diff options
Diffstat (limited to 'mcp/reclass/classes/cluster/mcp-common-noha')
11 files changed, 328 insertions, 164 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml b/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml index 9fe5247a4..dd3bc4761 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml @@ -8,7 +8,7 @@ --- parameters: _param: - haproxy_check: check inter 15s fastinter 2s downinter 4s rise 3 fall 3 + haproxy_check: check inter 30m fastinter 2s downinter 4s rise 3 fall 3 haproxy: proxy: listen: @@ -131,25 +131,36 @@ parameters: host: ${_param:cluster_node01_address} port: 8775 params: ${_param:haproxy_check} - ceilometer_api: - type: general-service - check: false + aodh-api: + type: openstack-service + service_name: aodh binds: - address: ${_param:cluster_vip_address} - port: 8777 + port: 8042 servers: - - name: ${_param:cluster_node01_hostname} + - name: ctl01 host: ${_param:cluster_node01_address} - port: 8777 + port: 8042 params: ${_param:haproxy_check} - aodh-api: + barbican_api: type: openstack-service - service_name: aodh + service_name: barbican binds: - address: ${_param:cluster_vip_address} - port: 8042 + port: 9311 servers: - name: ctl01 host: ${_param:cluster_node01_address} - port: 8042 + port: 9311 + params: ${_param:haproxy_check} + barbican_admin_api: + type: openstack-service + service_name: barbican + binds: + - address: ${_param:cluster_vip_address} + port: 9312 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9312 params: ${_param:haproxy_check} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/infra/config.yml.j2 index ac53e8225..90e6ffc8d 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/infra/config.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-noha/infra/config.yml.j2 @@ -8,37 +8,14 @@ {%- import 'net_map.j2' as nm with context %} --- classes: - - system.mysql.client.single - cluster.all-mcp-arch-common.infra.config_pdf parameters: _param: openstack_control_node01_hostname: ctl01 - reclass_config_master: ${_param:opnfv_infra_config_pxe_admin_address} + pxe_admin_address: ${_param:reclass_config_master} single_address: ${_param:opnfv_infra_config_address} salt_master_host: 127.0.0.1 salt_minion_ca_host: ${linux:network:fqdn} - linux: - network: - interface: - mcpcontrol_int: - enabled: true - type: eth - proto: dhcp - name: ${_param:opnfv_fn_vm_primary_interface} - single_int: - enabled: true - name: ${_param:opnfv_fn_vm_secondary_interface} - type: eth - proto: static - address: ${_param:single_address} - netmask: ${_param:opnfv_net_mgmt_mask} - pxe_admin_int: - enabled: true - type: eth - proto: static - name: ${_param:opnfv_fn_vm_tertiary_interface} - address: ${_param:opnfv_infra_config_pxe_admin_address} - netmask: ${_param:opnfv_net_admin_mask} salt: master: file_recv: true @@ -53,7 +30,7 @@ parameters: classes: - cluster.${_param:cluster_name}.openstack.control params: - linux_system_codename: xenial + linux_system_codename: bionic salt_master_host: ${_param:reclass_config_master} single_address: ${_param:openstack_control_node01_address} pxe_admin_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-common-noha/infra/init.yml.j2 index 772d0880b..d3e07e106 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/infra/init.yml.j2 @@ -5,10 +5,20 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- +classes: + - cluster.all-mcp-arch-common parameters: _param: + # infra service addresses + infra_config_address: ${_param:opnfv_infra_config_address} + infra_config_deploy_address: {{ conf.SALT_MASTER }} cluster_domain: ${_param:cluster_name}.local + reclass_config_master: ${_param:opnfv_infra_config_pxe_admin_address} + infra_maas_node01_hostname: mas01 + infra_maas_node01_address: ${_param:opnfv_infra_maas_node01_address} + infra_maas_node01_deploy_address: ${_param:opnfv_infra_maas_node01_deploy_address} linux: system: apt: @@ -20,12 +30,19 @@ parameters: network: host: cfg01: - address: ${_param:infra_config_address} + address: ${_param:opnfv_infra_config_address} names: - cfg01 - cfg01.${_param:cluster_domain} cfg: - address: ${_param:infra_config_address} + address: ${_param:opnfv_infra_config_address} names: - cfg - cfg.