diff options
Diffstat (limited to 'mcp/scripts')
| -rw-r--r-- | mcp/scripts/.gitignore | 3 | ||||
| -rw-r--r-- | mcp/scripts/globals.sh | 39 | ||||
| -rw-r--r-- | mcp/scripts/lib.sh | 125 | ||||
| -rw-r--r-- | mcp/scripts/lib_template.sh | 88 | ||||
| -rw-r--r-- | mcp/scripts/net_public.xml | 14 | ||||
| m--------- | mcp/scripts/pharos | 0 | ||||
| -rw-r--r-- | mcp/scripts/requirements_deb.yaml | 15 | ||||
| -rw-r--r-- | mcp/scripts/requirements_rpm.yaml | 17 | ||||
| -rwxr-xr-x | mcp/scripts/salt.sh | 42 | ||||
| -rwxr-xr-x | mcp/scripts/sysinfo_print.sh | 10 | ||||
| -rw-r--r-- | mcp/scripts/user-data.admin.sh.j2 | 14 | ||||
| -rw-r--r-- | mcp/scripts/user-data.mcp.sh.j2 (renamed from mcp/scripts/user-data.template) | 6 | ||||
| -rw-r--r-- | mcp/scripts/virsh_net/net_internal.xml (renamed from mcp/scripts/net_internal.xml) | 0 | ||||
| -rw-r--r-- | mcp/scripts/virsh_net/net_mcpcontrol.xml.j2 (renamed from mcp/scripts/net_mcpcontrol.xml.template) | 5 | ||||
| -rw-r--r-- | mcp/scripts/virsh_net/net_mgmt.xml.j2 (renamed from mcp/scripts/net_mgmt.xml) | 9 | ||||
| -rw-r--r-- | mcp/scripts/virsh_net/net_public.xml.j2 | 32 | ||||
| -rw-r--r-- | mcp/scripts/virsh_net/net_pxebr.xml.j2 | 26 | ||||
| -rw-r--r-- | mcp/scripts/xdf_data.sh.j2 | 71 |
18 files changed, 438 insertions, 78 deletions
diff --git a/mcp/scripts/.gitignore b/mcp/scripts/.gitignore new file mode 100644 index 000000000..a7f658e4e --- /dev/null +++ b/mcp/scripts/.gitignore @@ -0,0 +1,3 @@ +mcp.rsa* +user-data.*.sh +xdf_data.sh diff --git a/mcp/scripts/globals.sh b/mcp/scripts/globals.sh index fe8d7a3f9..54f015cf6 100644 --- a/mcp/scripts/globals.sh +++ b/mcp/scripts/globals.sh @@ -12,8 +12,45 @@ export CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x export SSH_KEY=${SSH_KEY:-"/var/lib/opnfv/mcp.rsa"} export SALT_MASTER=${INSTALLER_IP:-10.20.0.2} export SALT_MASTER_USER=${SALT_MASTER_USER:-ubuntu} + +# Derived from INSTALLER_IP +export MCPCONTROL_NET=${MCPCONTROL_NET:-${SALT_MASTER%.*}.0} +export MCPCONTROL_PREFIX=${MCPCONTROL_PREFIX:-24} export MAAS_IP=${MAAS_IP:-${SALT_MASTER%.*}.3} -# Derivated from above global vars +# Derived from above global vars, not overideable export SSH_OPTS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${SSH_KEY}" export SSH_SALT="${SALT_MASTER_USER}@${SALT_MASTER}" + +############################################################################## +# BEGIN of colored notification wrappers +# + +# same as `notify_i` + trailing '\n'; +function notify() { + local msg=${1}; shift + notify_i "${msg}\n" "$@" +} + +# Inline (no newline added) colored output notification wrapper +function notify_i() { + tput setaf "${2:-1}" || true + echo -en "${1:-"[WARN] Unsupported opt arg: $3\\n"}" + tput sgr0 +} + +# same as `notify` + extra '\n' before and after; +function notify_n() { + local msg=${1}; shift + notify_i "\n${msg}\n\n" "$@" +} + +# same as `notify` + stderr output + exit; +function notify_e() { + local msg=${1}; shift + notify_i "\n${msg}\n\n" "$@" 1>&2 + exit 1 +} +# +# END of colored notification wrapper +############################################################################## diff --git a/mcp/scripts/lib.sh b/mcp/scripts/lib.sh index d91dcc3e1..ce5db251f 100644 --- a/mcp/scripts/lib.sh +++ b/mcp/scripts/lib.sh @@ -1,7 +1,7 @@ #!