diff options
Diffstat (limited to 'mcp')
402 files changed, 10981 insertions, 5175 deletions
diff --git a/mcp/config/labs/local/idf-pod1.yaml b/mcp/config/labs/local/idf-pod1.yaml deleted file mode 100644 index 4ee359f88..000000000 --- a/mcp/config/labs/local/idf-pod1.yaml +++ /dev/null @@ -1,42 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -### LF POD 2 installer descriptor file ### - -idf: - version: 0.1 - fuel: - jumphost: - bridges: - admin: 'pxebr' - mgmt: 'br-ctl' - private: '' - public: '' - network: - node: - # Ordered-list, index should be in sync with node index in PDF - - interfaces: &interfaces - # Ordered-list, index should be in sync with interface index in PDF - - 'enp6s0' - - 'enp7s0' - - 'enp8s0' - - 'enp9s0' - busaddr: &busaddr - # Bus-info reported by `ethtool -i ethX` - - '0000:06:00.0' - - '0000:07:00.0' - - '0000:08:00.0' - - '0000:09:00.0' - - interfaces: *interfaces - busaddr: *busaddr - - interfaces: *interfaces - busaddr: *busaddr - - interfaces: *interfaces - busaddr: *busaddr - - interfaces: *interfaces - busaddr: *busaddr diff --git a/mcp/config/labs/local/pod1.yaml b/mcp/config/labs/local/pod1.yaml deleted file mode 100644 index cf60dcf72..000000000 --- a/mcp/config/labs/local/pod1.yaml +++ /dev/null @@ -1,233 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -### LF POD 2 descriptor file ### - -details: - pod_owner: Trevor Bramwell - contact: tbramwell@linuxfoundation.org - lab: LF Pharos Lab - location: Portland - type: production - link: https://wiki.opnfv.org/display/pharos/LF+POD+2 -############################################################################## -net_config: - # NOTE: Network names are likely to change after the PDF spec is updated - oob: - interface: 0 - ip-range: 172.30.8.65-172.30.8.75 - vlan: 410 - admin: - interface: 0 - vlan: native - network: 192.168.11.0 # Untagged, 'PXE/Admin' on wiki, different IP - mask: 24 - mgmt: - interface: 0 - vlan: 300 - network: 10.167.4.0 # Tagged, 'vlan 300' on wiki - mask: 24 - storage: - interface: 3 - vlan: 301 - network: 10.2.0.0 # Tagged, not the same with 'storage' on wiki - mask: 24 - private: - interface: 1 - vlan: 1000 - network: 10.1.0.0 # Tagged, not the same with 'private' on wiki - mask: 24 - public: - interface: 2 - vlan: native - network: 172.30.10.0 # Untagged, 'public' on wiki - mask: 24 - gateway: 172.30.10.1 - dns: - - 8.8.8.8 - - 8.8.4.4 -############################################################################## -jumphost: - name: pod2-jump - node: - type: baremetal - vendor: Cisco Systems Inc - model: UCSB-B200-M4 - arch: x86_64 - cpus: 2 - cpu_cflags: haswell - cores: 8 - memory: 128G - disks: &disks - - name: 'disk1' - disk_capacity: 2400G - disk_type: hdd - disk_interface: sas - disk_rotation: - os: centos-7 - remote_params: &remote_params - type: ipmi - versions: - - 2.0 - user: admin - pass: octopus - remote_management: - <<: *remote_params - address: 172.30.8.83 - mac_address: "a8:9d:21:c9:c4:9e" - interfaces: - - mac_address: "00:25:b5:a0:00:1a" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:1b" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:1c" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:1d" - speed: 40gb - features: 'dpdk|sriov' - fixed_ips: - admin: 192.168.11.1 - mgmt: 10.167.4.1 - public: 172.30.10.72 -############################################################################## -nodes: - - name: pod2-node1 - node: &nodeparams - type: baremetal - vendor: Cisco Systems Inc - model: UCSB-B200-M4 - arch: x86_64 - cpus: 2 - cpu_cflags: haswell - cores: 8 - memory: 32G - disks: *disks - remote_management: - <<: *remote_params - address: 172.30.8.75 - mac_address: "a8:9d:21:c9:8b:56" - interfaces: - - mac_address: "00:25:b5:a0:00:2a" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:2b" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:2c" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:2d" - speed: 40gb - features: 'dpdk|sriov' - fixed_ips: - admin: 192.168.11.2 - mgmt: 10.167.4.2 - public: 172.30.10.2 - ############################################################################ - - name: pod2-node2 - node: *nodeparams - disks: *disks - remote_management: - <<: *remote_params - address: 172.30.8.65 - mac_address: "a8:9d:21:c9:4d:26" - interfaces: - - mac_address: "00:25:b5:a0:00:3a" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:3b" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:3c" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:3d" - speed: 40gb - features: 'dpdk|sriov' - fixed_ips: - admin: 192.168.11.3 - mgmt: 10.167.4.3 - public: 172.30.10.3 - ############################################################################ - - name: pod2-node3 - node: *nodeparams - disks: *disks - remote_management: - <<: *remote_params - address: 172.30.8.74 - mac_address: "a8:9d:21:c9:3a:92" - interfaces: - - mac_address: "00:25:b5:a0:00:4a" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:4b" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:4c" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:4d" - speed: 40gb - features: 'dpdk|sriov' - fixed_ips: - admin: 192.168.11.4 - mgmt: 10.167.4.4 - public: 172.30.10.4 - ############################################################################ - - name: pod2-node4 - node: *nodeparams - disks: *disks - remote_management: - <<: *remote_params - address: 172.30.8.73 - mac_address: "74:a2:e6:a4:14:9c" - interfaces: - - mac_address: "00:25:b5:a0:00:5a" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:5b" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:5c" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:5d" - speed: 40gb - features: 'dpdk|sriov' - fixed_ips: - admin: 192.168.11.5 - mgmt: 10.167.4.5 - public: 172.30.10.5 - ############################################################################ - - name: pod2-node5 - node: *nodeparams - disks: *disks - remote_management: - <<: *remote_params - address: 172.30.8.72 - mac_address: "a8:9d:21:a0:15:9c" - interfaces: - - mac_address: "00:25:b5:a0:00:6a" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:6b" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:6c" - speed: 40gb - features: 'dpdk|sriov' - - mac_address: "00:25:b5:a0:00:6d" - speed: 40gb - features: 'dpdk|sriov' - fixed_ips: - admin: 192.168.11.6 - mgmt: 10.167.4.6 - public: 172.30.10.6 diff --git a/mcp/config/scenario/.gitignore b/mcp/config/scenario/.gitignore new file mode 100644 index 000000000..0e5ba3d09 --- /dev/null +++ b/mcp/config/scenario/.gitignore @@ -0,0 +1,2 @@ +defaults.yaml +os-nosdn-nofeature-noha.yaml diff --git a/mcp/config/scenario/README.rst b/mcp/config/scenario/README.rst index 389877ac4..0a5391637 100644 --- a/mcp/config/scenario/README.rst +++ b/mcp/config/scenario/README.rst @@ -1,22 +1,25 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. SPDX-License-Identifier: CC-BY-4.0 -.. (c) 2017 Mirantis Inc., Enea AB and others. +.. (c) 2018 Mirantis Inc., Enea AB and others. -Fuel@OPNFV Scenario Configuration +OPNFV Fuel Scenario Configuration ================================= -Abstract: ---------- +Abstract +-------- + This directory contains configuration files for different OPNFV deployment -feature scenarios used by Fuel@OPNFV, e.g.: +feature scenarios used by OPNFV Fuel, e.g.: - High availability configuration; - Type of SDN controller to be deployed; - OPNFV collaboration project features to be deployed; - Provisioning of any other sevices; -- POD configuration (baremetal, virtual); +- POD configuration (``baremetal``, ``virtual``); + +NOTES +----- -NOTES: ------- This directory is highly likely to change and/or be replaced/complemented -by the new PDF (Pod Descriptor File) info in securedlab OPNFV git repo. +by the new ``SDF`` (Scenario Descriptor File) info in Pharos OPNFV git repo +in upcoming OPNFV releases. diff --git a/mcp/config/scenario/defaults-aarch64.yaml b/mcp/config/scenario/defaults-aarch64.yaml deleted file mode 100644 index 1efa12ae4..000000000 --- a/mcp/config/scenario/defaults-aarch64.yaml +++ /dev/null @@ -1,30 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc. and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -base_image: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-arm64-uefi1.img -virtual: - default: - vcpus: 6 - ram: 4096 - common: - apt: - keys: - - https://linux.enea.com/mcp-repos/pike/xenial/archive-mcppike.key - repos: - # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> - - saltstack 500 deb [arch=arm64] http://linux.enea.com/saltstack/apt/ubuntu/16.04/arm64/2016.11 xenial main - - armband 1100 deb [arch=arm64] http://linux.enea.com/mcp-repos/pike/xenial pike-armband main - pkg: - install: - - linux-image-generic-hwe-16.04-edge - - linux-headers-generic-hwe-16.04-edge - - salt-minion - control: - pkg: - install: - - cloud-init diff --git a/mcp/config/scenario/defaults-x86_64.yaml b/mcp/config/scenario/defaults-x86_64.yaml deleted file mode 100644 index 4db3aad61..000000000 --- a/mcp/config/scenario/defaults-x86_64.yaml +++ /dev/null @@ -1,29 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -base_image: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img -virtual: - default: - vcpus: 2 - ram: 4096 - common: - apt: - keys: - - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.11/SALTSTACK-GPG-KEY.pub - repos: - # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> - - saltstack 500 deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.11 xenial main - pkg: - install: - - linux-image-generic-hwe-16.04-edge - - linux-headers-generic-hwe-16.04-edge - - salt-minion - control: - pkg: - install: - - cloud-init diff --git a/mcp/config/scenario/defaults.yaml.j2 b/mcp/config/scenario/defaults.yaml.j2 new file mode 100644 index 000000000..48082a1dc --- /dev/null +++ b/mcp/config/scenario/defaults.yaml.j2 @@ -0,0 +1,158 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +x86_64: + default: + disks: 100G # ';'-separated list of disk drives to create + vcpus: 4 + ram: 8192 + cluster: &arch_default_cluster_states + states: + - virtual_init +{%- if nm.cluster.has_baremetal_nodes %} + - maas + - baremetal_init +{%- if conf.MCP_VCP %} + - virtual_control_plane +{%- endif %} +{%- endif %} + ubuntu1804: + base_image: https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img + common: + repo: + keys: + - https://archive.repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> + - saltstack 500 deb [arch=amd64] http://archive.repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7 bionic main + pkg: + install: + {%- if '-iec-' not in conf.MCP_DEPLOY_SCENARIO and conf.MCP_KERNEL_VER %} + - linux-image-{{ conf.MCP_KERNEL_VER }}-generic + - linux-headers-{{ conf.MCP_KERNEL_VER }}-generic + {%- endif %} + - salt-minion + - ifupdown + - cloud-init + - dnsmasq + control: + repo: ~ + pkg: + install: + - cloud-init + ubuntu1604: + base_image: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img + common: + repo: + keys: + - https://archive.repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> + - saltstack 500 deb [arch=amd64] http://archive.repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7 xenial main + pkg: + install: + - linux-generic-hwe-16.04 + - salt-minion + control: + repo: ~ + pkg: + install: + - cloud-init + centos7: + base_image: https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 + common: + repo: + keys: + - https://archive.repo.saltstack.com/yum/redhat/$releasever/x86_64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> rpm <repo url> + - saltstack 0 rpm https://archive.repo.saltstack.com/yum/redhat/$releasever/x86_64/2017.7 + pkg: + install: + - salt-minion + - epel-release + - git + control: + repo: ~ + pkg: + install: + - cloud-init +aarch64: + default: + disks: 100G # ';'-separated list of disk drives to create + vcpus: 6 + ram: 4096 + cluster: *arch_default_cluster_states + ubuntu1804: + base_image: https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-arm64.img + common: + repo: + keys: + - https://archive.repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> + - saltstack 500 deb [arch=amd64] http://archive.repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7 bionic main + pkg: + install: + {%- if '-iec-' not in conf.MCP_DEPLOY_SCENARIO and conf.MCP_KERNEL_VER %} + - linux-image-{{ conf.MCP_KERNEL_VER }}-generic + - linux-headers-{{ conf.MCP_KERNEL_VER }}-generic + {%- endif %} + - salt-minion + - ifupdown + - cloud-init + - dnsmasq + control: + repo: ~ + pkg: + install: + - cloud-init + ubuntu1604: + base_image: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-arm64-uefi1.img + common: + repo: + keys: + - https://linux.enea.com/mcp-repos/rocky/xenial/archive-mcprocky.key + - https://archive.repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> deb [arch=<arch>] <repo url> <repo dist> <repo comp> + - saltstack 500 deb [arch=amd64] http://archive.repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7 xenial main + - armband_3 1201 deb [arch=arm64] http://linux.enea.com/mcp-repos/rocky/xenial rocky-armband main + pkg: + install: + {%- if '-iec-' in conf.MCP_DEPLOY_SCENARIO %} + - linux-generic-hwe-16.04 + {%- endif %} + - python-futures + - salt-minion + control: + repo: ~ + pkg: + install: + - cloud-init + centos7: + base_image: https://cloud.centos.org/altarch/7/images/CentOS-7-aarch64-GenericCloud.qcow2.xz + common: + repo: + keys: + - https://archive.repo.saltstack.com/yum/redhat/$releasever/x86_64/2017.7/SALTSTACK-GPG-KEY.pub + repos: + # <repo name> <repo prio> rpm <repo url> + - openstack-rocky 0 rpm http://mirror.centos.org/altarch/$releasever/cloud/aarch64/openstack-rocky + - saltstack 0 rpm https://archive.repo.saltstack.com/yum/redhat/$releasever/x86_64/2017.7 + pkg: + install: + - salt-minion + - epel-release + - git + control: + repo: ~ + pkg: + install: + - cloud-init diff --git a/mcp/config/scenario/baremetal/os-nosdn-ovs-ha.yaml b/mcp/config/scenario/k8-calico-iec-noha.yaml index b475387bd..93f007ba9 100644 --- a/mcp/config/scenario/baremetal/os-nosdn-ovs-ha.yaml +++ b/mcp/config/scenario/k8-calico-iec-noha.yaml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,21 +7,21 @@ ############################################################################## --- cluster: - domain: baremetal-mcp-pike-ovs-dpdk-ha.local + domain: mcp-iec-noha.local states: - - maas - - baremetal_init - - virtual_control_plane - - dpdk - - openstack_ha - - networks + - akraino_iec virtual: nodes: - - cfg01 - - mas01 - cfg01: - vcpus: 4 - ram: 6144 - mas01: - vcpus: 4 - ram: 6144 + control: + - iec01 + - iec02 + - iec03 + iec01: + vcpus: 8 + ram: 10240 + iec02: + vcpus: 8 + ram: 10240 + iec03: + vcpus: 8 + ram: 10240 diff --git a/mcp/config/scenario/baremetal/os-nosdn-nofeature-ha.yaml b/mcp/config/scenario/k8-calico-iec-vcp-noha.yaml index b721db431..dc0c00bf6 100644 --- a/mcp/config/scenario/baremetal/os-nosdn-nofeature-ha.yaml +++ b/mcp/config/scenario/k8-calico-iec-vcp-noha.yaml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,20 +7,22 @@ ############################################################################## --- cluster: - domain: baremetal-mcp-pike-ovs-ha.local + domain: mcp-iec-noha.local states: - - maas - - baremetal_init - virtual_control_plane - - openstack_ha - - networks + - akraino_iec virtual: nodes: - - cfg01 - - mas01 - cfg01: - vcpus: 4 - ram: 6144 - mas01: - vcpus: 4 - ram: 6144 + control: + - kvm01 + - kvm02 + - kvm03 + kvm01: + vcpus: 8 + ram: 10240 + kvm02: + vcpus: 8 + ram: 10240 + kvm03: + vcpus: 8 + ram: 10240 diff --git a/mcp/config/scenario/k8-calico-nofeature-noha.yaml b/mcp/config/scenario/k8-calico-nofeature-noha.yaml new file mode 100644 index 000000000..a47298409 --- /dev/null +++ b/mcp/config/scenario/k8-calico-nofeature-noha.yaml @@ -0,0 +1,28 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +cluster: + domain: mcp-k8s-calico-noha.local + states: + - kubernetes +virtual: + nodes: + control: + - ctl01 + compute: + - cmp001 + - cmp002 + ctl01: + vcpus: 8 + ram: 14336 + cmp001: + vcpus: 6 + ram: 12288 + cmp002: + vcpus: 6 + ram: 12288 diff --git a/mcp/config/scenario/os-nosdn-fdio-ha.yaml b/mcp/config/scenario/os-nosdn-fdio-ha.yaml new file mode 100644 index 000000000..b010f7ab6 --- /dev/null +++ b/mcp/config/scenario/os-nosdn-fdio-ha.yaml @@ -0,0 +1,47 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +cluster: + domain: mcp-fdio-ha.local + states: + - openstack_ha + - networks +virtual: + nodes: + control: + - kvm01 + - kvm02 + - kvm03 + compute: + - cmp001 + - cmp002 + # Below values are only used for each node if said node is virtual + cfg01: + vcpus: 4 + ram: 6144 + mas01: + vcpus: 4 + ram: 6144 + # NOTE: We might need to add more RAM here + kvm01: + vcpus: 4 + ram: 14336 + kvm02: + vcpus: 4 + ram: 14336 + kvm03: + vcpus: 4 + ram: 14336 + cmp001: + disks: 100G;100G + vcpus: 4 + ram: 14336 + cmp002: + disks: 100G;100G + vcpus: 4 + ram: 14336 diff --git a/mcp/config/scenario/os-nosdn-fdio-noha.yaml b/mcp/config/scenario/os-nosdn-fdio-noha.yaml new file mode 100644 index 000000000..64b4aaf57 --- /dev/null +++ b/mcp/config/scenario/os-nosdn-fdio-noha.yaml @@ -0,0 +1,60 @@ +############################################################################## +# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +cluster: + domain: mcp-fdio-noha.local + states: + - openstack_noha + - neutron_gateway + - networks +virtual: + nodes: + control: + - ctl01 + - gtw01 + compute: + - cmp001 + - cmp002 + ctl01: + vcpus: 4 + ram: 14336 + gtw01: + vcpus: 8 + ram: 14336 + cpu_topology: + sockets: 1 + cores: 4 + threads: 2 + numa: + cell0: + memory: 14680064 + cpus: 0-7 + cmp001: + disks: 100G;100G + vcpus: 8 + ram: 14336 + cpu_topology: + sockets: 1 + cores: 4 + threads: 2 + numa: + cell0: + memory: 14680064 + cpus: 0-7 + cmp002: + disks: 100G;100G + vcpus: 8 + ram: 14336 + cpu_topology: + sockets: 1 + cores: 4 + threads: 2 + numa: + cell0: + memory: 14680064 + cpus: 0-7 diff --git a/mcp/config/scenario/os-nosdn-nofeature-ha.yaml b/mcp/config/scenario/os-nosdn-nofeature-ha.yaml new file mode 100644 index 000000000..d06d2ae0b --- /dev/null +++ b/mcp/config/scenario/os-nosdn-nofeature-ha.yaml @@ -0,0 +1,44 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +cluster: + domain: mcp-ovs-ha.local + states: + - openstack_ha + - networks +virtual: + nodes: + control: + - kvm01 + - kvm02 + - kvm03 + compute: + - cmp001 + - cmp002 + # Below values are only used for each node if said node is virtual + mas01: + vcpus: 4 + ram: 6144 + # NOTE: We might need to add more RAM here + kvm01: + vcpus: 4 + ram: 14336 + kvm02: + vcpus: 4 + ram: 14336 + kvm03: + vcpus: 4 + ram: 14336 + cmp001: + disks: 100G;100G + vcpus: 4 + ram: 8192 + cmp002: + disks: 100G;100G + vcpus: 4 + ram: 8192 diff --git a/mcp/config/scenario/os-nosdn-nofeature-noha.yaml.j2 b/mcp/config/scenario/os-nosdn-nofeature-noha.yaml.j2 new file mode 100644 index 000000000..a1f0ddaa6 --- /dev/null +++ b/mcp/config/scenario/os-nosdn-nofeature-noha.yaml.j2 @@ -0,0 +1,52 @@ +############################################################################## +# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +cluster: + domain: mcp-ovs-noha.local + states: + - openstack_noha + - neutron_gateway + - networks +virtual: + nodes: + control: + - ctl01 + - gtw01 + compute: + - cmp001 + - cmp002 + ctl01: + disks: {{ conf.nodes[nm.ctl01.idx].disks | map(attribute='disk_capacity') | join(';') }} + vcpus: 4 + ram: 14336 + gtw01: + ram: 2048 +{%- if nm.cmp001.idx < conf.nodes | length %} + {%- set cmp_node = conf.nodes[nm.cmp001.idx].node %} + {%- set cmp_ram = ([16384, ('%.0f' | format((cmp_node.memory | storage_size_num | float) * 1024 / 1000000000) | int)] | sort)[-1] %} + {%- set cmp_sockets = ([2, cmp_node.cpus | int] | sort)[-1] %} + {%- set cmp_threads = 2 %} + {%- set cmp_cores = ([2, ('%.0f' | format((cmp_node.cores | float) / cmp_threads)) | int] | sort)[-1] %} + {%- for cmpi in range(1, 3) %} + cmp00{{ cmpi }}: + disks: {{ conf.nodes[nm.cmp001.idx].disks | map(attribute='disk_capacity') | join(';') }} + vcpus: {{ cmp_sockets * cmp_cores * cmp_threads }} + ram: {{ cmp_ram }} + cpu_topology: + sockets: {{ cmp_sockets }} + cores: {{ cmp_cores }} + threads: {{ cmp_threads }} + numa: + {%- for ci in range(0, cmp_sockets) %} + cell{{ ci }}: + memory: {{ '%.0f' | format((cmp_ram | float) * 1024 / cmp_sockets) }} + cpus: {{ cmp_cores * cmp_threads * (ci | int) }}-{{ cmp_cores * cmp_threads * (ci | int + 1) - 1 }} + {%- endfor %} + {%- endfor %} +{%- endif %} diff --git a/mcp/config/scenario/os-nosdn-onap-ha.yaml b/mcp/config/scenario/os-nosdn-onap-ha.yaml new file mode 100644 index 000000000..653599f6c --- /dev/null +++ b/mcp/config/scenario/os-nosdn-onap-ha.yaml @@ -0,0 +1,48 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB, Tieto and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# Scenario details: +# Specific scenario for ONAP deployment on top of OPNFV +# Scenario is based on generic os-nosdn-nofeature-ha scenario +# Responsible: Auto project +--- +cluster: + domain: mcp-ovs-ha.local + states: + - openstack_ha + - networks + - onap +virtual: + nodes: + control: + - kvm01 + - kvm02 + - kvm03 + compute: + - cmp001 + - cmp002 + # Below values are only used for each node if said node is virtual + mas01: + vcpus: 4 + ram: 6144 + kvm01: + vcpus: 4 + ram: 14336 + kvm02: + vcpus: 4 + ram: 14336 + kvm03: + vcpus: 4 + ram: 14336 + cmp001: + disks: 100G;100G + vcpus: 32 + ram: 102400 + cmp002: + disks: 100G;100G + vcpus: 32 + ram: 102400 diff --git a/mcp/config/scenario/os-nosdn-onap-noha.yaml b/mcp/config/scenario/os-nosdn-onap-noha.yaml new file mode 100644 index 000000000..5a08a2cd6 --- /dev/null +++ b/mcp/config/scenario/os-nosdn-onap-noha.yaml @@ -0,0 +1,41 @@ +############################################################################## +# Copyright (c) 2017-2018 Mirantis Inc., Enea AB, Tieto and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# Scenario details: +# Specific scenario for ONAP deployment on top of OPNFV +# Scenario is based on generic os-nosdn-nofeature-noha scenario +# Responsible: Auto project +--- +cluster: + domain: mcp-ovs-noha.local + states: + - openstack_noha + - neutron_gateway + - networks + - onap +virtual: + nodes: + control: + - ctl01 + - gtw01 + compute: + - cmp001 + - cmp002 + # Below values are only used for each node if said node is virtual + ctl01: + vcpus: 4 + ram: 16384 + gtw01: + ram: 2048 + cmp001: + disks: 100G;100G + vcpus: 36 + ram: 122880 + cmp002: + disks: 100G;100G + vcpus: 36 + ram: 122880 diff --git a/mcp/config/scenario/os-nosdn-ovs-ha.yaml b/mcp/config/scenario/os-nosdn-ovs-ha.yaml new file mode 100644 index 000000000..72a55ea6f --- /dev/null +++ b/mcp/config/scenario/os-nosdn-ovs-ha.yaml @@ -0,0 +1,44 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +cluster: + domain: mcp-ovs-dpdk-ha.local + states: + - openstack_ha + - networks +virtual: + nodes: + control: + - kvm01 + - kvm02 + - kvm03 + compute: + - cmp001 + - cmp002 + # Below values are only used for each node if said node is virtual + mas01: + vcpus: 4 + ram: 6144 + # NOTE: We might need to add more RAM here + kvm01: + vcpus: 4 + ram: 14336 + kvm02: + vcpus: 4 + ram: 14336 + kvm03: + vcpus: 4 + ram: 14336 + cmp001: + disks: 100G;100G + vcpus: 4 + ram: 10240 + cmp002: + disks: 100G;100G + vcpus: 4 + ram: 10240 diff --git a/mcp/config/scenario/virtual/os-nosdn-ovs-noha.yaml b/mcp/config/scenario/os-nosdn-ovs-noha.yaml index e3cd3dbd9..b109200e1 100644 --- a/mcp/config/scenario/virtual/os-nosdn-ovs-noha.yaml +++ b/mcp/config/scenario/os-nosdn-ovs-noha.yaml @@ -7,28 +7,28 @@ ############################################################################## --- cluster: - domain: virtual-mcp-pike-ovs-dpdk-noha.local + domain: mcp-ovs-dpdk-noha.local states: - - dpdk - openstack_noha - neutron_gateway - - neutron_compute - networks virtual: nodes: - - cfg01 - - ctl01 - - cmp01 - - cmp02 - - gtw01 + control: + - ctl01 + - gtw01 + compute: + - cmp001 + - cmp002 ctl01: - vcpus: 4 ram: 14336 gtw01: - ram: 2048 - cmp01: - vcpus: 4 - ram: 8192 - cmp02: - vcpus: 4 - ram: 8192 + ram: 4096 + cmp001: + disks: 100G;100G + vcpus: 6 + ram: 14336 + cmp002: + disks: 100G;100G + vcpus: 6 + ram: 14336 diff --git a/mcp/config/scenario/os-odl-bgpvpn-noha.yaml b/mcp/config/scenario/os-odl-bgpvpn-noha.yaml new file mode 100644 index 000000000..a083e154e --- /dev/null +++ b/mcp/config/scenario/os-odl-bgpvpn-noha.yaml @@ -0,0 +1,38 @@ +############################################################################## +# Copyright (c) 2018 Intracom Telecom and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +cluster: + domain: mcp-odl-noha.local + states: + - opendaylight + - openstack_noha + - neutron_gateway + - quagga + - networks +virtual: + nodes: + control: + - ctl01 + - gtw01 + - odl01 + compute: + - cmp001 + - cmp002 + ctl01: + ram: 14336 + gtw01: + vcpus: 2 + ram: 2048 + odl01: + ram: 6144 + cmp001: + disks: 100G;100G + ram: 12288 + cmp002: + disks: 100G;100G + ram: 12288 diff --git a/mcp/config/scenario/baremetal/os-odl-nofeature-ha.yaml b/mcp/config/scenario/os-odl-nofeature-ha.yaml index a72c00d7d..f295df2ec 100644 --- a/mcp/config/scenario/baremetal/os-odl-nofeature-ha.yaml +++ b/mcp/config/scenario/os-odl-nofeature-ha.yaml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,21 +7,39 @@ ############################################################################## --- cluster: - domain: baremetal-mcp-pike-odl-ha.local + domain: mcp-odl-ha.local states: - - maas - - baremetal_init - - virtual_control_plane - opendaylight - openstack_ha - networks virtual: nodes: - - cfg01 - - mas01 - cfg01: - vcpus: 4 - ram: 6144 + control: + - kvm01 + - kvm02 + - kvm03 + compute: + - cmp001 + - cmp002 + # Below values are only used for each node if said node is virtual mas01: vcpus: 4 ram: 6144 + # NOTE: We might need to add more RAM here + kvm01: + vcpus: 4 + ram: 14336 + kvm02: + vcpus: 4 + ram: 14336 + kvm03: + vcpus: 4 + ram: 14336 + cmp001: + disks: 100G;100G + vcpus: 4 + ram: 8192 + cmp002: + disks: 100G;100G + vcpus: 4 + ram: 8192 diff --git a/mcp/config/scenario/virtual/os-odl-nofeature-noha.yaml b/mcp/config/scenario/os-odl-nofeature-noha.yaml index cef41270c..1bb47bbc7 100644 --- a/mcp/config/scenario/virtual/os-odl-nofeature-noha.yaml +++ b/mcp/config/scenario/os-odl-nofeature-noha.yaml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,7 +7,7 @@ ############################################################################## --- cluster: - domain: virtual-mcp-pike-odl-noha.local + domain: mcp-odl-noha.local states: - opendaylight - openstack_noha @@ -15,17 +15,21 @@ cluster: - networks virtual: nodes: - - cfg01 - - ctl01 - - cmp01 - - cmp02 - - gtw01 - - odl01 + control: + - ctl01 + - gtw01 + - odl01 + compute: + - cmp001 + - cmp002 ctl01: - vcpus: 4 ram: 14336 gtw01: + vcpus: 2 ram: 2048 odl01: - vcpus: 4 - ram: 5120 + ram: 6144 + cmp001: + disks: 100G;100G + cmp002: + disks: 100G;100G diff --git a/mcp/config/scenario/os-odl-ovs-noha.yaml b/mcp/config/scenario/os-odl-ovs-noha.yaml new file mode 100644 index 000000000..d47ad9668 --- /dev/null +++ b/mcp/config/scenario/os-odl-ovs-noha.yaml @@ -0,0 +1,39 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +cluster: + domain: mcp-odl-noha.local + states: + - opendaylight + - openstack_noha + - neutron_gateway + - networks +virtual: + nodes: + control: + - ctl01 + - gtw01 + - odl01 + compute: + - cmp001 + - cmp002 + ctl01: + ram: 14336 + gtw01: + vcpus: 2 + ram: 2048 + odl01: + ram: 6144 + cmp001: + disks: 100G;100G + vcpus: 6 + ram: 14336 + cmp002: + disks: 100G;100G + vcpus: 6 + ram: 14336 diff --git a/mcp/config/scenario/virtual/os-nosdn-nofeature-noha.yaml b/mcp/config/scenario/os-odl-sfc-noha.yaml index b35e66fc7..735855433 100644 --- a/mcp/config/scenario/virtual/os-nosdn-nofeature-noha.yaml +++ b/mcp/config/scenario/os-odl-sfc-noha.yaml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,21 +7,30 @@ ############################################################################## --- cluster: - domain: virtual-mcp-pike-ovs-noha.local + domain: mcp-odl-noha.local states: + - opendaylight - openstack_noha - neutron_gateway - - neutron_compute + - tacker - networks virtual: nodes: - - cfg01 - - ctl01 - - cmp01 - - cmp02 - - gtw01 + control: + - ctl01 + - gtw01 + - odl01 + compute: + - cmp001 + - cmp002 ctl01: - vcpus: 4 ram: 14336 gtw01: + vcpus: 2 ram: 2048 + odl01: + ram: 6144 + cmp001: + disks: 100G;100G + cmp002: + disks: 100G;100G diff --git a/mcp/config/scenario/os-ovn-nofeature-ha.yaml b/mcp/config/scenario/os-ovn-nofeature-ha.yaml new file mode 100644 index 000000000..69c5b9495 --- /dev/null +++ b/mcp/config/scenario/os-ovn-nofeature-ha.yaml @@ -0,0 +1,44 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +cluster: + domain: mcp-ovn-ha.local + states: + - openstack_ha + - networks +virtual: + nodes: + control: + - kvm01 + - kvm02 + - kvm03 + compute: + - cmp001 + - cmp002 + # Below values are only used for each node if said node is virtual + mas01: + vcpus: 4 + ram: 6144 + # NOTE: We might need to add more RAM here + kvm01: + vcpus: 4 + ram: 14336 + kvm02: + vcpus: 4 + ram: 14336 + kvm03: + vcpus: 4 + ram: 14336 + cmp001: + disks: 100G;100G + vcpus: 4 + ram: 8192 + cmp002: + disks: 100G;100G + vcpus: 4 + ram: 8192 diff --git a/mcp/config/scenario/virtual/os-ovn-nofeature-noha.yaml b/mcp/config/scenario/os-ovn-nofeature-noha.yaml index e0a19ebb2..e7ff2a7d8 100644 --- a/mcp/config/scenario/virtual/os-ovn-nofeature-noha.yaml +++ b/mcp/config/scenario/os-ovn-nofeature-noha.yaml @@ -7,24 +7,24 @@ ############################################################################## --- cluster: - domain: virtual-mcp-pike-ovn-noha.local + domain: mcp-ovn-noha.local states: - openstack_noha - - ovn_ctl_opts - - neutron_compute - networks virtual: nodes: - - cfg01 - - ctl01 - - cmp01 - - cmp02 + control: + - ctl01 + compute: + - cmp001 + - cmp002 ctl01: - vcpus: 4 ram: 14336 - cmp01: - vcpus: 5 - ram: 8192 - cmp02: - vcpus: 5 - ram: 8192 + cmp001: + disks: 100G;100G + vcpus: 6 + ram: 10240 + cmp002: + disks: 100G;100G + vcpus: 6 + ram: 10240 diff --git a/mcp/config/states/akraino_iec b/mcp/config/states/akraino_iec new file mode 100755 index 000000000..efe0d4df0 --- /dev/null +++ b/mcp/config/states/akraino_iec @@ -0,0 +1,62 @@ +#!