${_param:cluster_domain} +{%- if nm.cluster.has_baremetal_nodes %} + mas01: + address: ${_param:infra_maas_node01_address} + names: + - ${_param:infra_maas_node01_hostname} + - ${_param:infra_maas_node01_hostname}.${_param:cluster_domain} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/init_options.yml b/mcp/reclass/classes/cluster/mcp-common-noha/init_options.yml index 462ab8312..4b5a4dec8 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/init_options.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/init_options.yml @@ -10,8 +10,6 @@ classes: - cluster.all-mcp-arch-common parameters: _param: - # infra service addresses - infra_config_address: ${_param:opnfv_infra_config_address} # openstack service addresses openstack_control_address: ${_param:opnfv_openstack_control_node01_address} openstack_control_node01_address: ${_param:opnfv_openstack_control_node01_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml index 671f6eb07..edaf5190a 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml @@ -15,19 +15,17 @@ classes: - system.ceilometer.client.nova_compute - system.ceilometer.client.cinder_volume - system.ceilometer.agent.polling.default - - system.linux.system.repo.mcp.openstack + - service.barbican.client.single + - cluster.all-mcp-arch-common.backports - cluster.mcp-common-noha.openstack_compute_pdf parameters: - _param: - interface_mtu: 9000 - linux_system_codename: xenial - single_address: ${_param:control_address} nova: compute: libvirt_service: libvirtd libvirt_bin: /etc/default/libvirtd disk_cachemodes: file=directsync,block=none vncproxy_url: http://${_param:cluster_vip_address}:6080 + heal_instance_info_cache_interval: 300 bind: vnc_address: ${_param:single_address} network: @@ -35,11 +33,21 @@ parameters: user: neutron tenant: service password: ${_param:keystone_neutron_password} + barbican: + enabled: ${_param:barbican_integration_enabled} + image: + verify_glance_signatures: false + pkgs: + - nova-compute + - python3-novaclient + - pm-utils + - sysfsutils neutron: compute: notification: true vlan_aware_vms: true root_helper_daemon: false + report_interval: 120 agent_mode: ${_param:neutron_compute_agent_mode} message_queue: host: ${_param:openstack_control_address} @@ -47,6 +55,11 @@ parameters: host: ${_param:openstack_control_address} cinder: volume: + backend: + lvm-driver: + # Align system.cinder.volume.backend.lvm and MaaS data + volume_group: ${linux:storage:lvm:cinder-vg:name} + my_ip: ${_param:single_address} database: host: ${_param:cluster_local_address} identity: @@ -55,6 +68,13 @@ parameters: host: ${_param:cluster_local_address} message_queue: host: ${_param:cluster_local_address} + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - cinder-volume + openiscsi_services: + - tgt + - iscsid nfs: client: mount: @@ -63,6 +83,11 @@ parameters: fstype: nfs device: ${_param:openstack_control_address}:/srv/nova/instances linux: + storage: + lvm: + # Align with both system.cinder.volume.backend.lvm and MaaS data + cinder-vg: + name: vgroot system: kernel: sysctl: diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute_pdf.yml.j2 index aebd88828..b63555339 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute_pdf.yml.j2 @@ -7,10 +7,19 @@ ############################################################################## {#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} {%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.cmp001.nic_mgmt: True, nm.cmp001.nic_private: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.cmp001.nic_mgmt } %} +{%- if '-ovs-' not in conf.MCP_DEPLOY_SCENARIO and '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +{%- do vlans.update({ vlan_private_start: nm.cmp001.nic_private }) %} +{%- endif %} --- parameters: _param: # Should later be determined via PDF/IDF, AArch64 has ESP on /dev/sda1 +{%- if nm.cmp001.idx < conf.nodes | length %} {%- if conf.nodes[nm.cmp001.idx].node.type == 'virtual' %} ~cinder_lvm_devices: ['/dev/vdb'] {%- elif conf.nodes[nm.cmp001.idx].node.arch == 'aarch64' or @@ -19,32 +28,44 @@ parameters: {%- else %} ~cinder_lvm_devices: ['/dev/sda1'] {%- endif %} - primary_interface: {{ nm.cmp001.nic_mgmt }} - tenant_interface: {{ nm.cmp001.nic_private }} - external_interface: {{ nm.cmp001.nic_public }} +{%- endif %} linux: network: +{%- if '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} + ovs_nowait: true bridge: openvswitch +{%- else %} + dpdk: + enabled: true + driver: "${_param:compute_dpdk_driver}" + vpp: + enabled: true + decimal_interface_names: true + # Reuse ovs-dpdk socket mem configuration from IDF + dpdk_socket_mem: ${_param:compute_ovs_dpdk_socket_mem} + main_core: ${linux:system:kernel:isolcpu} + gid: 'neutron' +{%- endif %} interface: pxe_admin_int: enabled: true - name: {{ nm.cmp001.nic_admin }} + name: ${_param:pxe_admin_interface} proto: static type: eth address: ${_param:pxe_admin_address} netmask: ${_param:opnfv_net_admin_mask} mtu: ${_param:interface_mtu} - primary_interface: - enabled: true - name: ${_param:primary_interface} - proto: manual - type: eth - tenant_interface: - enabled: true - name: ${_param:tenant_interface} - mtu: ${_param:interface_mtu} - proto: manual - type: eth + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.cmp001.nic_admin in nics %} + {%- do nics.pop(nm.cmp001.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + br-mgmt: enabled: true type: bridge @@ -52,4 +73,4 @@ parameters: address: ${_param:single_address} netmask: ${_param:opnfv_net_mgmt_mask} use_interfaces: - - ${_param:primary_interface} + - {{ ma.interface_str(nm.cmp001.nic_mgmt, nm.vlan_mgmt) }} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 index f458281ce..e383edd16 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 @@ -8,7 +8,6 @@ --- classes: - system.linux.system.lowmem - - system.linux.system.repo.mcp.openstack - service.nfs.server - system.ceilometer.client - system.ceilometer.client.neutron @@ -26,6 +25,7 @@ classes: - system.keystone.client.service.aodh - system.keystone.client.service.gnocchi - system.keystone.client.service.panko + - system.keystone.client.service.barbican - system.glance.control.single - system.nova.control.single - system.cinder.control.single @@ -34,56 +34,73 @@ classes: - service.mysql.server.single - system.galera.server.database.cinder - system.galera.server.database.glance - - system.galera.server.database.grafana + - system.galera.server.database.neutron - system.galera.server.database.heat - system.galera.server.database.keystone - system.galera.server.database.nova - - system.galera.server.database.ceilometer - system.galera.server.database.aodh - system.galera.server.database.gnocchi - system.galera.server.database.panko + - system.galera.server.database.barbican + - system.barbican.server.single + - service.barbican.server.plugin.simple_crypto - service.redis.server.single - service.ceilometer.server.single - - system.ceilometer.server.coordination.redis - system.ceilometer.server.backend.default - system.aodh.server.single - - system.aodh.server.coordination.redis - system.gnocchi.server.single - - system.gnocchi.common.storage.incoming.redis - - system.gnocchi.common.storage.redis - - system.gnocchi.common.coordination.redis - service.panko.server.single + - system.apache.server.site.aodh - system.apache.server.site.gnocchi - system.apache.server.site.panko + - system.apache.server.site.barbican + - system.apache.server.single - system.horizon.server.single + - system.nginx.server.single + - system.nginx.server.proxy.openstack_web - service.haproxy.proxy.single +{%- if '-sfc-' in conf.MCP_DEPLOY_SCENARIO %} + - system.keystone.client.service.tacker + - system.galera.server.database.tacker + - service.tacker.server.single +{%- endif %} + - cluster.all-mcp-arch-common.backports - cluster.mcp-common-noha.haproxy_openstack_api - cluster.mcp-common-noha.openstack_control_pdf parameters: _param: - linux_system_codename: xenial ceilometer_create_gnocchi_resources: 'True' + ceilometer_endpoint_status: absent + barbican_integration_enabled: 'false' linux: system: package: python-msgpack: version: latest + sysfs: + transparent_hugepages: + kernel/mm/transparent_hugepage/enabled: never keystone: server: admin_email: ${_param:admin_email} openrc_extra: - volume_device_name: vdc + volume_device_name: sdc