/bin/bash -e -# shellcheck disable=SC2155,SC1001 +# shellcheck disable=SC2155,SC1001,SC2015,SC2128 ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -38,10 +38,11 @@ function get_base_image { function __kernel_modules { # Load mandatory kernel modules: loop, nbd local image_dir=$1 - sudo modprobe loop + test -e /dev/loop-control || sudo modprobe loop if sudo modprobe nbd max_part=8 || sudo modprobe -f nbd max_part=8; then return 0 fi + if [ -e /dev/nbd0 ]; then return 0; fi # nbd might be inbuilt # CentOS (or RHEL family in general) do not provide 'nbd' out of the box echo "[WARN] 'nbd' kernel module cannot be loaded!" if [ ! -e /etc/redhat-release ]; then @@ -120,7 +121,7 @@ function mount_image { break fi done - OPNFV_LOOP_DEV=$(losetup -f) + OPNFV_LOOP_DEV=$(sudo losetup -f) OPNFV_MAP_DEV=/dev/mapper/$(basename "${OPNFV_NBD_DEV}")p1 export OPNFV_MNT_DIR OPNFV_LOOP_DEV [ -n "${OPNFV_NBD_DEV}" ] && [ -n "${OPNFV_LOOP_DEV}" ] || exit 1 @@ -213,7 +214,7 @@ function cleanup_mounts { fi fi if [ -n "${OPNFV_LOOP_DEV}" ] && \ - losetup "${OPNFV_LOOP_DEV}" 1>&2 > /dev/null; then + sudo losetup "${OPNFV_LOOP_DEV}" 1>&2 > /dev/null; then sudo losetup -d "${OPNFV_LOOP_DEV}" fi if [ -n "${OPNFV_NBD_DEV}" ]; then @@ -225,6 +226,7 @@ function cleanup_mounts { function cleanup_uefi { # Clean up Ubuntu boot entry if cfg01, kvm nodes online from previous deploy local cmd_str="ssh ${SSH_OPTS} ${SSH_SALT}" + ping -c 1 -w 1 "${SALT_MASTER}" || return 0 [ ! "$(hostname)" = 'cfg01' ] || cmd_str='eval' ${cmd_str} "sudo salt -C 'kvm* or cmp*' cmd.run \ \"which efibootmgr > /dev/null 2>&1 && \ @@ -282,14 +284,21 @@ function prepare_vms { ln -sf "${image_dir}/${_tmp}" "${image_dir}/${image}" fi - envsubst < user-data.template > user-data.sh # CWD should be <mcp/scripts> - # Create config ISO and resize OS disk image for each foundation node VM for node in "${vnodes[@]}"; do - ./create-config-drive.sh -k "$(basename "${SSH_KEY}").pub" -u user-data.sh \ - -h "${node}" "${image_dir}/mcp_${node}.iso" + if [[ "${node}" =~ ^(cfg01|mas01) ]]; then + user_data='user-data.mcp.sh' + else + user_data='user-data.admin.sh' + fi + ./create-config-drive.sh -k "$(basename "${SSH_KEY}").pub" \ + -u "${user_data}" -h "${node}" "${image_dir}/mcp_${node}.iso" cp "${image_dir}/${image}" "${image_dir}/mcp_${node}.qcow2" qemu-img resize "${image_dir}/mcp_${node}.qcow2" 100G + # Prepare dedicated drive for cinder on cmp nodes + if [[ "${node}" =~ ^(cmp) ]]; then + qemu-img create "${image_dir}/mcp_${node}_storage.qcow2" 100G + fi done # VCP VMs base image specific changes @@ -310,19 +319,72 @@ function prepare_vms { fi } +function jumpserver_pkg_install { + if [ -n "$(command -v apt-get)" ]; then + pkg_type='deb'; pkg_cmd='sudo apt-get install -y' + else + pkg_type='rpm'; pkg_cmd='sudo yum install -y --skip-broken' + fi + eval "$(parse_yaml "./requirements_${pkg_type}.yaml")" + for section in 'common' "$(uname -i)"; do + section_var="requirements_pkg_${section}[*]" + pkg_list+=" ${!section_var}" + done + # shellcheck disable=SC2086 + ${pkg_cmd} ${pkg_list} +} + +function jumpserver_check_requirements { + # shellcheck disable=SC2178 + local vnodes=$1; shift + local br=("$@") + local err_br_not_found='Linux bridge not found!' + local err_br_virsh_net='is a virtual network, Linux bridge expected!' + local warn_br_endpoint="Endpoints might be inaccessible from external hosts!" + # MaaS requires a Linux bridge for PXE/admin + if [[ "${vnodes}" =~ mas01 ]]; then + if ! brctl showmacs "${br[0]}" >/dev/null 2>&1; then + notify_e "[ERROR] PXE/admin (${br[0]}) ${err_br_not_found}" + fi + # Assume virsh network name matches bridge name (true if created by us) + if virsh net-info "${br[0]}" >/dev/null 2>&1; then + notify_e "[ERROR] ${br[0]} ${err_br_virsh_net}" + fi + fi + # If virtual nodes are present, public should be a Linux bridge + if [ "$(echo "${vnodes}" | wc -w)" -gt 2 ]; then + if ! brctl showmacs "${br[3]}" >/dev/null 2>&1; then + if [[ "${vnodes}" =~ mas01 ]]; then + # Baremetal nodes *require* a proper public network + notify_e "[ERROR] Public (${br[3]}) ${err_br_not_found}" + else + notify_n "[WARN] Public (${br[3]}) ${err_br_not_found}" 3 + notify_n "[WARN] ${warn_br_endpoint}" 3 + fi + fi + if virsh net-info "${br[3]}" >/dev/null 2>&1; then + if [[ "${vnodes}" =~ mas01 ]]; then + notify_e "[ERROR] ${br[3]} ${err_br_virsh_net}" + else + notify_n "[WARN] ${br[3]} ${err_br_virsh_net}" 3 + notify_n "[WARN] ${warn_br_endpoint}" 3 + fi + fi + fi +} + function create_networks { local vnode_networks=("$@") # create required networks, including constant "mcpcontrol" - # FIXME(alav): since we renamed "pxe" to "mcpcontrol", we need to make sure - # we delete the old "pxe" virtual network, or it would cause IP conflicts. - for net in "pxe" "mcpcontrol" "${vnode_networks[@]}"; do + for net in "mcpcontrol" "${vnode_networks[@]}"; do if virsh net-info "${net}" >/dev/null 2>&1; then virsh net-destroy "${net}" || true virsh net-undefine "${net}" fi # in case of custom network, host should already have the bridge in place - if [ -f "net_${net}.xml" ] && [ ! -d "/sys/class/net/${net}/bridge" ]; then - virsh net-define "net_${net}.xml" + if [ -f "virsh_net/net_${net}.xml" ] && \ + [ ! -d "/sys/class/net/${net}/bridge" ]; then + virsh net-define "virsh_net/net_${net}.xml" virsh net-autostart "${net}" virsh net-start "${net}" fi @@ -334,7 +396,6 @@ function create_vms { # vnode data should be serialized with the following format: # '<name0>,<ram0>,<vcpu0>|<name1>,<ram1>,<vcpu1>[...]' IFS='|' read -r -a vnodes <<< "$1"; shift - local vnode_networks=("$@") # AArch64: prepare arch specific arguments local virt_extra_args="" @@ -348,20 +409,30 @@ function create_vms { IFS=',' read -r -a vnode_data <<< "${serialized_vnode_data}" # prepare network args - net_args=" --network network=mcpcontrol,model=virtio" - if [ "${DEPLOY_TYPE:-}" = 'baremetal' ]; then + local vnode_networks=("$@") + if [[ "${vnode_data[0]}" =~ ^(cfg01|mas01) ]]; then + net_args=" --network network=mcpcontrol,model=virtio" # 3rd interface gets connected to PXE/Admin Bridge (cfg01, mas01) vnode_networks[2]="${vnode_networks[0]}" + else + net_args=" --network bridge=${vnode_networks[0]},model=virtio" fi for net in "${vnode_networks[@]:1}"; do net_args="${net_args} --network bridge=${net},model=virtio" done + # dedicated storage drive for cinder on cmp nodes + virt_extra_storage= + if [[ "${vnode_data[0]}" =~ ^(cmp) ]]; then + virt_extra_storage="--disk path=${image_dir}/mcp_${vnode_data[0]}_storage.qcow2,format=qcow2,bus=virtio,cache=none,io=native" + fi + # shellcheck disable=SC2086 virt-install --name "${vnode_data[0]}" \ --ram "${vnode_data[1]}" --vcpus "${vnode_data[2]}" \ --cpu host-passthrough --accelerate ${net_args} \ --disk path="${image_dir}/mcp_${vnode_data[0]}.qcow2",format=qcow2,bus=virtio,cache=none,io=native \ + ${virt_extra_storage} \ --os-type linux --os-variant none \ --boot hd --vnc --console pty --autostart --noreboot \ --disk path="${image_dir}/mcp_${vnode_data[0]}.iso",device=cdrom \ @@ -443,12 +514,11 @@ function wait_for { for attempt in $(seq "${total_attempts}"); do echo "[wait_for] Attempt ${attempt}/${total_attempts%.*} for: ${cmdstr}" if [ "${total_attempts%.*}" = "${total_attempts}" ]; then - # shellcheck disable=SC2015 eval "${cmdstr}" && echo "[wait_for] OK: ${cmdstr}" && return 0 || true else - !(eval "${cmdstr}" || echo __fuel_wf_failure__) |& tee /dev/stderr | \ - grep -Eq '(Not connected|No response|__fuel_wf_failure__)' && \ - echo "[wait_for] OK: ${cmdstr}" && return 0 || true + ! (eval "${cmdstr}" || echo 'No response') |& tee /dev/stderr | \ + grep -Eq '(Not connected|No response)' && \ + echo "[wait_for] OK: ${cmdstr}" && return 0 || true fi sleep "${sleep_time}" done @@ -460,15 +530,18 @@ function wait_for { function do_sysctl_cfg { local _conf='/etc/sysctl.d/99-opnfv-fuel-bridge.conf' # https://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf - echo 'net.bridge.bridge-nf-call-arptables = 0' |& sudo tee "${_conf}" - echo 'net.bridge.bridge-nf-call-iptables = 0' |& sudo tee -a "${_conf}" - echo 'net.bridge.bridge-nf-call-ip6tables = 0' |& sudo tee -a "${_conf}" - sudo sysctl -q -p "${_conf}" + if modprobe br_netfilter bridge; then + echo 'net.bridge.bridge-nf-call-arptables = 0' |& sudo