/bin/bash -e +# shellcheck disable=SC1090 +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x +SCRIPTS_DIR=$(dirname "${BASH_SOURCE[0]}")/../../scripts + +source "${SCRIPTS_DIR}/lib.sh" +source "${SCRIPTS_DIR}/xdf_data.sh" +source "${SCRIPTS_DIR}/globals.sh" + +IEC_REPO_URI='https://gerrit.akraino.org/r/iec' +IEC_USER_L='ubuntu' +# shellcheck disable=SC2154 +if [[ "${base_image}" =~ centos ]]; then + IEC_USER='centos' +else + IEC_USER=${IEC_USER_L} +fi +IEC_REPO_PATH=/var/lib/akraino/iec +IEC_SCRIPTS_PATH="${IEC_REPO_PATH}/src/foundation/scripts" + +POD_NETWORK_CIDR='100.100.0.0/16' # Avoid overlapping Fuel's PXE/admin net + +# shellcheck disable=SC2174 +mkdir -p -m 777 "$(dirname ${IEC_REPO_PATH})" +[ -e "${IEC_REPO_PATH}" ] || su - "${IEC_USER_L}" -c \ + "git clone '${IEC_REPO_URI}' '${IEC_REPO_PATH}'" +# shellcheck disable=SC2086 +wait_for 3.0 "! salt-cp 'iec*' -C '${IEC_REPO_PATH}/' \ + '$(dirname ${IEC_REPO_PATH})' | grep -e False" +salt -C 'iec*' cmd.run "chown -R ${IEC_USER}:${IEC_USER} ${IEC_REPO_PATH}" + +salt -C 'iec*' cmd.run runas="${IEC_USER}" "${IEC_SCRIPTS_PATH}/k8s_common.sh" + +IEC_MASTER_IP=$(salt --out txt -C 'iec* and *01*' pillar.get \ + _param:single_address | cut -d ' ' -f2) +salt -C 'iec* and *01*' cmd.run runas="${IEC_USER}" \ + stdin="$(sed -z 's/\n/\\n/g' "${SCRIPTS_DIR}/$(basename "${SSH_KEY}")")" \ + "mkdir -p .ssh && touch .ssh/id_rsa && chmod 600 .ssh/id_rsa && \ + cat > .ssh/id_rsa && \ + ${IEC_SCRIPTS_PATH}/k8s_master.sh ${IEC_MASTER_IP} ${POD_NETWORK_CIDR}" + +KUBE_NODE_CNT=$(salt --out txt -C 'iec* and *01*' cmd.run runas="${IEC_USER}" \ + 'kubectl get nodes | grep -c -e "^iec"' | cut -d ' ' -f2) +if [ "${KUBE_NODE_CNT}" != "$(salt-key | grep -c -e '^iec')" ]; then + KUBE_JOIN_CMD=$(salt --out txt -C 'iec* and *01*' cmd.run runas="${IEC_USER}" \ + 'kubeadm token create --print-join-command' | cut -d ' ' -f2-) + salt -C 'iec* and not *01*' cmd.run "${KUBE_JOIN_CMD}" +fi +salt -C 'iec* and *01*' cmd.run runas="${IEC_USER}" 'kubectl get nodes' + +salt -C 'iec* and *01*' cmd.run runas="${IEC_USER}" \ + "${IEC_SCRIPTS_PATH}/setup-cni.sh '' ${POD_NETWORK_CIDR}" +salt -C 'iec* and *01*' cmd.run runas="${IEC_USER}" "${IEC_SCRIPTS_PATH}/nginx.sh" +salt -C 'iec* and *01*' cmd.run runas="${IEC_USER}" "${IEC_SCRIPTS_PATH}/helm.sh" diff --git a/mcp/config/states/baremetal_init b/mcp/config/states/baremetal_init index 9718a4176..dcedfbeda 100755 --- a/mcp/config/states/baremetal_init +++ b/mcp/config/states/baremetal_init @@ -1,6 +1,6 @@ #!/bin/bash -e ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -11,30 +11,31 @@ CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x # shellcheck disable=SC1090 source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/lib.sh" +source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/xdf_data.sh" + +cluster_nodes_query="${control_nodes_query} or cmp*" # KVM, compute node prereqs # patch the networking module for Debian based distros debian_ip_source=/usr/lib/python2.7/dist-packages/salt/modules/debian_ip.py -salt -C 'kvm* or cmp*' file.line $debian_ip_source \ +salt -C "${cluster_nodes_query}" file.line $debian_ip_source \ content='iface = iface.lower()' mode='delete' -salt -C 'kvm* or cmp*' file.replace $debian_ip_source \ +salt -C "${cluster_nodes_query}" file.replace $debian_ip_source \ pattern="^\s{8}__salt__\['pkg.install'\]\('vlan'\)" \ repl="\n if not __salt__['pkg.version']('vlan'):\n __salt__['pkg.install']('vlan')" -salt -C 'kvm*' pkg.install bridge-utils -salt -C 'kvm*' state.apply linux.network -salt -C 'kvm* or cmp*' state.apply salt.minion -salt -C 'kvm* or cmp*' service.force_reload salt-minion -salt -C 'cmp*' state.apply linux.system -salt -C 'cmp*' state.apply linux.network || true - -# disable dhcp offered routes on compute nodes -salt -C 'cmp*' file.write /etc/dhcp/dhclient-enter-hooks.d/no-default-route \ - args='unset new_routers' +salt -C "${cluster_nodes_query}" state.apply linux.system.repo +salt -C "${cluster_nodes_query}" pkg.install force_yes=true bridge-utils,python-jinja2 +salt -C "${cluster_nodes_query}" service.restart salt-minion +wait_for 5.0 "salt -C '${cluster_nodes_query}' state.apply salt.minion" +salt -C "${cluster_nodes_query}" file.remove /etc/resolv.conf +salt -C "${cluster_nodes_query}" file.touch /etc/resolv.conf +wait_for 5.0 "salt -C '${cluster_nodes_query}' state.apply linux,ntp" +wait_for 30.0 "salt -C '${cluster_nodes_query}' test.ping" -salt -C 'kvm* or cmp*' system.reboot -wait_for 90.0 "salt -C 'kvm* or cmp*' test.ping" +salt -C "${cluster_nodes_query}" cmd.run 'reboot' +wait_for 90.0 "salt -C '${cluster_nodes_query}' test.ping" -salt -C 'kvm* or cmp*' state.apply linux,ntp -salt -C 'kvm* or cmp*' pkg.upgrade refresh=False +salt -C "${cluster_nodes_query}" state.apply linux,ntp +salt -C "${cluster_nodes_query}" pkg.upgrade refresh=False dist_upgrade=True diff --git a/mcp/config/states/dpdk b/mcp/config/states/dpdk deleted file mode 100755 index 5ae2aac48..000000000 --- a/mcp/config/states/dpdk +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -e -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x - -# shellcheck disable=SC1090 -source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/lib.sh" - -salt -I 'nova:compute' system.reboot -wait_for 90.0 "salt -I 'nova:compute' test.ping" - -salt -I 'nova:compute' alternatives.set ovs-vswitchd /usr/lib/openvswitch-switch-dpdk/ovs-vswitchd-dpdk -salt -I 'nova:compute' service.restart openvswitch-switch diff --git a/mcp/config/states/kubernetes b/mcp/config/states/kubernetes new file mode 100755 index 000000000..0894b10a6 --- /dev/null +++ b/mcp/config/states/kubernetes @@ -0,0 +1,39 @@ +#!/bin/bash -e +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x + +# Create and distribute SSL certificates for services +salt-call state.sls salt.minion + +# Install etcd +salt -I 'etcd:server' state.sls etcd.server.service +salt -I 'etcd:server' cmd.run ". /var/lib/etcd/configenv && etcdctl cluster-health" + +# Install Kubernetes and Calico +salt -I 'kubernetes:master' state.sls kubernetes.master.kube-addons +salt -I 'kubernetes:pool' state.sls kubernetes.pool +salt -I 'kubernetes:pool' cmd.run "calicoctl node status" +salt -I 'kubernetes:pool' cmd.run "calicoctl get ippool" + +# Setup NAT for Calico +salt -I 'kubernetes:master' state.sls etcd.server.setup + +# Run whole master to check consistency +salt -I 'kubernetes:master' state.sls kubernetes exclude=kubernetes.master.setup + +# Register addons +salt -I 'kubernetes:master' state.sls kubernetes.master.setup + +# Upload config +K8S_CONFIG=kubernetes.config +K8S_HOST_ID=$(salt -I 'kubernetes:master' --out=yaml cp.push \ + /etc/kubernetes/admin-kube-config \ + upload_path="$K8S_CONFIG" | cut -d':' -f1) +cd /opt && ln -sf "/var/cache/salt/master/minions/${K8S_HOST_ID}/files/${K8S_CONFIG}" diff --git a/mcp/config/states/maas b/mcp/config/states/maas index 8f7a86611..28ef4cae0 100755 --- a/mcp/config/states/maas +++ b/mcp/config/states/maas @@ -1,7 +1,7 @@ #!/bin/bash -e -# shellcheck disable=SC1090,SC2155 +# shellcheck disable=SC1090 ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -14,91 +14,44 @@ ERASE_ENV=${ERASE_ENV:-0} source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/globals.sh" source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/lib.sh" -# Wait for MaaS commissioning/deploy to finish, retry on failure -function maas_fixup() { - local statuscmd="salt 'mas01*' --out yaml state.apply maas.machines.status" - local ncount=$(salt --out yaml 'mas01*' pillar.get maas:region:machines | \ - grep -cE '^\s{2}\w+:$') +bm_nodes=$(salt --out yaml 'mas01*' pillar.get maas:region:machines | \ + awk '/^\s+\w+[[:digit:]]+:$/ {gsub(/:$/, "*"); printf "%s ", $1}') - # wait_for has 10sec timeout * 96 = 16 min > 15min for Failed state - wait_for 96 "${statuscmd} | tee /dev/stderr | " \ - "grep -Eq '((Deployed|Ready): ${ncount}|status: (Failed|Allocated))'" - local statusout=$(eval "${statuscmd}") - - local fcnodes=$(echo "${statusout}" | \ - grep -Pzo 'status: Failed commissioning\n\s+system_id: \K.+\n') - for node_system_id in ${fcnodes}; do - salt -C 'mas01*' state.apply maas.machines.delete \ - pillar="{'system_id': '${node_system_id}'}" - sleep 10 - done - if [ -n "${fcnodes}" ]; then - salt -C 'mas01*' state.apply maas.machines - return 1 - fi - - local fdnodes=$(echo "${statusout}" | \ - grep -Pzo 'status: (Failed deployment|Allocated)\n\s+system_id: \K.+\n') - local rnodes=$(echo "${statusout}" | \ - grep -Pzo 'status: Ready\n\s+system_id: \K.+\n') - for node_system_id in ${fdnodes}; do - salt -C 'mas01*' state.apply maas.machines.mark_broken_fixed \ - pillar="{'system_id': '${node_system_id}'}" - sleep 10 - done - if [ -n "${fdnodes}" ] || [ -n "${rnodes}" ]; then - salt -C 'mas01*' state.apply maas.machines.deploy - return 1 - fi - - return 0 -} +wait_for 60.0 "salt --out yaml -C 'mas01*' service.status maas-fixup | fgrep -q 'false'" # Optionally destroy MaaS machines from a previous run if [ "${ERASE_ENV}" -gt 1 ]; then - set +e; dnodes=$(salt 'mas01*' --out yaml state.apply maas.machines.status | \ - grep -Pzo '\s+system_id: \K.+\n'); set -e cleanup_uefi - for node_system_id in ${dnodes}; do - salt -C 'mas01*' state.apply maas.machines.delete \ - pillar="{'system_id': '${node_system_id}'}" - sleep 10 + for node_hostname in ${bm_nodes//\*/}; do + salt -C 'mas01*' maasng.delete_machine "${node_hostname}" || true done fi # MaaS rack/region controller, node commissioning -salt -C 'mas01*' state.apply linux,salt,openssh,ntp +wait_for 10.0 "salt -C 'mas01*' state.apply salt,iptables" salt -C 'mas01*' state.apply maas.cluster wait_for 10 "salt -C 'mas01*' state.apply maas.region" -salt -C 'mas01*' state.apply maas.machines +if [ -n "${bm_nodes}" ]; then + salt -C 'mas01*' state.apply maas.machines +fi # cleanup outdated salt keys sleep 30 salt-key --out yaml | awk '!/^(minions|- cfg01|- mas01)/ {print $2}' | \ - xargs -I{} salt-key -yd {} + xargs --no-run-if-empty -I{} salt-key -yd {} # MaaS node deployment -wait_for 10 maas_fixup - -salt -C 'mas01*' pillar.item\ - maas:region:admin:username \ - maas:region:admin:password +if [ -n "${bm_nodes}" ]; then + notify "[NOTE] MaaS operations might take a long time, please be patient" 2 + salt -C 'mas01*' state.apply maas.machines.wait_for_ready_or_deployed + salt -C 'mas01*' state.apply maas.machines.storage + salt -C 'mas01*' state.apply maas.machines.deploy + salt -C 'mas01*' state.apply maas.machines.wait_for_deployed +fi # Check all baremetal nodes are available -rc=1 -attempt=0 -total_attempts=10 -while [ $rc -ne 0 ] && [ ${attempt} -lt ${total_attempts} ]; do - bm_nodes=$(salt --out yaml 'mas01*' pillar.get maas:region:machines | \ - awk '/^\s+\w+[[:digit:]]+:$/ {gsub(/:$/, "*"); print $1}') - rc=0 - for node in $bm_nodes; do - salt "$node" test.ping 2>/dev/null || { rc=$?; break; }; - done - sleep 5 - ((attempt+=1)) -done +wait_for 10.0 "(for n in ${bm_nodes}; do salt \${n} test.ping 2>/dev/null || exit; done)" wait_for 10.0 "salt -C '* and not cfg01* and not mas01*' saltutil.sync_all" diff --git a/mcp/config/states/networks b/mcp/config/states/networks index 5beabdb6a..e9a9f5190 100755 --- a/mcp/config/states/networks +++ b/mcp/config/states/networks @@ -9,17 +9,20 @@ CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x -# Determine public network based on external IPs from compute node -# NOTE: mask currently hardcoded to /24 -PUBLIC_NET=$(salt --out yaml -C 'I@nova:compute and *01*' pillar.get _param:external_address | \ - awk --re-interval '/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/{print $2; exit}') +source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/lib.sh" -[ -n "${PUBLIC_NET}" ] || PUBLIC_NET=$(salt --out yaml -C 'I@nova:compute and *01*' \ - pillar.get _param:openstack_compute_node01_external_address | \ - awk --re-interval '/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/{print $2; exit}') +PUBLIC_NET=$(get_nova_compute_pillar_data 'opnfv_net_public') +PUBLIC_NET_GATEWAY=$(get_nova_compute_pillar_data 'opnfv_net_public_gw') +POOL_START_IP=$(get_nova_compute_pillar_data 'opnfv_net_public_pool_start') +POOL_END_IP=$(get_nova_compute_pillar_data 'opnfv_net_public_pool_end') -[ -n "${PUBLIC_NET}" ] && PUBLIC_NET="${PUBLIC_NET%.*}.0/24" || PUBLIC_NET="10.16.0.0/24" +# Default values +PUBLIC_NET="${PUBLIC_NET:-10.16.0.0/24}" +PUBLIC_NET_GATEWAY="${PUBLIC_NET_GATEWAY:-10.16.0.1}" +POOL_START_IP="${POOL_START_IP:-10.16.0.130}" +POOL_END_IP="${POOL_END_IP:-10.16.0.254}" +# Print openstack status and setup network salt -C 'I@nova:controller and *01*' cmd.run ". /root/keystonercv3; \ openstack compute service list; \ openstack network agent list; \ @@ -27,8 +30,11 @@ salt -C 'I@nova:controller and *01*' cmd.run ". /root/keystonercv3; \ openstack volume service list" salt -C 'I@nova:controller and *01*' cmd.run ". /root/keystonercv3; \ openstack network create --external --default --provider-network-type flat \ - --provider-physical-network physnet1 floating_net" + --provider-physical-network physnet1 floating_net" salt -C 'I@nova:controller and *01*' cmd.run ". /root/keystonercv3; \ - openstack subnet create --gateway ${PUBLIC_NET%.*}.1 --no-dhcp \ - --allocation-pool start=${PUBLIC_NET%.*}.130,end=${PUBLIC_NET%.*}.254 \ - --network floating_net --subnet-range ${PUBLIC_NET} floating_subnet" + openstack subnet create --gateway ${PUBLIC_NET_GATEWAY} --no-dhcp \ + --allocation-pool start=${POOL_START_IP},end=${POOL_END_IP} \ + --network floating_net --subnet-range ${PUBLIC_NET} floating_subnet" + +# Discover compute hosts after they are registered +salt -C 'I@nova:controller and *01*' state.sls_id nova_controller_discover_hosts nova diff --git a/mcp/config/states/onap b/mcp/config/states/onap new file mode 100755 index 000000000..d196074d9 --- /dev/null +++ b/mcp/config/states/onap @@ -0,0 +1,65 @@ +#!/bin/bash -e +############################################################################## +# Copyright (c) 2018 Tieto +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# Deploy ONAP on top of OPNFV installed by Fuel/MCP +# ONAP installation is managed by OPNFV Auto project + +AUTO_INSTALL_DIR=/opt/auto +AUTO_REPO='https://gerrit.opnfv.org/gerrit/auto' +ONAP_INSTALL_SCRIPT='ci/deploy-onap-fuel.sh' + +echo "Clone Auto Repo" +salt -C 'I@nova:controller and *01*' cmd.run "\ + rm -rf $AUTO_INSTALL_DIR; \ + git clone $AUTO_REPO $AUTO_INSTALL_DIR" + +echo "ONAP installation starts at $(date)" +echo "It can take several hours to finish." + +# detect compute HW configuration, i.e. minimal values available across +# all compute nodes +CMP_COUNT=$(salt -C 'I@nova:compute' grains.get id --out txt | wc -l) +CMP_MIN_MEM=$(salt -C 'I@nova:compute' grains.get mem_total --out txt |\ + sed -re 's/^[^:]+: ([0-9]+)$/\1/g' | sort -n | head -n1) +CMP_MIN_CPUS=$(salt -C 'I@nova:compute' grains.get num_cpus --out txt |\ + sed -re 's/^[^:]+: ([0-9]+)$/\1/g' | sort -n | head -n1) +# check disk size for storage of instances; if shared storage is mounted, +# then return its size, otherwise sum up avalable space of root disk of all +# compute nodes +STORAGE_PATH='/var/lib/nova/instances' +MOUNT_COUNT=$(salt "cmp*" mount.is_mounted $STORAGE_PATH --out txt |\ + grep True | wc -l) +if [ $MOUNT_COUNT -eq $CMP_COUNT ] ; then + CMP_STORAGE_TOTAL=$(salt "cmp*" cmd.run "df -BGB $STORAGE_PATH" --out txt |\ + grep "$STORAGE_PATH" |\ + sed -re 's/^.* +([0-9]+)GB +([0-9]+GB +){2}.*$/\1/g' |\ + sort -n | head -n1) +else + CMP_STORAGE_TOTAL=0 + for STORAGE in $(salt "cmp*" cmd.run "df -BGB /" --out txt | grep '/$' |\ + sed -re 's/^.* +([0-9]+GB +){2}([0-9]+)GB +.