pkgs: - keystone - - python-psycopg2 - - python-mysqldb - - python-openstackclient - - python-tornado + - python3-memcache + - python3-openstackclient client: enabled: true resources: v3: enabled: true + services: + ceilometer: + status: absent + # required only for Rally validation + cinder: + type: volume + description: OpenStack Volume Service server: identity: admin: @@ -99,10 +116,23 @@ parameters: engine: file images: [] workers: 1 + barbican: + enabled: ${_param:barbican_integration_enabled} + identity: + barbican_endpoint: ${barbican:server:host_href} + pkgs: + - glance + services: + - glance-api + cinder: + controller: + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - cinder-api + - cinder-scheduler nova: controller: - networking: dvr - cpu_allocation: 54 metadata: password: ${_param:metadata_password} bind: @@ -111,6 +141,15 @@ parameters: novncproxy_port: 6080 vncproxy_url: http://${_param:cluster_vip_address}:6080 workers: 1 + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - nova-api + - nova-conductor + - nova-consoleauth + - nova-scheduler + - nova-novncproxy + - python3-novaclient horizon: server: # yamllint disable-line rule:truthy @@ -139,10 +178,18 @@ parameters: ~database: ~ redis: server: - version: 3.0 + version: 5.0 appendfsync: 'no' bind: address: ${_param:single_address} + gnocchi: + common: + storage: + driver: redis + redis_url: redis://${_param:single_address}:6379 + incoming: + driver: redis + redis_url: redis://${_param:single_address}:6379 nfs: server: share: @@ -159,9 +206,42 @@ parameters: server: vlan_aware_vms: true root_helper_daemon: false + agent_down_time: 300 + global_physnet_mtu: ${_param:interface_mtu} + backend: + external_mtu: ${_param:interface_mtu} +{%- if '-bgpvpn-' in conf.MCP_DEPLOY_SCENARIO %} + bgp_vpn: + enabled: True + driver: opendaylight_v2 +{%- endif %} apache: server: + bind: + listen_default_ports: false site: - gnocchi: + gnocchi: &wsgi_threads wsgi: threads: 1 + barbican: + <<: *wsgi_threads + barbican_admin: + <<: *wsgi_threads + mod_wsgi: libapache2-mod-wsgi-py3 + barbican: + server: + ks_notifications_enable: true + store: + software: + crypto_plugin: simple_crypto + store_plugin: store_crypto + global_default: true + rabbitmq: + server: + env_variables: + hostname: localhost + nginx: + server: + site: + nginx_ssl_redirect_openstack_web: + enabled: false diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control_pdf.yml.j2 index b0b55afb9..06df3b845 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control_pdf.yml.j2 @@ -6,6 +6,10 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## {%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.ctl01.nic_mgmt: True, nm.ctl01.nic_public: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %} --- parameters: linux: @@ -18,19 +22,35 @@ parameters: type: eth address: ${_param:pxe_admin_address} netmask: ${_param:opnfv_net_admin_mask} - single_int: + mtu: ${_param:interface_mtu} + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.ctl01.nic_admin in nics %} + {%- do nics.pop(nm.ctl01.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-ctl: enabled: true - name: {{ nm.ctl01.nic_mgmt }} - type: eth + type: bridge proto: static address: ${_param:single_address} netmask: ${_param:opnfv_net_mgmt_mask} - public_int: + noifupdown: true + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} + br-ext: enabled: true - name: {{ nm.ctl01.nic_public }} - type: eth + type: bridge proto: static address: ${_param:cluster_public_host} netmask: ${_param:opnfv_net_public_mask} gateway: ${_param:opnfv_net_public_gw} name_servers: {{ nm.dns_public }} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + noifupdown: true diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway.yml index 0062adf16..e59263c99 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway.yml @@ -7,15 +7,14 @@ ############################################################################## --- classes: - - system.linux.system.repo.mcp.openstack + - cluster.all-mcp-arch-common.backports - cluster.mcp-common-noha.openstack_gateway_pdf parameters: - _param: - interface_mtu: 9000 - linux_system_codename: xenial