tee "${_conf}" + echo 'net.bridge.bridge-nf-call-iptables = 0' |& sudo tee -a "${_conf}" + echo 'net.bridge.bridge-nf-call-ip6tables = 0' |& sudo tee -a "${_conf}" + # Some distros / sysadmins explicitly blacklist br_netfilter + sudo sysctl -q -p "${_conf}" || true + fi } function get_nova_compute_pillar_data { local value=$(salt -C 'I@nova:compute and *01*' pillar.get _param:"${1}" --out yaml | cut -d ' ' -f2) if [ "${value}" != "''" ]; then - echo ${value} + echo "${value}" fi } diff --git a/mcp/scripts/lib_template.sh b/mcp/scripts/lib_template.sh new file mode 100644 index 000000000..0fbe628b7 --- /dev/null +++ b/mcp/scripts/lib_template.sh @@ -0,0 +1,88 @@ +#!/bin/bash -e +# shellcheck disable=SC2155,SC1001,SC2015,SC2128 +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# Library of shell functions dedicated to j2 template handling +# + +PHAROS_GEN_CFG='./pharos/config/utils/generate_config.py' +PHAROS_IA='./pharos/config/installers/fuel/pod_config.yml.j2' +PHAROS_VALIDATE_SCHEMA_SCRIPT='./pharos/config/utils/validate_schema.py' +PHAROS_SCHEMA_PDF='./pharos/config/pdf/pod1.schema.yaml' +PHAROS_SCHEMA_IDF='./pharos/config/pdf/idf-pod1.schema.yaml' + +# Handles pod_config and scenarios only +function do_templates_scenario { + local image_dir=$1; shift + local target_lab=$1; shift + local target_pod=$1; shift + local lab_config_uri=$1; shift + local scenario_dir=$1 + + BASE_CONFIG_PDF="${lab_config_uri}/labs/${target_lab}/${target_pod}.yaml" + BASE_CONFIG_IDF="${lab_config_uri}/labs/${target_lab}/idf-${target_pod}.yaml" + LOCAL_PDF="${image_dir}/$(basename "${BASE_CONFIG_PDF}")" + LOCAL_IDF="${image_dir}/$(basename "${BASE_CONFIG_IDF}")" + + # Make sample PDF/IDF available via default lab-config (pharos submodule) + ln -sf "$(readlink -f "../config/labs/local")" "./pharos/labs/" + + # Expand scenario file and main reclass input (pod_config.yaml) based on PDF + if ! curl --create-dirs -o "${LOCAL_PDF}" "${BASE_CONFIG_PDF}"; then + notify_e "[ERROR] Could not retrieve PDF (Pod Descriptor File)!" + elif ! curl -o "${LOCAL_IDF}" "${BASE_CONFIG_IDF}"; then + notify_e "[ERROR] Could not retrieve IDF (Installer Descriptor File)!" + fi + # Check first if configuration files are valid + if [[ ! "$target_pod" =~ "virtual" ]]; then + if ! "${PHAROS_VALIDATE_SCHEMA_SCRIPT}" -y "${LOCAL_PDF}" \ + -s "${PHAROS_SCHEMA_PDF}"; then + notify_e "[ERROR] PDF does not match yaml schema!" + elif ! "${PHAROS_VALIDATE_SCHEMA_SCRIPT}" -y "${LOCAL_IDF}" \ + -s "${PHAROS_SCHEMA_IDF}"; then + notify_e "[ERROR] IDF does not match yaml schema!" + fi + fi + if ! "${PHAROS_GEN_CFG}" -y "${LOCAL_PDF}" \ + -j "${PHAROS_IA}" -v > "${image_dir}/pod_config.yml"; then + notify_e "[ERROR] Could not convert PDF+IDF to reclass model input!" + fi + printenv | \ + awk '/^(SALT|MCP|MAAS).*=/ { gsub(/=/,": "); print }' >> "${LOCAL_PDF}" + j2args=$(find "${scenario_dir}" -name '*.j2' -exec echo -j {} \;) + # shellcheck disable=SC2086 + if ! "${PHAROS_GEN_CFG}" -y "${LOCAL_PDF}" ${j2args} -b -v \ + -i "$(dirname "$(readlink -f "${PHAROS_IA}")")"; then + notify_e '[ERROR] Could not convert j2 scenario definitions!' + fi +} + +# Expand reclass and virsh network templates based on PDF + IDF + others +function do_templates_cluster { + local image_dir=$1; shift + local target_lab=$1; shift + local target_pod=$1; shift + local git_repo_root=$1; shift + local extra_yaml=("$@") + + RECLASS_CLUSTER_DIR=$(cd "${git_repo_root}/mcp/reclass/classes/cluster"; pwd) + LOCAL_PDF="${image_dir}/${target_pod}.yaml" + + for _yaml in "${extra_yaml[@]}"; do + awk '/^---$/{f=1;next;}f' "${_yaml}" >> "${LOCAL_PDF}" + done + # shellcheck disable=SC2046 + j2args=$(find "${RECLASS_CLUSTER_DIR}" "$(readlink -f virsh_net)" $(readlink -f ./*j2) \ + -name '*.j2' -exec echo -j {} \;) + # shellcheck disable=SC2086 + if ! "${PHAROS_GEN_CFG}" -y "${LOCAL_PDF}" ${j2args} -b -v \ + -i "$(dirname "$(readlink -f "${PHAROS_IA}")")"; then + notify_e '[ERROR] Could not convert PDF to network definitions!' + fi +} diff --git a/mcp/scripts/net_public.xml b/mcp/scripts/net_public.xml deleted file mode 100644 index d6df4aa30..000000000 --- a/mcp/scripts/net_public.xml +++ /dev/null @@ -1,14 +0,0 @@ -<!