*$/\2/g') ; do + CMP_STORAGE_TOTAL=$(($CMP_STORAGE_TOTAL+$STORAGE)); + done +fi + +# Deploy ONAP with detected configuration +# execute installation from the 1st controller node +CTL01=$(salt -C 'I@nova:controller and *01*' grains.get id --out txt |\ + head -n1 | cut -d':' -f1) +ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \ + -i /root/fuel/mcp/scripts/mcp.rsa -l ubuntu $CTL01 "bash -s" <<COMMANDS + sudo -i + source /root/keystonercv3 + cd $AUTO_INSTALL_DIR + export CMP_COUNT=$CMP_COUNT + export CMP_MIN_MEM=$CMP_MIN_MEM + export CMP_MIN_CPUS=$CMP_MIN_CPUS + export CMP_STORAGE_TOTAL=$CMP_STORAGE_TOTAL + export AUTO_INSTALL_DIR=$AUTO_INSTALL_DIR + $ONAP_INSTALL_SCRIPT | tee $AUTO_INSTALL_DIR/auto_deploy.log +COMMANDS diff --git a/mcp/config/states/opendaylight b/mcp/config/states/opendaylight index 34a2c3bd8..ae8b4cc92 100755 --- a/mcp/config/states/opendaylight +++ b/mcp/config/states/opendaylight @@ -1,6 +1,6 @@ #!/bin/bash -e ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -9,7 +9,19 @@ CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x -salt -I 'opendaylight:server' state.sls opendaylight -salt -I 'opendaylight:client' state.sls opendaylight.client -salt -I 'opendaylight:client' cmd.run 'neutron-odl-ovs-hostconfig --noovs_dpdk' -salt -I 'neutron:server' state.sls opendaylight.client +# shellcheck disable=SC1090 +source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/lib.sh" + +# Get OpenDaylight server options with prefix odl_ +function odl() { + salt --out txt -C 'I@opendaylight:server and *01*' pillar.get "opendaylight:server:odl_$1" | cut -d ' ' -f2 +} + +wait_for 5.0 "salt -I 'opendaylight:server' state.sls opendaylight" +wait_for 20 "salt --out yaml -C 'I@neutron:server and *01*' network.connect $(odl bind_ip) $(odl rest_port) | fgrep -q 'result: true'" + +# https://bugs.launchpad.net/networking-odl/+bug/1822559 +FILE=/usr/lib/python3/dist-packages/networking_odl/cmd/set_ovs_hostconfigs.py +PFILE=/var/tmp/odl_hostconfig.patch +salt -I 'linux:network:bridge:openvswitch' pkg.install python3-networking-odl +salt -I 'linux:network:bridge:openvswitch' cmd.run "patch -R -s --dry-run $FILE < $PFILE || patch $FILE < $PFILE" diff --git a/mcp/config/states/openstack_ha b/mcp/config/states/openstack_ha index 4948a504d..11da4e33a 100755 --- a/mcp/config/states/openstack_ha +++ b/mcp/config/states/openstack_ha @@ -12,11 +12,11 @@ CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x # shellcheck disable=SC1090 source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/lib.sh" -salt -I 'keepalived:cluster' state.sls keepalived -b 1 -salt -I 'keepalived:cluster' pillar.get keepalived:cluster:instance:VIP:address +wait_for 5.0 "salt -I 'keepalived:cluster' state.sls keepalived -b 1" +wait_for 5.0 "salt -I 'keepalived:cluster' pillar.get keepalived:cluster:instance:VIP:address" -salt -C 'I@rabbitmq:server and *01*' state.sls rabbitmq -salt -I 'rabbitmq:server' state.sls rabbitmq +wait_for 5.0 "salt -I 'rabbitmq:cluster:role:master' state.sls rabbitmq" +salt -I 'rabbitmq:cluster:role:slave' state.sls rabbitmq salt -I 'rabbitmq:server' cmd.run "rabbitmqctl cluster_status" salt -I 'glusterfs:server' state.sls glusterfs.server.service @@ -25,52 +25,81 @@ salt -I 'glusterfs:server' cmd.run "gluster peer status; gluster volume status" salt -I 'glusterfs:client' state.sls glusterfs.client salt -I 'galera:master' state.sls galera -salt -I 'galera:slave' state.sls galera +salt -I 'galera:slave' state.sls galera -b 1 salt -I 'galera:master' mysql.status | grep -A1 wsrep_cluster_size -salt -I 'memcached:server' state.sls memcached +wait_for 3.0 "salt -I 'memcached:server' state.sls memcached" salt -I 'haproxy:proxy' state.sls haproxy salt -I 'haproxy:proxy' service.status haproxy salt -I 'haproxy:proxy' service.restart rsyslog -set +e; salt -I 'keystone:server' state.sls keystone.server -b 1; set -e +salt -I 'keystone:server:role:primary' state.sls keystone.server +salt -I 'keystone:server:role:secondary' state.sls keystone.server salt -I 'keystone:server' service.restart apache2 -salt -I 'keystone:server' state.sls keystone.server -b 1 -wait_for 30 "salt -I 'keystone:client' state.sls keystone.client" +wait_for 30.0 "salt -I 'keystone:client' state.sls keystone.client" salt -I 'keystone:server' cmd.run ". /root/keystonercv3; openstack service list" -salt -I 'glance:server' state.sls glance -b 1 -salt -I 'nova:controller' state.sls nova -b 1 -salt -I 'heat:server' state.sls heat -b 1 +salt -I 'glance:server:role:primary' state.sls glance +salt -I 'glance:server:role:secondary' state.sls glance +salt -I 'nova:controller:role:primary' state.sls nova +salt -I 'nova:controller:role:secondary' state.sls nova +salt -I 'heat:server:role:primary' state.sls heat +salt -I 'heat:server:role:secondary' state.sls heat -wait_for 5 "salt -I 'cinder:controller' state.sls cinder -b 1" -wait_for 3 "salt -I 'cinder:volume' state.sls cinder" +salt -I 'cinder:controller:role:primary' state.sls cinder +salt -I 'cinder:controller:role:secondary' state.sls cinder +wait_for 3.0 "salt -I 'cinder:volume' state.sls cinder" -salt -I 'neutron:server' state.sls neutron -b 1 +salt -I 'neutron:server:role:primary' state.sls neutron +salt -I 'neutron:server:role:secondary' state.sls neutron salt -I 'neutron:gateway' state.sls neutron.gateway - -salt -I 'nova:compute' state.sls nova - -salt -C 'I@mongodb:server and *01*' state.sls mongodb || true -wait_for 10 "salt -C 'I@mongodb:server and *01*' cmd.run 'mongo localhost:27017/admin'" -salt -C 'I@mongodb:server and *01*' cmd.run 'mongo localhost:27017/admin --eval "rs.initiate()"' -salt -I 'mongodb:server' state.sls mongodb - -salt -I 'aodh:server' state.sls aodh -b 1 +if salt 'cmp*' match.pillar 'neutron:compute:backend:engine:ovn' \ + --out yaml --static | grep -q -e 'true' ; then + salt -I 'neutron:compute' state.sls neutron.compute +fi + +salt -I 'nova:compute' state.sls nova,armband + +salt -I 'barbican:server:role:primary' state.sls barbican +salt -I 'barbican:server:role:secondary' state.sls barbican +salt -I 'barbican:client' state.sls barbican + +# remove config files coming from packages +for service in gnocchi panko; do + salt -I "${service}:server" pkg.install ${service}-api + salt -I "${service}:server" file.remove "/etc/apache2/sites-enabled/${service}-api.conf" +done + +salt -I 'redis:cluster:role:master' state.sls redis +salt -I 'redis:server' state.sls redis +salt -I 'gnocchi:server:role:primary' state.sls gnocchi +salt -I 'gnocchi:server:role:secondary' state.sls gnocchi +salt -I 'panko:server:role:primary' state.sls panko +salt -I 'panko:server:role:secondary' state.sls panko +salt -I 'aodh:server:role:primary' state.sls aodh +salt -I 'aodh:server:role:secondary' state.sls aodh salt -I 'ceilometer:server' state.sls ceilometer salt -I 'ceilometer:agent' state.sls ceilometer -salt -I 'horizon:server' state.sls horizon -salt -I 'nginx:server' state.sls nginx,sphinx - -clstr_vip_addr=$(salt -C 'I@nginx:server and *01*' --out=yaml \ - pillar.get _param:cluster_vip_address | awk '{print $2; exit}') -salt -C 'I@nginx:server and *01*' cp.push \ - "/etc/ssl/certs/${clstr_vip_addr}-with-chain.crt" upload_path='certs/os_cacert' -cd /etc/ssl/certs && ln -sf /var/cache/salt/master/minions/prx01.*/files/certs/os_cacert - -# glance v1 api is required by orchestra tests -salt -I 'glance:server' ini.set_option /etc/glance/glance-api.conf '{DEFAULT: {enable_v1_api: True}}' -salt -I 'glance:server' service.restart glance-api +wait_for 3.0 "salt -I 'horizon:server' state.sls apache,horizon" +salt -I 'nginx:server' state.sls nginx + +# Workaround Horizon missing CSS/JS, see FUEL-324 +if ! salt -C 'I@horizon:server and *01*' --out=yaml pkg.version openstack-dashboard | grep -qE ':.*mcp'; then + salt -I 'horizon:server' file.symlink \ + /var/lib/openstack-dashboard/static \ + /usr/share/openstack-dashboard/static + salt -I 'horizon:server' cmd.run "python3 /usr/share/openstack-dashboard/manage.py collectstatic --noinput" + salt -I 'horizon:server' cmd.run "python3 /usr/share/openstack-dashboard/manage.py compress --force" + salt -I 'horizon:server' service.reload apache2 +fi + +cluster_public_host=$(salt -C 'I@nginx:server and *01*' --out=yaml \ + pillar.get _param:cluster_public_host | awk '{print $2; exit}') +dashboard_host=$(salt -C 'I@nginx:server and *01*' --out=yaml cp.push \ + "/etc/ssl/certs/${cluster_public_host}-with-chain.crt" \ + upload_path='certs/os_cacert' | cut -d':' -f1) +cd /etc/ssl/certs && \ + ln -sf "/var/cache/salt/master/minions/${dashboard_host}/files/certs/os_cacert" diff --git a/mcp/config/states/openstack_noha b/mcp/config/states/openstack_noha index bcb780738..6b503504b 100755 --- a/mcp/config/states/openstack_noha +++ b/mcp/config/states/openstack_noha @@ -23,17 +23,14 @@ salt -I 'mysql:server' state.sls mysql salt -I 'memcached:server' state.sls memcached salt -I 'haproxy:proxy' state.sls haproxy -set +e; salt -I 'keystone:server' state.sls keystone.server; set -e -salt -I 'keystone:server' service.restart apache2 salt -I 'keystone:server' state.sls keystone.server +salt -I 'keystone:server' service.restart apache2 salt -I 'keystone:server' state.sls keystone.client salt -I 'keystone:server' cmd.run ". /root/keystonercv3; openstack service list" salt -I 'glance:server' state.sls glance -# apply nova state twice to complete broken db sync -salt -I 'nova:controller' state.sls nova salt -I 'nova:controller' state.sls nova salt -I 'heat:server' state.sls heat @@ -41,13 +38,35 @@ salt -I 'heat:server' state.sls heat salt -I 'cinder:controller' state.sls cinder wait_for 3 "salt -I 'cinder:volume' state.sls cinder" -salt -I 'neutron:server' state.sls neutron +salt -I 'neutron:server' state.sls etcd,neutron +salt -I 'neutron:compute' state.sls neutron -salt -I 'nova:compute' state.sls nova +salt -I 'nova:compute' state.sls nova,armband -wait_for 3 "salt -I 'mongodb:server' state.sls mongodb" +salt -I 'barbican:server' state.sls barbican +salt -I 'barbican:client' state.sls barbican + +# remove config files coming from packages +for service in gnocchi panko; do + salt -I "${service}:server" pkg.install ${service}-api + salt -I "${service}:server" file.remove "/etc/apache2/sites-enabled/${service}-api.conf" +done + +salt -I 'redis:server' state.sls redis +salt -I 'gnocchi:server' state.sls gnocchi +salt -I 'panko:server' state.sls panko salt -I 'aodh:server' state.sls aodh salt -I 'ceilometer:server' state.sls ceilometer salt -I 'ceilometer:agent' state.sls ceilometer -salt -I 'horizon:server' state.sls horizon +salt -I 'horizon:server' state.sls apache,horizon,nginx + +# Workaround Horizon missing CSS/JS, see FUEL-324 +if ! salt -C 'I@horizon:server and *01*' --out=yaml pkg.version openstack-dashboard | grep -qE ':.*mcp'; then + salt -I 'horizon:server' file.symlink \ + /var/lib/openstack-dashboard/static \ + /usr/share/openstack-dashboard/static + salt -I 'horizon:server' cmd.run "python3 /usr/share/openstack-dashboard/manage.py collectstatic --noinput" + salt -I 'horizon:server' cmd.run "python3 /usr/share/openstack-dashboard/manage.py compress --force" + salt -I 'horizon:server' service.reload apache2 +fi diff --git a/mcp/config/states/ovn_ctl_opts b/mcp/config/states/ovn_ctl_opts deleted file mode 100755 index eeb336b28..000000000 --- a/mcp/config/states/ovn_ctl_opts +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -e -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x - -salt -I 'neutron:server' file.append /etc/default/ovn-central \ - args="OVN_CTL_OPTS='--db-nb-create-insecure-remote=yes --db-sb-create-insecure-remote=yes'" -salt -I 'neutron:server' service.restart ovn-central -sleep 30 diff --git a/mcp/config/states/neutron_compute b/mcp/config/states/quagga index c6b90e20d..e3c9de7da 100755 --- a/mcp/config/states/neutron_compute +++ b/mcp/config/states/quagga @@ -1,6 +1,6 @@ #!/bin/bash -e ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Intracom Telecom and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -9,4 +9,4 @@ CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x -salt -I 'neutron:compute' state.sls neutron +salt -I 'quagga:server' state.sls quagga -b 1 diff --git a/mcp/config/states/tacker b/mcp/config/states/tacker new file mode 100755 index 000000000..bd8bc9991 --- /dev/null +++ b/mcp/config/states/tacker @@ -0,0 +1,12 @@ +#!/bin/bash -e +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x + +salt -I 'tacker:server' state.sls tacker -b 1 diff --git a/mcp/config/states/virtual_control_plane b/mcp/config/states/virtual_control_plane index 0607b318b..f2e861ac2 100755 --- a/mcp/config/states/virtual_control_plane +++ b/mcp/config/states/virtual_control_plane @@ -27,26 +27,16 @@ if [ "${ERASE_ENV}" -eq 1 ]; then fi # KVM libvirt first, VCP deployment -wait_for 5.0 "salt -C 'kvm*' state.sls libvirt" +wait_for 5.0 "salt -C 'kvm*' state.sls armband,libvirt" salt -C 'kvm* or cmp*' state.apply salt -wait_for 10.0 "salt -C 'kvm*' state.sls salt.control" +wait_for 10.0 "salt -C 'kvm*' state.sls salt.control,linux.system.kernel" vcp_nodes=$(salt --out yaml 'kvm01*' pillar.get salt:control:cluster:internal:node | \ - awk '/\s+\w+:$/ {gsub(/:$/, "*"); print $1}') + awk '/\s+\w+[[:digit:]]+:$/ {gsub(/:$/, "*"); printf "%s ", $1}') # Check all vcp nodes are available -rc=1 -attempt=0 -total_attempts=50 -while [ $rc -ne 0 ] && [ ${attempt} -lt ${total_attempts} ]; do - rc=0 - for node in $vcp_nodes; do - salt "$node" test.ping 2>/dev/null || { rc=$?; break; }; - done - sleep 5 - ((attempt+=1)) -done +wait_for 25.0 "(for n in ${vcp_nodes}; do salt \${n} test.ping 2>/dev/null || exit; done)" wait_for 10.0 "salt -C '* and not cfg01* and not mas01*' saltutil.sync_all" @@ -58,17 +48,16 @@ cd /srv/salt/env/prd/maas/files && ln -sf \ salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' cp.get_file \ "salt://maas/files/$(basename "${APT_CONF_D_CURTIN}")" "${APT_CONF_D_CURTIN}" -wait_for 10 "salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' state.apply salt" -wait_for 10 "salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' service.force_reload salt-minion" +salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' state.sls linux.system.repo +salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' pkg.install force_yes=true python-jinja2 +salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' service.restart salt-minion +wait_for 10.0 "salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' state.apply salt" wait_for 10.0 "salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' state.apply linux,ntp" -wait_for 10 "salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' ssh.set_auth_key ${SUDO_USER} \ +wait_for 10.0 "salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' ssh.set_auth_key ${SUDO_USER} \ $(awk 'NR==1{print $2}' "$(eval echo "~${SUDO_USER}/.ssh/authorized_keys")")" -# Disable proxy dhcp routes after installation -salt -C 'prx*' file.write /etc/dhcp/dhclient-enter-hooks.d/no-default-route \ - args='unset new_routers' -salt -C 'prx*' system.reboot -wait_for 30.0 "salt -C 'prx*' test.ping" +salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' cmd.run 'reboot' +wait_for 30.0 "salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' test.ping" -salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' pkg.upgrade refresh=False +salt -C 'E@^(?!cfg01|mas01|kvm|cmp00).