml new file mode 100644 index 000000000..1871c2efa --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_message_queue.yml @@ -0,0 +1,24 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.rabbitmq.server.cluster + - system.rabbitmq.server.vhost.openstack + - cluster.all-mcp-arch-common.backports +parameters: + _param: + keepalived_vip_interface: ${_param:single_nic} + keepalived_vip_virtual_router_id: 90 + cluster_vip_address: ${_param:openstack_message_queue_address} + cluster_local_address: ${_param:single_address} + cluster_node01_hostname: ${_param:openstack_message_queue_node01_hostname} + cluster_node01_address: ${_param:openstack_message_queue_node01_address} + cluster_node02_hostname: ${_param:openstack_message_queue_node02_hostname} + cluster_node02_address: ${_param:openstack_message_queue_node02_address} + cluster_node03_hostname: ${_param:openstack_message_queue_node03_hostname} + cluster_node03_address: ${_param:openstack_message_queue_node03_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 new file mode 100644 index 000000000..31bfeddb4 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 @@ -0,0 +1,100 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.nginx.server.single + - system.nginx.server.proxy.openstack_api + - system.nginx.server.proxy.openstack_vnc + - system.nginx.server.proxy.openstack_web + - system.nginx.server.proxy.openstack.aodh + - system.nginx.server.proxy.openstack.barbican + - system.apache.server.single + - system.horizon.server.single + - system.salt.minion.cert.proxy + - system.sphinx.server.doc.reclass + - service.keepalived.cluster.single + - system.keepalived.cluster.instance.openstack_web_public_vip + - cluster.all-mcp-arch-common.backports +parameters: + _param: + cluster_vip_address: ${_param:openstack_proxy_address} + keepalived_openstack_web_public_vip_address: ${_param:cluster_vip_address} + keepalived_openstack_web_public_vip_interface: ${_param:single_nic} + keepalived_openstack_web_public_vip_password: ${_param:opnfv_main_password} + keepalived_vip_address: ${_param:openstack_proxy_control_address} + keepalived_vip_interface: ${_param:control_nic} + keepalived_vip_virtual_router_id: 240 + nginx_proxy_ssl: + enabled: true + authority: ${_param:salt_minion_ca_authority} + engine: salt + mode: secure + salt_minion_ca_host: cfg01.${_param:cluster_domain} + linux: + system: + package: + libapache2-mod-wsgi: + version: latest +{%- if not conf.MCP_VCP %} + nginx: + server: + # NOTE(armband): Define host.address for all proxies for uniformity + site: + nginx_proxy_novnc: &nginx_openstack_proxy_address + host: + address: ${_param:openstack_proxy_address} + nginx_proxy_openstack_api_aodh: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_cinder: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_glance: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_heat: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_heat_cfn: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_heat_cloudwatch: + <<: *nginx_openstack_proxy_address + enabled: false + nginx_proxy_openstack_api_keystone: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_keystone_private: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_neutron: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_nova: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_web: + <<: *nginx_openstack_proxy_address + nginx_ssl_redirect_openstack_web: + <<: *nginx_openstack_proxy_address + nginx_static_reclass_doc: + <<: *nginx_openstack_proxy_address +{%- else %} + nginx: + server: + site: + nginx_proxy_openstack_api_heat_cloudwatch: + enabled: false +{%- endif %} + salt: + minion: + cert: + proxy: + alternative_names: "IP:${_param:openstack_proxy_address}" + key_usage: 'digitalSignature, keyEncipherment' + keepalived: + cluster: + vrrp_scripts: + check_pidof: + args: 'nginx' + apache: + server: + mod_wsgi: libapache2-mod-wsgi-py3 + bind: + listen_default_ports: false diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 new file mode 100644 index 000000000..776e520d2 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 @@ -0,0 +1,101 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - service.redis.server.single + - system.ceilometer.server.cluster + - system.ceilometer.server.coordination.redis + - system.ceilometer.server.backend.default + - system.aodh.server.cluster + - system.aodh.server.coordination.redis + - system.memcached.server.single + - system.apache.server.single + - system.apache.server.site.gnocchi + - system.apache.server.site.panko + - system.gnocchi.server.cluster + - system.gnocchi.common.storage.incoming.redis + - system.gnocchi.common.storage.redis + - system.gnocchi.common.coordination.redis + - system.panko.server.cluster + - cluster.all-mcp-arch-common.backports +parameters: + _param: + keepalived_openstack_telemetry_vip_interface: ${_param:single_nic} + keepalived_vip_virtual_router_id: 230 + cluster_vip_address: ${_param:openstack_telemetry_address} + cluster_local_address: ${_param:single_address} + cluster_node01_hostname: ${_param:openstack_telemetry_node01_hostname} + cluster_node01_address: ${_param:openstack_telemetry_node01_address} + cluster_node02_hostname: ${_param:openstack_telemetry_node02_hostname} + cluster_node02_address: ${_param:openstack_telemetry_node02_address} + cluster_node03_hostname: ${_param:openstack_telemetry_node03_hostname} + cluster_node03_address: ${_param:openstack_telemetry_node03_address} + redis_sentinel_node01_address: ${_param:openstack_telemetry_node01_address} + redis_sentinel_node02_address: ${_param:openstack_telemetry_node02_address} + redis_sentinel_node03_address: ${_param:openstack_telemetry_node03_address} + # yamllint disable-line rule:line-length + openstack_telemetry_redis_url: redis://${_param:redis_sentinel_node01_address}:26379?sentinel=master_1&sentinel_fallback=${_param:redis_sentinel_node02_address}:26379&sentinel_fallback=${_param:redis_sentinel_node03_address}:26379 + gnocchi_coordination_url: ${_param:openstack_telemetry_redis_url} + gnocchi_storage_incoming_redis_url: ${_param:openstack_telemetry_redis_url} + linux: + system: + sysfs: + transparent_hugepages: + kernel/mm/transparent_hugepage/enabled: never + redis: + server: + version: 5.0 + appendfsync: 'no' + bind: + address: ${_param:single_address} + cluster: + enabled: true + mode: sentinel + password: ${_param:opnfv_main_password} + role: ${_param:redis_cluster_role} + quorum: 2 + master: + host: ${_param:cluster_node01_address} + port: 6379 + sentinel: + address: ${_param:single_address} + gnocchi: + common: + database: + host: ${_param:openstack_database_address} + server: + pkgs: + - gnocchi-api + - gnocchi-metricd + - python-memcache + apache: + server: + mod_wsgi: libapache2-mod-wsgi-py3 + ~modules: + - rewrite +{%- if conf.MCP_VCP %} {#- wsgi module will be enabled by a different class inherited later #} + - wsgi +{%- endif %} + site: + gnocchi: + wsgi: + threads: 1 + panko: + server: &db_conn_recycle_time + database: + connection_recycle_time: ${_param:db_connection_recycle_time} + aodh: + server: + <<: *db_conn_recycle_time + coordination_backend: + url: ${_param:openstack_telemetry_redis_url} + ceilometer: + server: + ~database: ~ + coordination_backend: + url: ${_param:openstack_telemetry_redis_url} |