-- - Copyright (c) 2017 Mirantis Inc., Enea AB and others. - - All rights reserved. This program and the accompanying materials - are made available under the terms of the Apache License, Version 2.0 - which accompanies this distribution, and is available at - http://www.apache.org/licenses/LICENSE-2.0 ---> -<network> - <name>public</name> - <bridge name="public"/> - <forward mode="nat"/> - <ip address="10.16.0.1" netmask="255.255.255.0" /> -</network> diff --git a/mcp/scripts/pharos b/mcp/scripts/pharos -Subproject 77b600ef0d64210c1b5fd72581cfe7752fa00c8 +Subproject 68dc60c1aa7199279995c1fee59ad151b5012af diff --git a/mcp/scripts/requirements_deb.yaml b/mcp/scripts/requirements_deb.yaml index 9a6ec8273..04ddcf631 100644 --- a/mcp/scripts/requirements_deb.yaml +++ b/mcp/scripts/requirements_deb.yaml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -23,15 +23,14 @@ requirements_pkg: - rsync - uuid-runtime - virtinst + # python is indirectly required for PDF parsing + - python + - python-ipaddress + - python-jinja2 + - python-yaml + - python-jsonschema # Optional, arch-specific requirements, matched by key name = $(uname -m) aarch64: # AArch64 VMs use AAVMF (guest UEFI) - ipxe-qemu - qemu-efi - # Optional, deploy-type-specific requirements - baremetal: - # For baremetal, python is indirectly required for PDF parsing - - python - - python-ipaddress - - python-jinja2 - - python-yaml diff --git a/mcp/scripts/requirements_rpm.yaml b/mcp/scripts/requirements_rpm.yaml index ebd7e85dc..3df4d0a80 100644 --- a/mcp/scripts/requirements_rpm.yaml +++ b/mcp/scripts/requirements_rpm.yaml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -16,6 +16,8 @@ requirements_pkg: - elfutils-libelf-devel - e2fsprogs - genisoimage + - gcc + - gdisk - git - kpartx - libvirt @@ -27,14 +29,13 @@ requirements_pkg: - util-linux - virt-install - wget - # Optional, arch-specific requirements, matched by key name = $(uname -m) - aarch64: - # AArch64 VMs use AAVMF (guest UEFI) - - AAVMF - # Optional, deploy-type-specific requirements - baremetal: - # For baremetal, python is indirectly required for PDF parsing + # For python is indirectly required for PDF parsing - python - python-ipaddress - python-jinja2 - python-yaml + - python-jsonschema + # Optional, arch-specific requirements, matched by key name = $(uname -m) + aarch64: + # AArch64 VMs use AAVMF (guest UEFI) + - AAVMF diff --git a/mcp/scripts/salt.sh b/mcp/scripts/salt.sh index 03218e27f..aecfecea4 100755 --- a/mcp/scripts/salt.sh +++ b/mcp/scripts/salt.sh @@ -16,15 +16,15 @@ F_GIT_DIR=$(cd "${F_GIT_ROOT}/mcp" && git rev-parse --git-dir) F_GIT_SUBD=${F_GIT_ROOT#${F_GIT_DIR%%/.git*}} OPNFV_TMP_DIR="/home/${SALT_MASTER_USER}/opnfv" OPNFV_GIT_DIR="/root/opnfv" -OPNFV_FUEL_DIR="/root/fuel" +OPNFV_FUEL_DIR="/root/fuel" # Should be in sync with patch.sh, scripts patches OPNFV_RDIR="reclass/classes/cluster/all-mcp-arch-common" OPNFV_VCP_IMG="mcp/scripts/base_image_opnfv_fuel_vcp.img" OPNFV_VCP_DIR="/srv/salt/env/prd/salt/files/control/images" LOCAL_GIT_DIR="${F_GIT_ROOT%${F_GIT_SUBD}}" -LOCAL_PDF_RECLASS=$1 -NODE_MASK='*' - -[[ "${CLUSTER_DOMAIN}" =~ virtual ]] || NODE_MASK='mas01*' +LOCAL_PDF_RECLASS=$1; shift +# shellcheck disable=SC2116,SC2086 +LOCAL_VIRT_NODES=$(echo ${*//cfg01/}) # unquoted to filter space +NODE_MASK="${LOCAL_VIRT_NODES// /|}" # push to cfg01 current git repo first (including submodules), at ~ubuntu/opnfv # later we move it to ~root/opnfv (and ln as ~root/fuel); delete the temp clone @@ -63,18 +63,25 @@ ssh ${SSH_OPTS} "${SSH_SALT}" bash -s -e << SALT_INSTALL_END ln -sf ${OPNFV_GIT_DIR}${F_GIT_SUBD} ${OPNFV_FUEL_DIR} ln -sf ${OPNFV_FUEL_DIR}/mcp/reclass /srv/salt ln -sf ${OPNFV_FUEL_DIR}/mcp/deploy/scripts /srv/salt + ln -sf ${OPNFV_FUEL_DIR}/mcp/scripts/mcp.rsa $(dirname "${OPNFV_FUEL_DIR}") cd /srv/salt/${OPNFV_RDIR} && rm -f arch && ln -sf "\$(uname -i)" arch cp -r ${OPNFV_FUEL_DIR}/mcp/metadata/service /usr/share/salt-formulas/reclass cd /srv/salt/reclass/classes/service && \ ln -sf /usr/share/salt-formulas/reclass/service/opendaylight + # Armband APT-MK nightly/extra repo for forked & extended reclass + wget -qO - https://linux.enea.com/apt-mk/public.gpg | apt-key add - + echo 'deb http://linux.enea.com/apt-mk/xenial nightly extra' > \ + '/etc/apt/sources.list.d/armband_mcp_extra.list' + apt-get update + cd /srv/salt/scripts export DEBIAN_FRONTEND=noninteractive echo 'Dpkg::Use-Pty "0";' > /etc/apt/apt.conf.d/90silence-dpkg OLD_DOMAIN=\$(grep -sPzo "id: cfg01\.\K(\S*)" /etc/salt/minion.d/minion.conf) || true BOOTSTRAP_SALTSTACK_OPTS=" -r -dX stable 2016.11 " \ - MASTER_HOSTNAME=cfg01.${CLUSTER_DOMAIN} DISTRIB_REVISION=stable \ + MASTER_HOSTNAME=cfg01.${CLUSTER_DOMAIN} DISTRIB_REVISION=nightly \ EXTRA_FORMULAS="nfs" \ ./salt-master-init.sh salt-key -Ay @@ -96,21 +103,26 @@ ssh ${SSH_OPTS} "${SSH_SALT}" bash -s -e << SALT_INSTALL_END fi # Init specific to VMs on FN (all for virtual, cfg|mas for baremetal) - salt -C "${NODE_MASK} or cfg01*" saltutil.sync_all - wait_for 3.0 'salt -C "${NODE_MASK} or cfg01*" state.apply salt' wait_for 3.0 'salt -C "cfg01*" state.apply linux' + if [[ "${LOCAL_VIRT_NODES}" =~ mas ]]; then + wait_for 3.0 'salt -C "mas*" test.ping' + else + wait_for 3.0 '(for n in ${LOCAL_VIRT_NODES}; do salt -C \${n}.* test.ping || exit; done)' + fi + wait_for 3.0 'salt -C "E@^(${NODE_MASK}|cfg01).*" saltutil.sync_all' + wait_for 3.0 'salt -C "E@^(${NODE_MASK}|cfg01).*" state.apply salt' - salt -C "${NODE_MASK} and not cfg01*" state.sls linux || true - salt -C "${NODE_MASK} and not cfg01*" pkg.upgrade refresh=False + wait_for 3.0 'salt -C "E@^(${NODE_MASK}).*" state.sls linux.system,linux.storage' + wait_for 2.0 'salt -C "E@^(${NODE_MASK}).*" state.sls linux.network' || true + salt -C "E@^(${NODE_MASK}).*" state.sls opnfv.route_wrapper + salt -C "E@^(${NODE_MASK}).*" system.reboot + wait_for 90.0 'salt -C "E@^(${NODE_MASK}).*" test.ping' + wait_for 3.0 'salt -C "E@^(${NODE_MASK}).*" pkg.upgrade refresh=False dist_upgrade=True' - salt -C "${NODE_MASK} or cfg01*" state.sls ntp + wait_for 3.0 'salt -C "E@^(${NODE_MASK}|cfg01).*" state.sls ntp' if [ -f "${OPNFV_FUEL_DIR}/${OPNFV_VCP_IMG}" ]; then mkdir -p "${OPNFV_VCP_DIR}" mv "${OPNFV_FUEL_DIR}/${OPNFV_VCP_IMG}" "${OPNFV_VCP_DIR}/" fi - - # symlink manually until package with required commit is available - cd /usr/share/salt-formulas/env/aodh/files - ln -sf ocata pike SALT_INSTALL_END diff --git a/mcp/scripts/sysinfo_print.sh b/mcp/scripts/sysinfo_print.sh index bff36aff4..49ed8247c 100755 --- a/mcp/scripts/sysinfo_print.sh +++ b/mcp/scripts/sysinfo_print.sh @@ -10,9 +10,19 @@ # Collect jump server system information for deploy debugging # +# HW info +cat /proc/cpuinfo +free -mh +df -h + # Network info brctl show +ip a +route -n # Distro & pkg info cat /etc/*-release uname -a + +# Misc info +sudo losetup -a diff --git a/mcp/scripts/user-data.admin.sh.j2 b/mcp/scripts/user-data.admin.sh.j2 new file mode 100644 index 000000000..d9b86c79c --- /dev/null +++ b/mcp/scripts/user-data.admin.sh.j2 @@ -0,0 +1,14 @@ +#!/bin/bash +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +rm /etc/salt/minion_id +rm -f /etc/salt/pki/minion/minion_master.pub +echo "id: $(hostname).