*' pkg.upgrade refresh=False dist_upgrade=True diff --git a/mcp/config/states/virtual_init b/mcp/config/states/virtual_init new file mode 100755 index 000000000..b5bb18955 --- /dev/null +++ b/mcp/config/states/virtual_init @@ -0,0 +1,43 @@ +#!/bin/bash -e +# shellcheck disable=SC1090 +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x + +# shellcheck disable=SC1090 +source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/lib.sh" +source "$(dirname "${BASH_SOURCE[0]}")/../../scripts/xdf_data.sh" + +CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x +# shellcheck disable=SC2154,SC2086,SC2116 +LOCAL_VIRT_NODES=$(echo ${virtual_nodes[*]}) # unquoted to filter space +[[ ! "${cluster_states[*]}" =~ maas ]] || LOCAL_VIRT_NODES='mas01' +NODE_MASK="${LOCAL_VIRT_NODES// /|}" + +wait_for 5.0 "salt-call state.sls reclass,linux.network,salt.minion \ + exclude='[{id: reclass_packages}, {id: /etc/reclass/reclass-config.yml}]'" +wait_for 3.0 "salt -C 'E@^(${NODE_MASK}).*' saltutil.refresh_pillar" + +# NOTE: domain name changes are not yet supported without a clean redeploy + +# Init specific to VMs on FN (all for virtual, mas for baremetal) +wait_for 3.0 "(for n in ${LOCAL_VIRT_NODES}; do salt -C \${n}.* test.ping || exit; done)" +wait_for 3.0 "salt -C 'E@^(${NODE_MASK}).*' saltutil.sync_all" +[[ ! "${NODE_MASK}" =~ mas01 ]] || exit 0 + +if [[ "${base_image}" =~ centos ]]; then + # CentOS uses an older kernel, skip non-existing sysctl options + EXCLUDE_IDS="exclude='[{id: linux_kernel_net.core.netdev_budget_usecs}]'" +fi +wait_for 3.0 "salt -C 'E@^(${NODE_MASK}).*' state.sls linux ${EXCLUDE_IDS}" +wait_for 3.0 "salt -C 'E@^(${NODE_MASK}).*' pkg.upgrade refresh=False dist_upgrade=True" + +salt -C "E@^(${NODE_MASK}).*" cmd.run 'reboot' +wait_for 90.0 "salt -C 'E@^(${NODE_MASK}).*' test.ping" +wait_for 3.0 "salt -C 'E@^(${NODE_MASK}).*' state.apply salt,ntp" diff --git a/mcp/deploy/images/.gitkeep b/mcp/deploy/images/.gitkeep deleted file mode 100644 index e69de29bb..000000000 --- a/mcp/deploy/images/.gitkeep +++ /dev/null diff --git a/mcp/deploy/scripts b/mcp/deploy/scripts deleted file mode 160000 -Subproject 4c9818260372459977be1cc4a3869b871ddba0a diff --git a/mcp/patches/0001-opendaylight-formula-neutron.patch b/mcp/patches/0001-opendaylight-formula-neutron.patch deleted file mode 100644 index 8d02cd992..000000000 --- a/mcp/patches/0001-opendaylight-formula-neutron.patch +++ /dev/null @@ -1,135 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Michael Polenchuk <mpolenchuk@mirantis.com> -Date: Thu, 29 Jun 2017 12:05:25 +0400 -Subject: [PATCH] Bring in opendaylight support - -Change-Id: Ie9073fafccba336f94b1996bd85c98d7a7f5060b - -diff --git a/neutron/files/ocata/dhcp_agent.ini b/neutron/files/ocata/dhcp_agent.ini -index d327e64..739dddf 100644 ---- a/neutron/files/ocata/dhcp_agent.ini -+++ b/neutron/files/ocata/dhcp_agent.ini -@@ -1,3 +1,8 @@ -+{%- if pillar.neutron.gateway is defined %} -+{%- from "neutron/map.jinja" import gateway as neutron with context %} -+{%- else %} -+{%- from "neutron/map.jinja" import compute as neutron with context %} -+{%- endif %} - [DEFAULT] - - # -@@ -48,6 +53,7 @@ enable_isolated_metadata = True - # this value will force the DHCP server to append specific host routes to the DHCP request. If this option is set, then the metadata service - # will be activated for all the networks. (boolean value) - #force_metadata = false -+{% if neutron.backend.router is defined %}force_metadata = True{% endif %} - - # Allows for serving metadata requests coming from a dedicated metadata access network whose CIDR is 169.254.169.254/16 (or larger prefix), - # and is connected to a Neutron router from which the VMs send metadata:1 request. In this case DHCP Option 121 will not be injected in VMs, -diff --git a/neutron/files/ocata/ml2_conf.ini b/neutron/files/ocata/ml2_conf.ini -index b61e313..02da3b1 100644 ---- a/neutron/files/ocata/ml2_conf.ini -+++ b/neutron/files/ocata/ml2_conf.ini -@@ -134,7 +134,8 @@ tenant_network_types = {{ server.backend.tenant_network_types }} - {%- for mechanism_name, mechanism in server.get('backend', {}).get('mechanism', []).items() %} - {%- do mechanism_drivers.append(mechanism.get('driver')) if 'driver' in mechanism %} - {%- endfor %} --{%- if "vxlan" in server.backend.tenant_network_types %} -+{%- set opendaylight_enabled = true if 'opendaylight' in mechanism_drivers|join else false %} -+{%- if "vxlan" in server.backend.tenant_network_types and not opendaylight_enabled %} - {%- do mechanism_drivers.append('l2population') %} - {%- endif %} - mechanism_drivers = {{ ','.join(mechanism_drivers) }} -@@ -311,3 +312,11 @@ ovn_nb_connection = tcp:{{ server.controller_vip }}:6641 - ovn_sb_connection = tcp:{{ server.controller_vip }}:6642 - ovn_l3_scheduler = leastloaded - {%- endif %} -+ -+{%- if opendaylight_enabled %} -+[ml2_odl] -+port_binding_controller = pseudo-agentdb-binding -+url = http://{{ server.backend.host }}:{{ server.backend.rest_api_port }}/controller/nb/v2/neutron -+username = {{ server.backend.user }} -+password = {{ server.backend.password }} -+{%- endif %} -diff --git a/neutron/files/ocata/neutron-generic.conf.Debian b/neutron/files/ocata/neutron-generic.conf.Debian -index 123386d..d77f6c8 100644 ---- a/neutron/files/ocata/neutron-generic.conf.Debian -+++ b/neutron/files/ocata/neutron-generic.conf.Debian -@@ -37,7 +37,7 @@ auth_strategy = keystone - - core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin - --service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.metering.metering_plugin.MeteringPlugin -+service_plugins = {{ neutron.backend.get('router', 'router')}}, metering - - {% endif %} - -@@ -668,7 +668,7 @@ root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf - # needs to execute commands in Dom0 in the hypervisor of XenServer, this item - # should be set to 'xenapi_root_helper', so that it will keep a XenAPI session - # to pass commands to Dom0. (string value) --root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf -+#root_helper_daemon = <None> - - # Seconds between nodes reporting state to server; should be less than - # agent_down_time, best if it is half or less than agent_down_time. (floating -@@ -2092,3 +2092,8 @@ heartbeat_rate = 2 - # Sets the list of available ciphers. value should be a string in the OpenSSL - # cipher list format. (string value) - #ciphers = <None> -+ -+{%- if neutron.backend.ovsdb_connection is defined %} -+[ovs] -+ovsdb_connection = {{ neutron.backend.ovsdb_connection }} -+{%- endif %} -diff --git a/neutron/files/ocata/neutron-server.conf.Debian b/neutron/files/ocata/neutron-server.conf.Debian -index 79376a2..a7a4645 100644 ---- a/neutron/files/ocata/neutron-server.conf.Debian -+++ b/neutron/files/ocata/neutron-server.conf.Debian -@@ -50,7 +50,7 @@ core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin - {% set l3_plugin = 'networking_ovn.l3.l3_ovn.OVNL3RouterPlugin' %} - {% endif %} - --service_plugins ={{ l3_plugin }}, neutron.services.metering.metering_plugin.MeteringPlugin -+service_plugins = {{ server.backend.get('router', l3_plugin)}}, metering - {%- if server.lbaas is defined -%},lbaasv2{%- endif -%} - {%- if fwaas.get('enabled', False) -%},{{ fwaas[fwaas.api_version]['service_plugin'] }}{%- endif -%} - {%- if server.get('qos', 'True') -%},neutron.services.qos.qos_plugin.QoSPlugin{%- endif -%} -@@ -703,7 +703,7 @@ root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf - # needs to execute commands in Dom0 in the hypervisor of XenServer, this item - # should be set to 'xenapi_root_helper', so that it will keep a XenAPI session - # to pass commands to Dom0. (string value) --root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf -+#root_helper_daemon = <None> - - # Seconds between nodes reporting state to server; should be less than - # agent_down_time, best if it is half or less than agent_down_time. (floating -@@ -2245,3 +2245,8 @@ username = {{ server.identity.user }} - password = {{ server.identity.password }} - auth_url=http://{{ server.identity.host }}:35357 - {%- endif %} -+ -+{%- if server.backend.ovsdb_connection is defined %} -+[ovs] -+ovsdb_connection = {{ server.backend.ovsdb_connection }} -+{%- endif %} -diff --git a/neutron/gateway.sls b/neutron/gateway.sls -index 81513d8..7ec9b91 100644 ---- a/neutron/gateway.sls -+++ b/neutron/gateway.sls -@@ -32,6 +32,7 @@ neutron_gateway_packages: - /etc/neutron/dhcp_agent.ini: - file.managed: - - source: salt://neutron/files/{{ gateway.version }}/dhcp_agent.ini -+ - template: jinja - - require: - - pkg: neutron_gateway_packages - diff --git a/mcp/patches/0003-maas-region-force-artifact-download.patch b/mcp/patches/0003-maas-region-force-artifact-download.patch deleted file mode 100644 index 6e6c18fba..000000000 --- a/mcp/patches/0003-maas-region-force-artifact-download.patch +++ /dev/null @@ -1,73 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sat, 5 Aug 2017 02:03:01 +0200 -Subject: [PATCH] maas: region: force artifact download - -MaaS configuration fails until all required artifacts are in place, -including bootloaders and target images. - -Hack around this by forcing an explicit artifact sync. - -NOTE: This is probably achievable through existing maas salt custom -module (py) and/or minor rework on that. -This fixup should be temporary at best. - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - -diff --git a/maas/region.sls b/maas/region.sls ---- a/maas/region.sls -+++ b/maas/region.sls -@@ -109,11 +109,19 @@ - cmd.run: - - name: "maas-region apikey --username {{ region.admin.username }} > /var/lib/maas/.maas_credentials" - -+maas_force_artifact_sync: -+ cmd.script: -+ - name: salt://maas/files/maas-artifact-sync.sh -+ - template: jinja -+ - shell: /bin/bash -+ - require: -+ - cmd: maas_login_admin -+ - maas_config: - module.run: - - name: maas.process_maas_config - - require: -- - cmd: maas_login_admin -+ - cmd: maas_force_artifact_sync - - maas_commissioning_scripts: - module.run: -diff --git a/maas/files/maas-artifact-sync.sh b/maas/files/maas-artifact-sync.sh -new file mode 100644 ---- /dev/null -+++ b/maas/files/maas-artifact-sync.sh -@@ -0,0 +1,20 @@ -+{%- from "maas/map.jinja" import region with context %} -+#!/bin/bash -+function wait_for { -+ local total_attempts=$1; shift -+ local cmdstr=$@ -+ local sleep_time=10 -+ echo -e "\n[NOTE] Waiting for cmd to return success: ${cmdstr}\n" -+ for attempt in $(seq "${total_attempts}"); do -+ eval "${cmdstr}" && break || true -+ echo -n '.'; sleep "${sleep_time}" -+ done -+} -+maas login {{ region.admin.username }} \ -+ http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < \ -+ /var/lib/maas/.maas_credentials || exit 1 -+# wait max 5 min for service up, 15 min image download, 5 min region to rack sync -+wait_for 30 "maas opnfv boot-resources import" -+wait_for 90 "! maas opnfv boot-resources is-importing | grep -q 'true'" -+maas opnfv rack-controllers import-boot-images || exit 3 -+wait_for 30 "test -d /var/lib/maas/boot-resources/current/ubuntu/amd64" diff --git a/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch b/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch deleted file mode 100644 index a4fb44b05..000000000 --- a/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch +++ /dev/null @@ -1,45 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Charalampos Kominos <Charalampos.Kominos@enea.com> -Date: Sat, 5 Aug 2017 02:03:01 +0200 -Subject: [PATCH] maas: region: use authorized_keys 1st entry - -MaaS custom py modules accepts the "sshprefs" variable via pillar, -however we want to read it from ~ubuntu/.ssh/authorized_keys. - -Bypass the py module and call MaaS CLI directly, passing the first -authorized key, which should be mcp.rsa.pub. - -Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com> ---- - -diff --git a/maas/region.sls b/maas/region.sls ---- a/maas/region.sls -+++ b/maas/region.sls -@@ -242,12 +242,16 @@ - - require: - - module: maas_config - --{%- if region.get('sshprefs', False) %} - maas_sshprefs: -- module.run: -- - name: maas.process_sshprefs -+# NOTE(armband): maas.process_sshprefs also works, but we need to read the key -+# from authorized_keys. Should be reworked at some point. -+# module.run: -+# - name: maas.process_sshprefs -+# - require: -+ cmd.run: -+ - name: "maas login {{ region.admin.username }} http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && SSH_KEY=$(cat authorized_keys | head -1) && (maas opnfv sshkeys read | grep -q \"$SSH_KEY\" || maas opnfv sshkeys create \"key=$SSH_KEY\")" -+ - cwd: "/home/ubuntu/.ssh" - - require: - - module: maas_config --{%- endif %} - - {%- endif %} diff --git a/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch b/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch deleted file mode 100644 index 4c626badf..000000000 --- a/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch +++ /dev/null @@ -1,65 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sat, 19 Aug 2017 02:03:01 +0200 -Subject: [PATCH] maas: module: Obtain fabric ID from CIDR - -MaaS subnet update requires specifying the correct fabric via reclass, -which we used to hardcode in our OPNFV reclass model to fabric-2. -However, fabric index numbers are not deterministic, so the old -method is unreliable. - -Update MaaS custom py module to determine fabric name/ID on the -fly, based on CIDR matching (assuming we don't have CIDR conflicts). - -This change maintains backwards compatibility: -- if fabric is specified via reclass model, it will be used as-is; -- if fabric is not specified via reclass model, we try to deduce it - based on CIDR; if no match is found, the old default ('') is used; - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com> ---- - -diff --git a/_modules/maas.py b/_modules/maas.py ---- a/_modules/maas.py -+++ b/_modules/maas.py -@@ -126,6 +126,8 @@ - - def process_single(name, config_data): - self._update = False -+ if isinstance(config_data, dict) and 'name' in config_data: -+ name = config_data['name'] - try: - data = self.fill_data(name, config_data, **extra) - if data is None: -@@ -198,7 +198,8 @@ - def fill_data(self, name, subnet, fabrics): - data = { - 'name': name, -- 'fabric': str(fabrics[subnet.get('fabric', '')]), -+ 'fabric': str(fabrics[subnet.get('fabric', -+ self._get_fabric_from_cidr(subnet.get('cidr')))]), - 'cidr': subnet.get('cidr'), - 'gateway_ip': subnet['gateway_ip'], - } -@@ -215,6 +216,13 @@ - self._process_iprange(res_json['id']) - return response - -+ def _get_fabric_from_cidr(self, cidr): -+ subnets = json.loads(self._maas.get(u'api/2.0/subnets/').read()) -+ for subnet in subnets: -+ if subnet['cidr'] == cidr: -+ return subnet['vlan']['fabric'] -+ return '' -+ - def _process_iprange(self, subnet_id): - ipranges = json.loads(self._maas.get(u'api/2.0/ipranges/').read()) - LOG.warn('all %s ipranges %s', subnet_id, ipranges) diff --git a/mcp/patches/0006-maas-module-Add-VLAN-DHCP-enable-support.patch b/mcp/patches/0006-maas-module-Add-VLAN-DHCP-enable-support.patch deleted file mode 100644 index 8d4a72c9a..000000000 --- a/mcp/patches/0006-maas-module-Add-VLAN-DHCP-enable-support.patch +++ /dev/null @@ -1,89 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sat, 19 Aug 2017 02:03:01 +0200 -Subject: [PATCH] maas: module: Add VLAN DHCP enable support - -MaaS custom py module does not support VLAN configuration. -This should be implemented by adding a dedicated class for VLAN. -However, we are only interested in updating