neutron: gateway: notification: true agent_mode: ${_param:neutron_gateway_agent_mode} vlan_aware_vms: true root_helper_daemon: false + dhcp_lease_duration: 3600 + report_interval: 120 diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 index 6bd61a2d4..00d8fbd8c 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 @@ -7,14 +7,39 @@ ############################################################################## --- {%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.ctl01.nic_mgmt: True, nm.ctl01.nic_private: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.ctl01.nic_mgmt } %} +{%- if '-fdio-' in conf.MCP_DEPLOY_SCENARIO %} +{%- do nics.update({ nm.ctl01.nic_public: True }) %} +{%- do vlans.update({ nm.vlan_public: nm.ctl01.nic_public }) %} +{%- elif '-ovs-' not in conf.MCP_DEPLOY_SCENARIO %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +{%- do vlans.update({ vlan_private_start: nm.ctl01.nic_private }) %} +{%- endif %} parameters: - _param: - primary_interface: {{ nm.ctl01.nic_mgmt }} - tenant_interface: {{ nm.ctl01.nic_private }} - external_interface: {{ nm.ctl01.nic_public }} linux: network: +{%- if '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} +{%- set floating_br_type = 'ovs_bridge' %} bridge: openvswitch +{%- else %} +{%- set floating_br_type = 'bridge' %} + vpp: + enabled: true + decimal_interface_names: true + # Reuse ovs-dpdk socket mem configuration from IDF + dpdk_socket_mem: ${_param:compute_ovs_dpdk_socket_mem} + main_core: ${linux:system:kernel:isolcpu} + gid: 'neutron' + commands: | + create tap host-if-name vpp_ext_tap host-bridge br-floating rx-ring-size 1024 tx-ring-size 1024 + set interface state ${_param:external_vpp_tap} up + dpdk: + enabled: true + driver: "${_param:compute_dpdk_driver}" +{%- endif %} interface: pxe_admin_int: enabled: true @@ -24,30 +49,38 @@ parameters: address: ${_param:pxe_admin_address} netmask: ${_param:opnfv_net_admin_mask} mtu: ${_param:interface_mtu} - primary_interface: + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.ctl01.nic_admin in nics %} + {%- do nics.pop(nm.ctl01.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + +{%- if '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} + {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }}: enabled: true - name: ${_param:primary_interface} mtu: ${_param:interface_mtu} proto: manual - type: eth - tenant_interface: - enabled: true - name: ${_param:tenant_interface} - mtu: ${_param:interface_mtu} - proto: manual - type: eth - external_interface: + ovs_port_type: OVSPort + type: ovs_port + ovs_bridge: br-floating + bridge: br-floating +{%- endif %} + br-floating: enabled: true - name: ${_param:external_interface} - mtu: ${_param:interface_mtu} - proto: manual - type: eth + type: {{ floating_br_type }} + proto: static + address: ${_param:external_address} + netmask: ${_param:opnfv_net_public_mask} gateway: ${_param:opnfv_net_public_gw} name_servers: {{ nm.dns_public }} - br-floating: - enabled: true - type: ovs_bridge - mtu: ${_param:interface_mtu} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + noifupdown: true br-mgmt: enabled: true type: bridge @@ -56,19 +89,4 @@ parameters: netmask: ${_param:opnfv_net_mgmt_mask} mtu: ${_param:interface_mtu} use_interfaces: - - ${_param:primary_interface} - float-to-ex: - enabled: true - type: ovs_port - mtu: ${_param:interface_mtu} - bridge: br-floating - br-ex: - enabled: true - type: bridge - mtu: ${_param:interface_mtu} - address: ${_param:external_address} - netmask: ${_param:opnfv_net_public_mask} - use_interfaces: - - ${_param:external_interface} - use_ovs_ports: - - float-to-ex + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2 index 872156574..3f3ff0ab8 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2 @@ -9,9 +9,6 @@ --- parameters: _param: - openstack_version: queens - apt_mk_version: nightly - mcp_repo_version: 1.1 openstack_region: RegionOne admin_email: root@localhost cluster_public_protocol: http @@ -27,8 +24,6 @@ parameters: neutron_compute_agent_mode: legacy neutron_compute_external_access: 'False' galera_server_cluster_name: openstack_cluster - galera_server_maintenance_password: opnfv_secret - galera_server_admin_password: opnfv_secret cluster_vip_address: ${_param:cluster_public_host} cluster_local_address: ${_param:openstack_control_address} cluster_node01_hostname: ctl01 @@ -37,17 +32,12 @@ parameters: cluster_node02_address: ${_param:opnfv_openstack_control_node02_address} cluster_node03_hostname: ctl03 cluster_node03_address: ${_param:opnfv_openstack_control_node03_address} - rabbitmq_secret_key: opnfv_secret - rabbitmq_admin_password: opnfv_secret - rabbitmq_openstack_password: opnfv_secret - rabbitmq_cold_password: opnfv_secret glance_version: ${_param:openstack_version} glance_service_host: ${_param:cluster_local_address} keystone_version: ${_param:openstack_version} keystone_service_host: ${_param:cluster_local_address} heat_version: ${_param:openstack_version} heat_service_host: ${_param:cluster_local_address} - heat_domain_admin_password: opnfv_secret ceilometer_version: ${_param:openstack_version} ceilometer_service_host: ${_param:cluster_local_address} ceilometer_database_host: ${_param:cluster_local_address} @@ -59,43 +49,34 @@ parameters: neutron_version: ${_param:openstack_version} neutron_service_host: ${_param:cluster_local_address} mysql_admin_user: root - mysql_admin_password: opnfv_secret - mysql_cinder_password: opnfv_secret - mysql_ceilometer_password: opnfv_secret - mysql_glance_password: opnfv_secret - mysql_grafana_password: opnfv_secret - mysql_heat_password: opnfv_secret - mysql_keystone_password: opnfv_secret - mysql_neutron_password: opnfv_secret - mysql_nova_password: opnfv_secret - mysql_aodh_password: opnfv_secret - keystone_service_token: opnfv_secret - keystone_admin_password: opnfv_secret - keystone_ceilometer_password: opnfv_secret - keystone_cinder_password: opnfv_secret - keystone_glance_password: opnfv_secret - keystone_heat_password: opnfv_secret - keystone_keystone_password: opnfv_secret - keystone_neutron_password: opnfv_secret - keystone_nova_password: opnfv_secret - ceilometer_secret_key: opnfv_secret - metadata_password: opnfv_secret horizon_version: ${_param:openstack_version} horizon_secret_key: opaesee8Que2yahJoh9fo0eefo1Aeyo6ahyei8zeiboh3aeth5loth7ieNa5xi5e horizon_identity_host: ${_param:cluster_vip_address} horizon_identity_encryption: none horizon_identity_version: 3 + horizon_public_protocol: http + horizon_public_port: 80 + apache_mods_status_enabled: false + nginx_server_site_nginx_proxy_openstack_web_enabled: true + nginx_proxy_ssl: + enabled: false + + barbican_version: ${_param:openstack_version} + barbican_service_host: ${_param:cluster_local_address} + apache_barbican_api_address: ${_param:single_address} + barbican_simple_crypto_kek: "YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY=" + barbican_integration_enabled: true + +{%- if '-sfc-' in conf.MCP_DEPLOY_SCENARIO %} + tacker_service_host: ${_param:cluster_local_address} +{%- endif %} + aodh_version: ${_param:openstack_version} - keystone_aodh_password: opnfv_secret aodh_service_host: ${_param:cluster_local_address} - gnocchi_version: 4.2 + gnocchi_version: 4.3 gnocchi_service_host: ${_param:cluster_local_address} - mysql_gnocchi_password: opnfv_secret - keystone_gnocchi_password: opnfv_secret panko_version: ${_param:openstack_version} panko_service_host: ${_param:cluster_local_address} - mysql_panko_password: opnfv_secret - keystone_panko_password: opnfv_secret ceilometer_agent_default_polling_interval: 180 ceilometer_agent_default_polling_meters: - "*" @@ -106,6 +87,23 @@ parameters: net.ipv4.tcp_congestion_control: yeah net.ipv4.tcp_slow_start_after_idle: 0 net.ipv4.tcp_fin_timeout: 30 +{%- if 'aarch64' in nm.cluster.arch %} + repo: + armband_3: # Should be in sync with the repo config generated via curtin/MaaS + source: "deb http://linux.enea.com/mcp-repos/${_param:armband_repo_version}/xenial ${_param:armband_repo_version}-armband main" + key: ${_param:armband_key} + pinning: + 15: + enabled: true + pin: 'release a=${_param:armband_repo_version}-armband' + priority: 15 + package: '*' + 1200: + enabled: true + pin: 'release a=${_param:armband_repo_version}-armband' + priority: 1200 + package: 'qemu-efi' +{%- endif %} network: host: ctl: |