{{ conf.cluster.domain }}" > /etc/salt/minion +{#- should be in sync with 'opnfv_infra_config_pxe_address' in 'pharos/config/installers/fuel/pod_config.yml.j2 #} +echo "master: {{ conf.idf.net_config.admin.network | ipaddr_index(2) }}" >> /etc/salt/minion +service salt-minion restart diff --git a/mcp/scripts/user-data.template b/mcp/scripts/user-data.mcp.sh.j2 index 189310be4..bd80961e6 100644 --- a/mcp/scripts/user-data.template +++ b/mcp/scripts/user-data.mcp.sh.j2 @@ -1,6 +1,6 @@ #!/bin/bash ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,6 +8,6 @@ ############################################################################## rm /etc/salt/minion_id rm -f /etc/salt/pki/minion/minion_master.pub -echo "id: $(hostname).${CLUSTER_DOMAIN}" > /etc/salt/minion -echo "master: ${SALT_MASTER}" >> /etc/salt/minion +echo "id: $(hostname).{{ conf.cluster.domain }}" > /etc/salt/minion +echo "master: {{ conf.SALT_MASTER }}" >> /etc/salt/minion service salt-minion restart diff --git a/mcp/scripts/net_internal.xml b/mcp/scripts/virsh_net/net_internal.xml index 8cf875e7c..8cf875e7c 100644 --- a/mcp/scripts/net_internal.xml +++ b/mcp/scripts/virsh_net/net_internal.xml diff --git a/mcp/scripts/net_mcpcontrol.xml.template b/mcp/scripts/virsh_net/net_mcpcontrol.xml.j2 index e0034fd16..95424db4e 100644 --- a/mcp/scripts/net_mcpcontrol.xml.template +++ b/mcp/scripts/virsh_net/net_mcpcontrol.xml.j2 @@ -6,13 +6,14 @@ which accompanies this distribution, and is available at http://www.apache.org/licenses/LICENSE-2.0 --> +{#- conf.MCPCONTROL_NET & co are mandatory, defaults are set via globals.sh #} <network> <name>mcpcontrol</name> <bridge name="mcpcontrol"/> <forward mode="nat"/> - <ip address="${SALT_MASTER%.*}.1" netmask="255.255.255.0"> + <ip address="{{ conf.MCPCONTROL_NET | ipaddr_index(1) }}" netmask="{{ conf.MCPCONTROL_PREFIX | netmask }}"> <dhcp> - <range start="${SALT_MASTER%.*}.2" end="${SALT_MASTER%.*}.254"/> + <range start="{{ conf.MCPCONTROL_NET | ipaddr_index(2) }}" end="{{ conf.MCPCONTROL_NET | ipaddr_index(254) }}"/> </dhcp> </ip> </network> diff --git a/mcp/scripts/net_mgmt.xml b/mcp/scripts/virsh_net/net_mgmt.xml.j2 index 4fbec712a..a558293fa 100644 --- a/mcp/scripts/net_mgmt.xml +++ b/mcp/scripts/virsh_net/net_mgmt.xml.j2 @@ -6,8 +6,15 @@ which accompanies this distribution, and is available at http://www.apache.org/licenses/LICENSE-2.0 --> +{%- if conf.idf.net_config.mgmt is defined %} + {%- set mgmt_network = conf.idf.net_config.mgmt.network %} + {%- set mgmt_prefix = conf.idf.net_config.mgmt.mask %} +{%- else %} + {%- set mgmt_network = '172.16.10.0' %} + {%- set mgmt_prefix = '24' %} +{%- endif %} <network> <name>mgmt</name> <bridge name="mgmt"/> - <ip address="172.16.10.1" netmask="255.255.255.0"/> + <ip address="{{ mgmt_network | ipaddr_index(1) }}" netmask="{{ mgmt_prefix | netmask }}"/> </network> diff --git a/mcp/scripts/virsh_net/net_public.xml.j2 b/mcp/scripts/virsh_net/net_public.xml.j2 new file mode 100644 index 000000000..737b638b3 --- /dev/null +++ b/mcp/scripts/virsh_net/net_public.xml.j2 @@ -0,0 +1,32 @@ +<!-- + Copyright (c) 2018 Mirantis Inc., Enea AB and others. + + All rights reserved. This program and the accompanying materials + are made available under the terms of the Apache License, Version 2.0 + which accompanies this distribution, and is available at + http://www.apache.org/licenses/LICENSE-2.0 +--> +{%- set cluster = {'has_virtual_nodes': False} %} +{%- for node in conf.nodes %} + {%- if not cluster.has_virtual_nodes and node.node.type == 'virtual' %} + {%- do cluster.update({'has_virtual_nodes': True}) %} + {%- endif %} +{%- endfor %} +{%- if conf.idf.net_config.public is defined %} + {%- set public_network = conf.idf.net_config.public.network %} + {%- set public_prefix = conf.idf.net_config.public.mask %} +{%- else %} + {%- set public_network = '10.16.0.0' %} + {%- set public_prefix = '24' %} +{%- endif %} +<network> + <name>public</name> + <bridge name="public"/> +{%- if cluster.has_virtual_nodes %} +{#- Ideally, jumpserver would have a real Linux bridge we will hook to. + In case it doesn't, we use this virsh network as a *mock* public. + The *mock* public should NOT overlap with the real public in any way. #} + <forward mode="nat"/> + <ip address="{{ public_network | ipaddr_index(1) }}" netmask="{{ public_prefix | netmask }}"/> +{%- endif %} +</network> diff --git a/mcp/scripts/virsh_net/net_pxebr.xml.j2 b/mcp/scripts/virsh_net/net_pxebr.xml.j2 new file mode 100644 index 000000000..f82780cf7 --- /dev/null +++ b/mcp/scripts/virsh_net/net_pxebr.xml.j2 @@ -0,0 +1,26 @@ +<!