an existign VLAN to -enable DHCP on an existing IP range (set up via subnet configuration), -so extend existing subnet handling to include basic VLAN update. - -NOTE: Design-wise, this is hacky, and its only purpose is to allow -setting 'dhcp_on=True' for an existing VLAN. - -Example reclass model usage: -maas: - region: - subnets: - 192.168.11.0/24: - # ... - vlans: - untagged: - vid: 0 - dhcp_on: true - primary_rack: mas01 - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - -diff --git a/_modules/maas.py b/_modules/maas.py -index d3227ca..8a2243d 100644 ---- a/_modules/maas.py -+++ b/_modules/maas.py -@@ -204,6 +204,7 @@ - 'gateway_ip': subnet['gateway_ip'], - } - self._iprange = subnet['iprange'] -+ self._vlans = subnet['vlans'] - return data - - def update(self, new, old): -@@ -214,6 +215,7 @@ - response = super(Subnet, self).send(data) - res_json = json.loads(response) - self._process_iprange(res_json['id']) -+ self._process_dhcp_vlans_update(data) - return response - - def _get_fabric_from_cidr(self, cidr): -@@ -248,6 +250,32 @@ - else: - self._maas.post(u'api/2.0/ipranges/', None, **data) - -+ def _process_dhcp_vlans_update(self, subnet_data): -+ fabric_vlans = json.loads(self._maas.get(u'api/2.0/fabrics/{0}/vlans/' -+ .format(subnet_data['fabric'])).read()) -+ LOG.warn('all fabric %s vlans %s', subnet_data['fabric'], fabric_vlans) -+ for vlan_name, vlan_data in self._vlans.iteritems(): -+ update = False -+ old_data = None -+ for fabric_vlan in fabric_vlans: -+ if fabric_vlan['vid'] == vlan_data['vid']: -+ update = True -+ old_data = fabric_vlan -+ break -+ data = { -+ 'mtu': str(vlan_data.get('mtu', 1500)), -+ 'dhcp_on': str(vlan_data.get('dhcp_on')), -+ 'primary_rack': str(vlan_data.get('primary_rack')), -+ 'secondary_rack': str(vlan_data.get('secondary_rack', '')) -+ } -+ if update: -+ LOG.warn('UPDATING %s %s', data, old_data) -+ self._maas.put(u'api/2.0/fabrics/{0}/vlans/{1}/' -+ .format(subnet_data['fabric'], old_data['vid']), -+ **data) -+ else: -+ LOG.warn('MISSING vlan %s, not doing anything', data) -+ - - class DHCPSnippet(MaasObject): - def __init__(self): diff --git a/mcp/patches/0007-network.interface-Fix-ifup-OVS-port-with-route.patch b/mcp/patches/0007-network.interface-Fix-ifup-OVS-port-with-route.patch deleted file mode 100644 index 49b2b88cc..000000000 --- a/mcp/patches/0007-network.interface-Fix-ifup-OVS-port-with-route.patch +++ /dev/null @@ -1,39 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sun, 31 Dec 2017 16:06:30 +0100 -Subject: [PATCH] network.interface: Fix ifup OVS port with route - -This change attempts to fix the following sequence for nodes with -OVS ports that also have routes defined: -- state.sls linux.network; system.reboot; state.sls linux.network; - -If an OVS port also has a route defined, a route cfg file is -created in </etc/network/if.{down,up}.d/>, which is sourced after -system reboot before we (eventually) re-run `interface.sls`, leaving -the OVS port in UP state, so `ifup` would fail. - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - linux/network/interface.sls | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/linux/network/interface.sls b/linux/network/interface.sls -index 921ceac..3bba64e 100644 ---- a/linux/network/interface.sls -+++ b/linux/network/interface.sls -@@ -146,6 +146,8 @@ ovs_port_up_{{ interface_name }}: - - file: ovs_port_{{ interface_name }}_line2 - - openvswitch_bridge: ovs_bridge_{{ interface.bridge }} - - file: linux_interfaces_final_include -+ - unless: -+ - ip link show {{ interface_name }} | grep -q '\<UP\>' - - {%- endif %} - diff --git a/mcp/patches/0008-Handle-file_recv-option.patch b/mcp/patches/0008-Handle-file_recv-option.patch deleted file mode 100644 index b0c497ae1..000000000 --- a/mcp/patches/0008-Handle-file_recv-option.patch +++ /dev/null @@ -1,26 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Michael Polenchuk <mpolenchuk@mirantis.com> -Date: Mon, 28 Aug 2017 16:17:43 +0400 -Subject: [PATCH] Handle file_recv option - - -diff --git a/salt/files/master.conf b/salt/files/master.conf -index 329ae0d..a9d9656 100644 ---- a/salt/files/master.conf -+++ b/salt/files/master.conf -@@ -95,6 +95,8 @@ logstash_zmq_handler: - order_masters: True - {%- endif %} - -+file_recv: {{ master.get('file_recv', False) }} -+ - {#- - vim: syntax=jinja - -#} diff --git a/mcp/patches/0009-controller-Use-keystoneclient-to-check-project-ID.patch b/mcp/patches/0009-controller-Use-keystoneclient-to-check-project-ID.patch deleted file mode 100644 index ed34e0646..000000000 --- a/mcp/patches/0009-controller-Use-keystoneclient-to-check-project-ID.patch +++ /dev/null @@ -1,168 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Wed, 3 Jan 2018 00:50:50 +0100 -Subject: [PATCH] controller: Use keystoneclient to check project ID - -Port fix from [1] for using the internal network when connecting -to keystone during project ID validation in nova, instead of -going through public endpoint (and using SSL). - -[1] https://bugs.launchpad.net/nova/+bug/1716344 - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - nova/controller.sls | 10 ++ - ...keystoneclient-to-check-project-ID-exists.patch | 116 +++++++++++++++++++++ - 2 files changed, 126 insertions(+) - create mode 100644 nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch - -diff --git a/nova/controller.sls b/nova/controller.sls -index a55d037..59af945 100644 ---- a/nova/controller.sls -+++ b/nova/controller.sls -@@ -71,6 +71,16 @@ contrail_nova_packages: - - {%- endif %} - -+nova-api-openstack-identity-patch: -+ file.patch: -+ - name: /usr/lib/python2.7/dist-packages -+ - source: salt://nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch -+ - hash: False -+ - options: '-p1' -+ - unless: 'test -f /var/cache/salt/minion/files/base/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch && cd /usr/lib/python2.7/dist-packages && patch -p1 -R --dry-run /var/cache/salt/minion/files/base/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch' -+ - require: -+ - pkg: nova_controller_packages -+ - /etc/nova/nova.conf: - file.managed: - - source: salt://nova/files/{{ controller.version }}/nova-controller.conf.{{ grains.os_family }} -diff --git a/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch b/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch -new file mode 100644 -index 0000000..58d027e ---- /dev/null -+++ b/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch -@@ -0,0 +1,116 @@ -+From: Christoph Fiehe <fiehe@gmx.de> -+Date: Wed, 3 Jan 2018 00:11:20 +0100 -+Subject: [PATCH] Use keystoneclient to check project ID exists -+ -+Based on Christoph's implementation proposed in [1]. -+ -+[1] https://bugs.launchpad.net/nova/+bug/1716344 -+ -+Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -+--- -+ nova/api/openstack/identity.py | 81 ++++++++++++++++-------------------------- -+ 1 file changed, 30 insertions(+), 51 deletions(-) -+ -+diff --git a/nova/api/openstack/identity.py b/nova/api/openstack/identity.py -+index 833d3b5..3269cec 100644 -+--- a/nova/api/openstack/identity.py -++++ b/nova/api/openstack/identity.py -+@@ -12,16 +12,15 @@ -+ # License for the specific language governing permissions and limitations -+ # under the License. -+ -+-from keystoneauth1 import exceptions as kse -+-from keystoneauth1 import loading as ks_loading -++from keystoneauth1 import session -++from keystoneclient import exceptions as kse -++from keystoneclient.v3 import client -+ from oslo_log import log as logging -+ import webob -+ -+-import nova.conf -+ from nova.i18n import _ -+ -+ -+-CONF = nova.conf.CONF -+ LOG = logging.getLogger(__name__) -+ -+ -+@@ -32,51 +31,31 @@ def verify_project_id(context, project_id): -+ an HTTPBadRequest is emitted. -+ -+ """ -+- sess = ks_loading.load_session_from_conf_options( -+- CONF, 'keystone', auth=context.get_auth_plugin()) -+- -+- failure = webob.exc.HTTPBadRequest( -+- explanation=_("Project ID %s is not a valid project.") % -+- project_id) -++ auth = context.get_auth_plugin() -++ sess = session.Session(auth=auth) -++ keystone = client.Client(session=sess) -+ try: -+- resp = sess.get('/projects/%s' % project_id, -+- endpoint_filter={ -+- 'service_type': 'identity', -+- 'version': (3, 0) -+- }, -+- raise_exc=False) -+- except kse.EndpointNotFound: -+- LOG.error( -+- "Keystone identity service version 3.0 was not found. This might " -+- "be because your endpoint points to the v2.0 versioned endpoint " -+- "which is not supported. Please fix this.") -+- raise failure -+- except kse.ClientException: -+- # something is wrong, like there isn't a keystone v3 endpoint, -+- # we'll take the pass and default to everything being ok. -+- LOG.exception("Unable to contact keystone to verify project_id") -+- return True -+- -+- if resp: -+- # All is good with this 20x status -+- return True -+- elif resp.status_code == 404: -+- # we got access, and we know this project is not there -+- raise failure -+- elif resp.status_code == 403: -+- # we don't have enough permission to verify this, so default -+- # to "it's ok". -+- LOG.info( -+- "Insufficient permissions for user %(user)s to verify " -+- "existence of project_id %(pid)s", -+- {"user": context.user_id, "pid": project_id}) -+- return True -+- else: -+- LOG.warning( -+- "Unexpected response from keystone trying to " -+- "verify project_id %(pid)s - resp: %(code)s %(content)s", -+- {"pid": project_id, -+- "code": resp.status_code, -+- "content": resp.content}) -+- # realize we did something wrong, but move on with a warning -+- return True -++ project = keystone.projects.get(project_id) -++ except kse.ClientException as e: -++ if e.http_status == 404: -++ # we got access, and we know this project is not there -++ raise webob.exc.HTTPBadRequest( -++ explanation=_("Project ID %s is not a valid project.") % -++ project_id) -++ elif e.http_status == 403: -++ # we don't have enough permission to verify this, so default -++ # to "it's ok". -++ LOG.info( -++ "Insufficient permissions for user %(user)s to verify " -++ "existence of project_id %(pid)s", -++ {"user": context.user_id, "pid": project_id}) -++ return True -++ else: -++ LOG.warning( -++ "Unexpected response from keystone trying to " -++ "verify project_id %(pid)s - resp: %(code)s %(content)s", -++ {"pid": project_id, -++ "code": resp.status_code, -++ "content": resp.content}) -++ # realize we did something wrong, but move on with a warning -++ return True diff --git a/mcp/patches/0012-linux.storage.lvm-Disable-filter.patch b/mcp/patches/0012-linux.storage.lvm-Disable-filter.patch deleted file mode 100644 index de74fadcd..000000000 --- a/mcp/patches/0012-linux.storage.lvm-Disable-filter.patch +++ /dev/null @@ -1,35 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sat, 18 Nov 2017 22:03:01 +0200 -Subject: [PATCH] linux.storage.lvm: Disable filter - -Due to upstream bug [1], mixing OS-managed LVM volumes with Cinder -LVM volumes leads to a broken filter value in lvm.conf. -Temporarily disable the filter (whitelisting all devices, similar -to no-Cinder use-cases) until upstream bug is fixed. - -[1] https://github.com/salt-formulas/salt-formula-linux/issues/127 - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - -diff --git a/linux/files/lvm.conf b/linux/files/lvm.conf ---- a/linux/files/lvm.conf -+++ b/linux/files/lvm.conf -@@ -129,7 +129,8 @@ - # Example - # Accept every block device: - -- filter = [ {%- for vgname, vg in storage.lvm.iteritems() %}{%- if vg.get('enabled', True) %}{%- for dev in vg.devices %}"a|{{ dev }}*|"{%- if not loop.last %},{%- endif %}{%- endfor %}{%- endif %}{%- endfor %}, "r|.*|" ] -+ # NOTE(opnfv): https://github.com/salt-formulas/salt-formula-linux/issues/127 -+ # filter = [ {%- for vgname, vg in storage.lvm.iteritems() %}{%- if vg.get('enabled', True) %}{%- for dev in vg.devices %}"a|{{ dev }}*|"{%- if not loop.last %},{%- endif %}{%- endfor %}{%- endif %}{%- endfor %}, "r|.*|" ] - - # filter = [ "a|.*/|" ] - # Reject the cdrom drive: diff --git a/mcp/patches/Makefile b/mcp/patches/Makefile index be3eb9ee5..e0a1c34ce 100644 --- a/mcp/patches/Makefile +++ b/mcp/patches/Makefile @@ -25,7 +25,7 @@ FPATCHES = $(shell find ${F_PATCH_DIR} -name '*.patch') # In order to keep things sort of separate, we should only pass up (to main # Makefile) the fully-patched repos, and gather any fingerprinting info here. -# Fuel@OPNFV relies on upstream git repos (one per component) in 1 of 2 ways: +# OPNFV Fuel relies on upstream git repos (one per component) in 1 of 2 ways: # - pinned down to tag objects (e.g. "9.0.1") # - tracking upstream remote HEAD on a stable or master branch # FIXME(alav): Should we support mixed cases? (e.g. pin down only fuel-main) diff --git a/mcp/patches/README.rst b/mcp/patches/README.rst index 735b70341..28af0e8f7 100644 --- a/mcp/patches/README.rst +++ b/mcp/patches/README.rst @@ -1,30 +1,30 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. SPDX-License-Identifier: CC-BY-4.0 -.. (c) 2017 Mirantis Inc., Enea AB and others. +.. (c) 2018 Mirantis Inc., Enea AB and others. ========================================== -Fuel@OPNFV submodule fetching and patching +OPNFV Fuel Submodule Fetching and Patching ========================================== This directory holds submodule fetching/patching scripts, intended for -working with upstream Fuel/MCP components (e.g.: reclass-system-salt-model) in -developing/applying OPNFV patches (backports, custom fixes etc.). +working with upstream Fuel/MCP components (e.g.: ``reclass-system-salt-model``) +in developing/applying OPNFV patches (backports, custom fixes etc.). The scripts should be friendly to the following 2 use-cases: - - development work: easily cloning, binding repos to specific commits, - remote tracking, patch development etc.; - - to provide parent build scripts an easy method of tracking upstream - references and applying OPNFV patches on top; +- development work: easily cloning, binding repos to specific commits, + remote tracking, patch development etc.; +- to provide parent build scripts an easy method of tracking upstream + references and applying OPNFV patches on top; Also, we need to support at least the following modes of operations: - - submodule bind - each submodule patches will be based on the commit ID - saved in the .gitmodules config file; - - remote tracking - each submodule will sync with the upstream remote - and patches will be applied on top of <sub_remote>/<sub_branch>/HEAD; +- submodule bind - each submodule patches will be based on the commit ID + saved in the ``.gitmodules`` config file; +- remote tracking - each submodule will sync with the upstream remote + and patches will be applied on top of ``<sub_remote>/<sub_branch>/HEAD``; -Workflow (development) +Workflow (Development) ====================== The standard development workflow should look as follows: @@ -32,114 +32,116 @@ The standard development workflow should look as follows: Decide whether remote tracking should be active or not ------------------------------------------------------ -NOTE: Setting the following var to any non-empty str enables remote track. +.. NOTE:: -NOTE: Leaving unset will enable remote track for anything but stable branch. + Setting the following var to any non-empty str enables remote track. - .. code-block:: bash +.. code-block:: console - $ export FUEL_TRACK_REMOTES="" + developer@machine:~/fuel$ export FUEL_TRACK_REMOTES="" Initialize git submodules ------------------------- -All Fuel sub-projects are registered as submodules. +All Fuel direct dependency projects are registered as submodules. If remote tracking is active, upstream remote is queried and latest remote -branch HEAD is fetched. Otherwise, checkout commit IDs from .gitmodules. +branch ``HEAD`` is fetched. Otherwise, checkout commit IDs from ``.gitmodules``. - .. code-block:: bash +.. code-block:: console - $ make sub + developer@machine:~/fuel$ make -C mcp/patches sub -Apply patches from `patches/<sub-project>/*` to respective submodules ---------------------------------------------------------------------- +Apply patches from ``patches/<sub-project>/*`` to respective submodules +----------------------------------------------------------------------- This will result in creation of: -- a tag called `${FUEL_MAIN_TAG}-opnfv-root` at the same commit as Fuel@OPNFV - upstream reference (bound to git submodule OR tracking remote HEAD); -- a new branch `opnfv-fuel` which will hold all the OPNFV patches, - each patch is applied on this new branch with `git-am`; -- a tag called `${FUEL_MAIN_TAG}-opnfv` at `opnfv-fuel/HEAD`; +- a tag called ``${F_OPNFV_TAG}-root`` at the same commit as OPNFV Fuel + upstream reference (bound to git submodule OR tracking remote ``HEAD``); +- a new branch ``nightly`` which will hold all the OPNFV patches, + each patch is applied on this new branch with ``git-am``; +- a tag called ``${F_OPNFV_TAG}`` at ``nightly/HEAD``; +- for each (sub)directory of ``patches/<sub-project>``, another pair of tags + ``${F_OPNFV_TAG}-<sub-directory>-fuel/patch-root`` and + ``${F_OPNFV_TAG}-<sub-directory>-fuel/patch`` are also created; - .. code-block:: bash +.. code-block:: console - $ make patches-import + developer@machine:~/fuel$ make -C mcp/patches patches-import Modify sub-projects for whatever you need ----------------------------------------- -Commit your changes when you want them taken into account in the build. +To add/change OPNFV-specific patches for a sub-project: -Re-create patches +- commit your changes inside the git submodule(s); +- move the git tag to the new reference so ``make patches-export`` will + pick up the new commit later; + +.. code-block:: console + + developer@machine:~/fuel$ cd ./path/to/submodule + developer@machine:~/fuel/path/to/submodule$ # ... + developer@machine:~/fuel/path/to/submodule$ git commit + developer@machine:~/fuel/path/to/submodule$ git tag -f ${F_OPNFV_TAG}-fuel/patch + +Re-create Patches ----------------- -Each commit on `opnfv-fuel` branch of each subproject will be -exported to `patches/subproject/` via `git format-patch`. +Each commit on ``nightly`` branch of each subproject will be +exported to ``patches/subproject/`` via ``git format-patch``. + +.. NOTE:: + + Only commit submodule file changes when you need to bump upstream refs. -NOTE: Only commit (-f) submodules when you need to bump upstream ref. +.. WARNING:: -NOTE: DO NOT commit patched submodules! + DO NOT commit patched submodules! - .. code-block:: bash +.. code-block:: console - $ make patches-export + developer@machine:~/fuel$ make -C mcp/patches patches-export patches-copyright -Clean workbench branches and tags +Clean Workbench Branches and Tags --------------------------------- - .. code-block:: bash +.. code-block:: console - $ make clean + developer@machine:~/fuel$ make -C mcp/patches clean -De-initialize submodules and force a clean clone +De-initialize Submodules and Force a Clean Clone ------------------------------------------------ - .. code-block:: bash +.. code-block:: console - $ make deepclean + developer@machine:~/fuel$ make -C mcp/patches deepclean -Sub-project maintenance +Sub-project Maintenance ======================= -Adding a new submodule +Adding a New Submodule ---------------------- -If you need to add another subproject, you can do it with `git submodule`. -Make sure that you specify branch (with `-b`), short name (with `--name`): - - .. code-block:: bash - - $ git submodule -b master add --name reclass-system-salt-model - https://github.com/Mirantis/reclass-system-salt-model - relative/path/to/submodule - -Working with remote tracking for upgrading Fuel components ----------------------------------------------------------- - -Enable remote tracking as described above, which at `make sub` will update -ALL submodules (e.g. reclass-system-salt-model) to remote branch (set in -.gitmodules) HEAD. +If you need to add another subproject, you can do it with ``git submodule``. +Make sure that you specify branch (with ``-b``), short name (with ``--name``): -* If upstream has NOT already tagged a new version, we can still work on - our patches, make sure they apply etc., then check for new upstream - changes (and that our patches still apply on top of them) by: +.. code-block:: console -* If upstream has already tagged a new version we want to pick up, checkout - the new tag in each submodule: + developer@machine:~/fuel$ git submodule -b master add --name reclass-system-salt-model \ + https://github.com/Mirantis/reclass-system-salt-model \ + mcp/reclass/classes/system -* Once satisfied with the patch and submodule changes, commit them: +Working with Remote Tracking +---------------------------- - - enforce FUEL_TRACK_REMOTES to "yes" if you want to constatly use the - latest remote branch HEAD (as soon as upstream pushes a change on that - branch, our next build will automatically include it - risk of our - patches colliding with new upstream changes); - - stage patch changes if any; - - if submodule tags have been updated (relevant when remote tracking is - disabled, i.e. we have a stable upstream baseline), add submodules; +Enable remote tracking as described above, which at ``make sub`` will update +ALL submodules (e.g. ``reclass-system-salt-model``) to remote branch (set in +``.gitmodules``) ``HEAD``. - .. code-block:: bash +.. WARNING:: - $ make deepclean patches-import - $ git submodule foreach 'git checkout <newtag>' - $ make deepclean sub && git add -f relative/path/to/submodule + Enforce ``FUEL_TRACK_REMOTES`` to ``yes`` only if you want to constatly + use the latest remote branch ``HEAD`` (as soon as upstream pushes a change + on that branch, our next build will automatically include it - risk of our + patches colliding with new upstream changes) - for **ALL** submodules. diff --git a/mcp/patches/config.mk b/mcp/patches/config.mk index 260cbf829..5e5d3b327 100644 --- a/mcp/patches/config.mk +++ b/mcp/patches/config.mk @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2015,2016,2017 Ericsson AB, Enea AB and others. +# Copyright (c) 2018 Ericsson AB, Enea AB and others. # stefan.k.berg@ericsson.com # jonas.bjurel@ericsson.com # All rights reserved. This program and the accompanying materials @@ -18,6 +18,5 @@ F_GIT_DIR := $(shell git rev-parse --git-dir) F_PATCH_DIR := $(shell pwd) F_OPNFV_TAG := master-opnfv -# for the patches applying purposes (empty git config in docker build container) export GIT_COMMITTER_NAME?=Fuel OPNFV export GIT_COMMITTER_EMAIL?=fuel@opnfv.org diff --git a/mcp/patches/docker/0001-tasks.py-Allow-passing-extra-build-arg.patch b/mcp/patches/docker/0001-tasks.py-Allow-passing-extra-build-arg.patch new file mode 100644 index 000000000..9abbfb0b2 --- /dev/null +++ b/mcp/patches/docker/0001-tasks.py-Allow-passing-extra-build-arg.patch @@ -0,0 +1,59 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Sun, 9 Sep 2018 23:18:39 +0200 +Subject: [PATCH] tasks.py: Allow passing extra --build-arg + +E.g. A, B with values "a", respectively "b c": +$ invoke build saltmaster-reclass --build-arg-extra='A="a" B="b c"' +will be passed down as: +--build-arg A="a" --build-arg B="b c" + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + tasks.py | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/tasks.py b/tasks.py +index d6bf3bc..59e217d 100644 +--- a/tasks.py ++++ b/tasks.py +@@ -3,6 +3,7 @@ + + + from invoke import Collection, task ++from shlex import split + from string import Template + import re + import ast +@@ -25,7 +26,7 @@ def all(ctx, dry=False, push=False, dry_targets=False, filter=None, **kwargs): + dry=dry, push=push, dry_targets=dry_targets, filter=filter, **kwargs) + + @task +-def build(ctx, target, require=[], dist='debian', dist_rel='stretch', salt=None, formula_rev=None, push=False, dry=False, dry_targets=False, **kwargs): ++def build(ctx, target, require=[], dist='debian', dist_rel='stretch', salt=None, formula_rev=None, push=False, dry=False, dry_targets=False, build_arg_extra='', **kwargs): + + kwargs['dist'] = dist + kwargs['dist_rel'] = dist_rel +@@ -35,6 +36,7 @@ def build(ctx, target, require=[], dist='debian', dist_rel='stretch', salt=None, + kwargs['require'] = require + kwargs['salt'] = salt + kwargs['target'] = target ++ kwargs['build_arg_extra'] = ' --build-arg '.join([''] + split(build_arg_extra.replace('"', '"\\"'))) + # command formating + update + fmt = {'tag': ''} + fmt.update(ctx.dockermake) +@@ -60,6 +62,7 @@ def build(ctx, target, require=[], dist='debian', dist_rel='stretch', salt=None, + \t--requires ${requires} \ + \t--build-arg SALT_VERSION="${salt}" \ + \t--build-arg SALT_FORMULA_VERSION="${formula_rev}" \ ++ \t${build_arg_extra} \ + \t${push} ${options} \ + ${fin}""").safe_substitute(fmt) + ctx.run(cmd.replace(' ', '')) diff --git a/mcp/patches/docker/0002-OPNFV-tag-convention-alignment.patch b/mcp/patches/docker/0002-OPNFV-tag-convention-alignment.patch new file mode 100644 index 000000000..683dc4600 --- /dev/null +++ b/mcp/patches/docker/0002-OPNFV-tag-convention-alignment.patch @@ -0,0 +1,78 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Tue, 21 Aug 2018 02:42:35 +0200 +Subject: [PATCH] OPNFV tag convention alignment + +* (arch)- prefix Docker tags + Hacky implementation that only detects 'arm64', otherwise it will + default to 'amd64'. + Note that Docker arch notation uses 'arm64' instead of 'aarch64'. +* Override Docker tag to align with OPNFV format +* use Docker repository: opnfv/fuel + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + invoke.yml | 2 +- + tasks.py | 7 +++++-- + 2 files changed, 6 insertions(+), 3 deletions(-) + +diff --git a/invoke.yml b/invoke.yml +index 0bd793e..291f4c7 100644 +--- a/invoke.yml ++++ b/invoke.yml +@@ -65,7 +65,7 @@ target: + + dockermake: + destination: 'images' +- repository: 'docker.io/epcim/salt' ++ repository: 'docker.io/opnfv/fuel' + # options: '--no-cache' + # options: '--bust-cache reclass' + # options: '--registry-user epcim' +diff --git a/tasks.py b/tasks.py +index 59e217d..8afbde9 100644 +--- a/tasks.py ++++ b/tasks.py +@@ -7,6 +7,7 @@ from shlex import split + from string import Template + import re + import ast ++import platform + + # TODOs: + # - WIP - use namespace to expose images/targets as inoke tasks # image = Collection('image') +@@ -26,8 +27,9 @@ def all(ctx, dry=False, push=False, dry_targets=False, filter=None, **kwargs): + dry=dry, push=push, dry_targets=dry_targets, filter=filter, **kwargs) + + @task +-def build(ctx, target, require=[], dist='debian', dist_rel='stretch', salt=None, formula_rev=None, push=False, dry=False, dry_targets=False, build_arg_extra='', **kwargs): ++def build(ctx, target, require=[], dist='debian', dist_rel='stretch', salt=None, formula_rev=None, opnfv_tag='latest', push=False, dry=False, dry_targets=False, build_arg_extra='', **kwargs): + ++ kwargs['arch'] = 'arm64' if platform.machine() == 'aarch64' else 'amd64' + kwargs['dist'] = dist + kwargs['dist_rel'] = dist_rel + kwargs['dry'] = True if dry_targets or dry else False +@@ -37,6 +39,7 @@ def build(ctx, target, require=[], dist='debian', dist_rel='stretch', salt=None, + kwargs['salt'] = salt + kwargs['target'] = target + kwargs['build_arg_extra'] = ' --build-arg '.join([''] + split(build_arg_extra.replace('"', '"\\"'))) ++ kwargs['opnfv_tag'] = opnfv_tag + # command formating + update + fmt = {'tag': ''} + fmt.update(ctx.dockermake) +@@ -58,7 +61,7 @@ def build(ctx, target, require=[], dist='debian', dist_rel='stretch', salt=None, + # execute + cmd = Template(""" + ${dry}docker-make -f DockerMake.${dist}.yml -u ${repository}: --name ${target} \ +- \t-t ${dist}-${dist_rel}${tag} \ ++ \t-t ${arch}-${opnfv_tag} \ + \t--requires ${requires} \ + \t--build-arg SALT_VERSION="${salt}" \ + \t--build-arg SALT_FORMULA_VERSION="${formula_rev}" \ diff --git a/mcp/patches/docker/0003-OPNFV-package-installation-Ubuntu-user.patch b/mcp/patches/docker/0003-OPNFV-package-installation-Ubuntu-user.patch new file mode 100644 index 000000000..27df86e8d --- /dev/null +++ b/mcp/patches/docker/0003-OPNFV-package-installation-Ubuntu-user.patch @@ -0,0 +1,112 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Wed, 22 Aug 2018 01:35:06 +0200 +Subject: [PATCH] OPNFV package installation, Ubuntu user + +* Install OpenSSH server (and client), so other OPNFV projects can + easily connect to the Salt master node; +* Install 'salt-formula-gnocchi' distro package (empty git formula + workaround); +* While at it, create 'ubuntu' user so other OPNFV projects don't + have to switch to 'root' login; +* Preinstall `salt_minion_dependency_packages` and + `salt_minion_reclass_dependencies`; +* Pin dockermake to v0.8 to allow using python3.5 for virtualenv, + since python 3.6 is not easily available for Ubuntu Xenial + jump/build hosts. +* Pin jinja2 to 2.11.0 to bypass [1]. + +[1] https://github.com/saltstack/salt/issues/46594 + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + DockerMake.yml | 39 ++++++++++++++++++++++++++++++++++++++- + Pipfile | 4 ++-- + 2 files changed, 40 insertions(+), 3 deletions(-) + +diff --git a/DockerMake.yml b/DockerMake.yml +index 2c75586..f30024c 100644 +--- a/DockerMake.yml ++++ b/DockerMake.yml +@@ -29,6 +29,7 @@ common-cleanup: + + common: + build: | ++ ARG CACHE_INVALIDATE="0" + RUN echo "Layer with common packages" \ + && eval ${LAYER_PKGUPDT} \ + && apt-get upgrade -qy \ +@@ -94,7 +95,7 @@ salt-formulas: + build: | + ARG SALT_FORMULA_VERSION="master" + ENV SALT_FORMULA_VERSION $SALT_FORMULA_VERSION +- ARG SALT_FORMULA_SOURCES="https://github.com/salt-formulas https://github.com/saltstack-formulas" ++ ARG SALT_FORMULA_SOURCES="https://github.com/salt-formulas" + ENV SALT_FORMULA_SOURCES $SALT_FORMULA_SOURCES + ARG SALT_FORMULAS_BASE="/srv/salt/formula" + ENV SALT_FORMULAS_BASE $SALT_FORMULAS_BASE +@@ -108,6 +109,42 @@ salt-formulas: + && bash -c 'source /srv/salt/formula-fetch.sh && setupPyEnv && fetchAll' \ + && eval ${LAYER_CLEANUP} + ++opnfv: ++ build: | ++ # Some formulas have empty git repos, use the package version ++ ARG SALT_FORMULA_VERSION="nightly" ++ ENV SALT_FORMULA_VERSION $SALT_FORMULA_VERSION ++ ARG SALT_FORMULA_LIST="salt-formula-gnocchi" ++ ENV SALT_FORMULA_LIST $SALT_FORMULA_LIST ++ ENV APT_REPOSITORY "deb [arch=amd64] http://apt.mirantis.com/xenial ${SALT_FORMULA_VERSION} salt" ++ ENV APT_REPOSITORY_GPG "http://apt.mirantis.com/public.gpg" ++ RUN echo "Layer extra salt-formulas packages" \ ++ && echo "$APT_REPOSITORY" | tee /etc/apt/sources.list.d/salt-formulas.list >/dev/null \ ++ && curl -sL $APT_REPOSITORY_GPG | $SUDO apt-key add - \ ++ && eval ${LAYER_PKGUPDT} \ ++ && ${LAYER_INSTALL} ${SALT_FORMULA_LIST} -y --fix-missing -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" \ ++ && eval ${LAYER_CLEANUP} ++ RUN echo "Layer with OPNFV packages" \ ++ && eval ${LAYER_PKGUPDT} \ ++ && ${LAYER_INSTALL} \ ++ gawk \ ++ inetutils-ping \ ++ kmod \ ++ net-tools \ ++ openssh-server \ ++ python-futures \ ++ python-m2crypto \ ++ python-msgpack \ ++ python-netaddr \ ++ python-oauth \ ++ python-psutil \ ++ python-yaml \ ++ && useradd -m ubuntu \ ++ && echo 'ubuntu ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/ubuntu \ ++ && python -m pip install -U jinja2==2.11.0 \ ++ && eval ${LAYER_CLEANUP} ++ ++ + wheel: + requires: + - base +diff --git a/Pipfile b/Pipfile +index d3e8d66..340e125 100644 +--- a/Pipfile ++++ b/Pipfile +@@ -7,8 +7,8 @@ name = "pypi" + + [packages] + pygithub = "*" +-docker-make = {git = "https://github.com/avirshup/DockerMake"} +-dockermake = {git = "https://github.com/avirshup/DockerMake"} ++docker-make = {git = "https://github.com/avirshup/DockerMake", ref = "aeac230fd5ab468d806bf42b120aa97f91eb40a2"} ++dockermake = {git = "https://github.com/avirshup/DockerMake", ref = "aeac230fd5ab468d806bf42b120aa97f91eb40a2"} + + [requires] + python_version = "3.6" diff --git a/mcp/patches/docker/0004-reclass-Set-ignore_overwritten_missing_references.patch b/mcp/patches/docker/0004-reclass-Set-ignore_overwritten_missing_references.patch new file mode 100644 index 000000000..0af1e6967 --- /dev/null +++ b/mcp/patches/docker/0004-reclass-Set-ignore_overwritten_missing_references.patch @@ -0,0 +1,34 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Tue, 20 Nov 2018 23:16:44 +0200 +Subject: [PATCH] reclass: Set ignore_overwritten_missing_references + +The recent changes in `reclass` 1.6.x allow configuring this new +option; however the default for it is broken - see [1]. + +[1] https://github.com/salt-formulas/reclass/issues/77 + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + files/reclass/reclass-config.yml | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/files/reclass/reclass-config.yml b/files/reclass/reclass-config.yml +index 00aba49..f4da04c 100644 +--- a/files/reclass/reclass-config.yml ++++ b/files/reclass/reclass-config.yml +@@ -3,6 +3,7 @@ inventory_base_uri: /srv/salt/reclass + pretty_print: True + output: yaml + ++ignore_overwritten_missing_references: True + ignore_class_notfound: True + ignore_class_regexp: + - 'service.