-- + Copyright (c) 2018 Mirantis Inc., Enea AB and others. + + All rights reserved. This program and the accompanying materials + are made available under the terms of the Apache License, Version 2.0 + which accompanies this distribution, and is available at + http://www.apache.org/licenses/LICENSE-2.0 +--> +{%- if conf.idf.net_config.admin is defined %} + {%- set pxebr_network = conf.idf.net_config.admin.network %} + {%- set pxebr_prefix = conf.idf.net_config.admin.mask %} +{%- else %} + {%- set pxebr_network = '192.168.11.0' %} + {%- set pxebr_prefix = '24' %} +{%- endif %} +<network> + <name>pxebr</name> + <forward mode="nat"/> + <bridge name="pxebr"/> + <ip address="{{ pxebr_network | ipaddr_index(1) }}" netmask="{{ pxebr_prefix | netmask }}"> + <!-- NOTE: .254 is harcoded for now (for /24 prefix), should be computed instead. --> + <dhcp> + <range start="{{ pxebr_network | ipaddr_index(4) }}" end="{{ pxebr_network | ipaddr_index(254) }}"/> + </dhcp> + </ip> +</network> diff --git a/mcp/scripts/xdf_data.sh.j2 b/mcp/scripts/xdf_data.sh.j2 new file mode 100644 index 000000000..8c9d5d969 --- /dev/null +++ b/mcp/scripts/xdf_data.sh.j2 @@ -0,0 +1,71 @@ +#!/bin/bash -e +# shellcheck disable=SC2034 +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# Data derived from XDF (PDF/IDF/SDF/etc), used as input in deploy.sh +# + +{%- set arch = conf[conf.MCP_JUMP_ARCH] -%} + +{%- macro bash_arr(_l) -%} + ({%- for n in _l -%}'{{ n }}' {% endfor -%}) +{%- endmacro -%} + +{#- Pack list as `sep`-separated string, replacing spaces with '|' -#} +{%- macro pack(x = [], sep = ',') -%} + {{ x | join(sep) | replace(' ', '|') }} +{%- endmacro -%} + +{#- Pack all vnode data as string -#} +{%- macro serialize_vnodes() -%} + {%- set V = conf.virtual -%} + {%- set arr = [] -%} + {%- for n in V.nodes -%} + {%- if n not in V -%}{%- do V.update({n: {}}) -%}{%- endif -%} + {%- do arr.append(pack([n, V[n].ram or arch.default.ram, + V[n].vcpus or arch.default.vcpus])) -%} + {%- endfor -%} + '{{ pack(arr, '|') }}' +{%- endmacro -%} + +{#- Pack apt_pkg data as string -#} +{%- macro serialize_apt_pkg() -%} + {%- set arr = [] -%} + {%- set sections = [arch.common] -%} + {%- if conf.MCP_VCP -%} + {%- do sections.append(arch.control) -%} + {%- endif -%} + {%- for c in sections -%} + {%- do arr.append(pack([pack(c.apt['keys']), pack(c.apt.repos), + pack(c.pkg.install), pack(c.pkg.remove)], '^')) -%} + {%- endfor -%} + '{{ pack(arr, '^') }}' +{%- endmacro -%} + +{%- set bridges = conf.idf.fuel.jumphost.bridges %} +# Determine bridge names based on IDF, where all bridges are now mandatory +OPNFV_BRIDGES=( + '{{ bridges.admin or "pxebr" }}' + '{{ bridges.mgmt or "mgmt" }}' + '{{ bridges.private or "internal" }}' + '{{ bridges.public or "public" }}' +) + +export CLUSTER_DOMAIN={{ conf.cluster.domain }} +cluster_states={{ bash_arr(conf.cluster.states) }} +virtual_nodes={{ bash_arr(conf.virtual.nodes) }} +base_image={{ arch.base_image }} + +# Serialize vnode data as '<name0>,<ram0>,<vcpu0>|<name1>,<ram1>,<vcpu1>[...]' +virtual_nodes_data={{ serialize_vnodes() }} + +# Serialize repos, packages to (pre-)install/remove for: +# - foundation node VM base image (virtual: all VMs, baremetal: cfg01|mas01) +# - virtualized control plane VM base image (only when VCP is used) +virtual_repos_pkgs={{ serialize_apt_pkg() }} |