*' diff --git a/mcp/patches/docker/0005-Add-saltminion-maas-build-target.patch b/mcp/patches/docker/0005-Add-saltminion-maas-build-target.patch new file mode 100644 index 000000000..889fdcd43 --- /dev/null +++ b/mcp/patches/docker/0005-Add-saltminion-maas-build-target.patch @@ -0,0 +1,108 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Wed, 30 Jan 2019 17:21:03 +0100 +Subject: [PATCH] Add saltminion-maas build target + +--- + DockerMake.yml | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++ + invoke.yml | 5 ++++ + 2 files changed, 69 insertions(+) + +diff --git a/DockerMake.yml b/DockerMake.yml +index f30024c..a23541c 100644 +--- a/DockerMake.yml ++++ b/DockerMake.yml +@@ -50,6 +50,70 @@ common: + && eval ${LAYER_CLEANUP} + + ++maas: ++ requires: ++ - python ++ build: | ++ ENV container docker ++ ARG SALT_VERSION="stable" ++ ENV SALT_VERSION $SALT_VERSION ++ ARG SALT_BOOTSTRAP_OPTS="-PdX ${SALT_VERSION}" ++ ENV SALT_BOOTSTRAP_OPTS $SALT_BOOTSTRAP_OPTS ++ RUN echo "Layer with MaaS, salt-minion packages" \ ++ && eval ${LAYER_PKGUPDT} \ ++ && apt-get upgrade -qy \ ++ && ${LAYER_INSTALL} maas-common systemd \ ++ && find /etc/systemd/system \ ++ /lib/systemd/system \ ++ -path '*.wants/*' \ ++ -not -name '*journald*' \ ++ -not -name '*systemd-tmpfiles*' \ ++ -not -name '*systemd-user-sessions*' \ ++ -exec rm \{} \; \ ++ && systemctl set-default multi-user.target \ ++ && ${LAYER_INSTALL} \ ++ at \ ++ avahi-utils \ ++ dbconfig-pgsql \ ++ ipmitool \ ++ iptables \ ++ iptables-persistent \ ++ iputils-ping \ ++ kmod \ ++ lsb-release \ ++ maas-cli \ ++ maas-dns \ ++ maas-rack-controller \ ++ maas-region-api \ ++ postgresql \ ++ python-futures \ ++ python-m2crypto \ ++ python-msgpack \ ++ python-netaddr \ ++ python-oauth \ ++ python-pip \ ++ python-psutil \ ++ python-setuptools \ ++ python-yaml \ ++ sysfsutils \ ++ tcpdump \ ++ && apt-get download maas-region-controller \ ++ && dpkg-deb --extract maas-region-controller*.deb maas-region-controller \ ++ && dpkg-deb --control maas-region-controller*.deb maas-region-controller/DEBIAN \ ++ && mkdir -p /var/lib/opnfv/etc \ ++ && mv maas-region-controller/DEBIAN/postinst /var/lib/opnfv/maas-region-controller.postinst \ ++ && dpkg-deb --build maas-region-controller \ ++ && dpkg -i maas-region-controller.deb \ ++ && rm -rf maas* \ ++ && mv /var/lib/maas /var/lib/postgresql /var/lib/opnfv/ \ ++ && mv /etc/maas /etc/ssh /var/lib/opnfv/etc/ \ ++ && mv /var/lib/opnfv/maas-region-controller.postinst /var/lib/dpkg/info/ \ ++ && python -m pip install -U jinja2==2.11.0 \ ++ && curl -qL https://raw.githubusercontent.com/saltstack/salt-bootstrap/stable/bootstrap-salt.sh | $SUDO sh -s -- -A cfg01 ${SALT_BOOTSTRAP_OPTS} \ ++ && eval ${LAYER_CLEANUP} ++ ENTRYPOINT ["/bin/bash", "-c", "/entrypoint.sh && exec /lib/systemd/systemd"] ++ ++ + salt: + requires: + - python +diff --git a/invoke.yml b/invoke.yml +index 291f4c7..a2f4614 100644 +--- a/invoke.yml ++++ b/invoke.yml +@@ -62,6 +62,11 @@ target: + # - salt + # require: + # - saltclass ++ saltminion-maas: ++ matrix: ++ - dist ++ require: ++ - maas + + dockermake: + destination: 'images' diff --git a/mcp/patches/docker/0006-Use-archive.repo.saltstack.com-repos.patch b/mcp/patches/docker/0006-Use-archive.repo.saltstack.com-repos.patch new file mode 100644 index 000000000..1889e3a9b --- /dev/null +++ b/mcp/patches/docker/0006-Use-archive.repo.saltstack.com-repos.patch @@ -0,0 +1,42 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Thu, 18 Jun 2020 16:33:35 +0200 +Subject: [PATCH] Use archive.repo.saltstack.com repos + +Saltstack packages for 2017.7 have been archives, use the appropiate +repository URL. + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + DockerMake.yml | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/DockerMake.yml b/DockerMake.yml +index a23541c..5910613 100644 +--- a/DockerMake.yml ++++ b/DockerMake.yml +@@ -109,7 +109,7 @@ maas: + && mv /etc/maas /etc/ssh /var/lib/opnfv/etc/ \ + && mv /var/lib/opnfv/maas-region-controller.postinst /var/lib/dpkg/info/ \ + && python -m pip install -U jinja2==2.11.0 \ +- && curl -qL https://raw.githubusercontent.com/saltstack/salt-bootstrap/stable/bootstrap-salt.sh | $SUDO sh -s -- -A cfg01 ${SALT_BOOTSTRAP_OPTS} \ ++ && curl -qL https://raw.githubusercontent.com/saltstack/salt-bootstrap/stable/bootstrap-salt.sh | $SUDO sh -s -- -A cfg01 -R archive.repo.saltstack.com ${SALT_BOOTSTRAP_OPTS} \ + && eval ${LAYER_CLEANUP} + ENTRYPOINT ["/bin/bash", "-c", "/entrypoint.sh && exec /lib/systemd/systemd"] + +@@ -127,7 +127,7 @@ salt: + RUN echo "Layer salt" \ + && eval ${LAYER_PKGUPDT} \ + && mkdir -p /var/run/salt /var/cache/salt /var/log/salt /etc/salt/pki/master/minions /srv/salt/formula /srv/salt/env \ +- && curl -qL https://raw.githubusercontent.com/saltstack/salt-bootstrap/stable/bootstrap-salt.sh | $SUDO sh -s -- ${SALT_BOOTSTRAP_PKGS} -M -A localhost ${SALT_BOOTSTRAP_OPTS} \ ++ && curl -qL https://raw.githubusercontent.com/saltstack/salt-bootstrap/stable/bootstrap-salt.sh | $SUDO sh -s -- ${SALT_BOOTSTRAP_PKGS} -R archive.repo.saltstack.com -M -A localhost ${SALT_BOOTSTRAP_OPTS} \ + && if ! getent passwd salt > /dev/null;then useradd --system salt; fi \ + && chown -R salt:salt /etc/salt /var/cache/salt /var/log/salt /var/run/salt \ + && eval ${LAYER_CLEANUP} diff --git a/mcp/patches/fuel-patch-copyright.template b/mcp/patches/fuel-patch-copyright.template index 6c52af768..d50bdbe8a 100644 --- a/mcp/patches/fuel-patch-copyright.template +++ b/mcp/patches/fuel-patch-copyright.template @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/patch.sh b/mcp/patches/patch.sh deleted file mode 100755 index 1da3bc597..000000000 --- a/mcp/patches/patch.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -e -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x - -if [ -r "$1" ]; then - while IFS=': ' read -r p_dest p_file; do - if [[ ! "${p_dest}" =~ '^#' ]] && [[ "${p_dest}" =~ $2 ]] && \ - ! patch --dry-run -Rd "${p_dest}" -r - -s -p1 < \ - "/root/fuel/mcp/patches/${p_file}" > /dev/null; then - patch -d "${p_dest}" -p1 < "/root/fuel/mcp/patches/${p_file}" - fi - done < "$1" -fi diff --git a/mcp/patches/patches.list b/mcp/patches/patches.list deleted file mode 100644 index 284f1bcec..000000000 --- a/mcp/patches/patches.list +++ /dev/null @@ -1,18 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -/usr/share/salt-formulas/env: 0001-opendaylight-formula-neutron.patch -/usr/share/salt-formulas/env: 0002-maas-region-skip-credentials-update.patch -/usr/share/salt-formulas/env: 0003-maas-region-force-artifact-download.patch -/usr/share/salt-formulas/env: 0004-maas-region-use-authorized_keys-1st-entry.patch -/usr/share/salt-formulas/env: 0005-maas-module-Obtain-fabric-ID-from-CIDR.patch -/usr/share/salt-formulas/env: 0006-maas-module-Add-VLAN-DHCP-enable-support.patch -/usr/share/salt-formulas/env: 0007-network.interface-Fix-ifup-OVS-port-with-route.patch -/usr/share/salt-formulas/env: 0008-Handle-file_recv-option.patch -/usr/share/salt-formulas/env: 0009-controller-Use-keystoneclient-to-check-project-ID.patch -/usr/share/salt-formulas/env: 0010-maas-region-allow-timeout-override.patch -/usr/share/salt-formulas/env: 0012-linux.storage.lvm-Disable-filter.patch diff --git a/mcp/patches/pharos/0001-Update-MaaS-PXE-config.patch b/mcp/patches/pharos/0001-Update-MaaS-PXE-config.patch deleted file mode 100644 index 27467dd61..000000000 --- a/mcp/patches/pharos/0001-Update-MaaS-PXE-config.patch +++ /dev/null @@ -1,47 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sat, 16 Dec 2017 21:14:35 +0100 -Subject: [PATCH] Update MaaS PXE config - -- reduce DHCP range to silence a dummy MaaS warning about address exhaustion; -- define PXE/admin address for Salt Master node; -- drop obsolete opnfv_infra_maas_pxe_address; - -JIRA: FUEL-316 - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - config/installers/fuel/pod_config.yml.j2 | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/config/installers/fuel/pod_config.yml.j2 b/config/installers/fuel/pod_config.yml.j2 -index 28c6188..f380535 100644 ---- a/config/installers/fuel/pod_config.yml.j2 -+++ b/config/installers/fuel/pod_config.yml.j2 -@@ -40,6 +40,7 @@ parameters: - {%- endif %} - - opnfv_infra_config_address: {{ net_mgmt | ipaddr_index('100') }} -+ opnfv_infra_config_pxe_address: {{ net_admin | ipaddr_index('2') }} - opnfv_infra_maas_node01_address: {{ net_mgmt | ipaddr_index('3') }} - opnfv_infra_maas_node01_deploy_address: {{ net_admin | ipaddr_index('3') }} - opnfv_infra_kvm_address: {{ net_mgmt | ipaddr_index('140') }} -@@ -48,9 +49,8 @@ parameters: - opnfv_infra_kvm_node03_address: {{ net_mgmt | ipaddr_index('143') }} - - opnfv_infra_maas_pxe_network_address: {{ net_admin }} -- opnfv_infra_maas_pxe_address: {{ net_admin | ipaddr_index('3') }} -- opnfv_infra_maas_pxe_start_address: {{ net_admin | ipaddr_index('5') }} -- opnfv_infra_maas_pxe_end_address: {{ net_admin | ipaddr_index('250') }} -+ opnfv_infra_maas_pxe_start_address: {{ net_admin | ipaddr_index('4') }} -+ opnfv_infra_maas_pxe_end_address: {{ net_admin | ipaddr_index('100') }} - - opnfv_openstack_gateway_node01_address: {{ net_mgmt | ipaddr_index('124') }} - opnfv_openstack_gateway_node02_address: {{ net_mgmt | ipaddr_index('125') }} diff --git a/mcp/patches/pharos/0002-Add-proxy-node-management-network-VIP.patch b/mcp/patches/pharos/0002-Add-proxy-node-management-network-VIP.patch deleted file mode 100644 index 346d7505c..000000000 --- a/mcp/patches/pharos/0002-Add-proxy-node-management-network-VIP.patch +++ /dev/null @@ -1,29 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Mon, 1 Jan 2018 17:06:59 +0100 -Subject: [PATCH] Add proxy node management network VIP - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - config/installers/fuel/pod_config.yml.j2 | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/config/installers/fuel/pod_config.yml.j2 b/config/installers/fuel/pod_config.yml.j2 -index f380535..2d0cdee 100644 ---- a/config/installers/fuel/pod_config.yml.j2 -+++ b/config/installers/fuel/pod_config.yml.j2 -@@ -61,6 +61,7 @@ parameters: - opnfv_openstack_proxy_address: {{ net_public | ipaddr_index('103') }} - opnfv_openstack_proxy_node01_address: {{ net_public | ipaddr_index('104') }} - opnfv_openstack_proxy_node02_address: {{ net_public | ipaddr_index('105') }} -+ opnfv_openstack_proxy_control_address: {{ net_mgmt | ipaddr_index('103') }} - opnfv_openstack_proxy_node01_control_address: {{ net_mgmt | ipaddr_index('104') }} - opnfv_openstack_proxy_node02_control_address: {{ net_mgmt | ipaddr_index('105') }} - opnfv_openstack_control_address: {{ net_mgmt | ipaddr_index('10') }} diff --git a/mcp/patches/reclass-system-salt-model/0001-Bring-in-opendaylight-support.patch b/mcp/patches/reclass-system-salt-model/0001-Bring-in-opendaylight-support.patch deleted file mode 100644 index c7ba5a740..000000000 --- a/mcp/patches/reclass-system-salt-model/0001-Bring-in-opendaylight-support.patch +++ /dev/null @@ -1,110 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Michael Polenchuk <mpolenchuk@mirantis.com> -Date: Thu, 29 Jun 2017 12:22:42 +0400 -Subject: [PATCH] Bring in opendaylight support - -Change-Id: I3efec9a8b586a6c75b1c1635ad2a7024d73d9ad2 ---- - neutron/control/opendaylight/cluster.yml | 17 +++++++++++++++++ - neutron/control/opendaylight/single.yml | 15 +++++++++++++++ - neutron/gateway/opendaylight/single.yml | 7 +++++++ - opendaylight/server/single.yml | 2 ++ - reclass/storage/system/opendaylight_control_single.yml | 13 +++++++++++++ - 5 files changed, 54 insertions(+) - create mode 100644 neutron/control/opendaylight/cluster.yml - create mode 100644 neutron/control/opendaylight/single.yml - create mode 100644 neutron/gateway/opendaylight/single.yml - create mode 100644 opendaylight/server/single.yml - create mode 100644 reclass/storage/system/opendaylight_control_single.yml - -diff --git a/neutron/control/opendaylight/cluster.yml b/neutron/control/opendaylight/cluster.yml -new file mode 100644 -index 0000000..a32e7ab ---- /dev/null -+++ b/neutron/control/opendaylight/cluster.yml -@@ -0,0 +1,17 @@ -+classes: -+- service.keepalived.cluster.single -+- service.haproxy.proxy.single -+- service.neutron.control.cluster -+- system.neutron.control.openvswitch.cluster -+parameters: -+ neutron: -+ server: -+ backend: -+ host: ${_param:opendaylight_service_host} -+ rest_api_port: 8282 -+ user: admin -+ password: admin -+ ovsdb_connection: tcp:127.0.0.1:6639 -+ mechanism: -+ ovs: -+ driver: opendaylight_v2 -diff --git a/neutron/control/opendaylight/single.yml b/neutron/control/opendaylight/single.yml -new file mode 100644 -index 0000000..053f14d ---- /dev/null -+++ b/neutron/control/opendaylight/single.yml -@@ -0,0 +1,15 @@ -+classes: -+- service.neutron.control.single -+- system.neutron.control.openvswitch.single -+parameters: -+ neutron: -+ server: -+ backend: -+ host: ${_param:opendaylight_service_host} -+ rest_api_port: 8282 -+ user: admin -+ password: admin -+ ovsdb_connection: tcp:127.0.0.1:6639 -+ mechanism: -+ ovs: -+ driver: opendaylight_v2 -diff --git a/neutron/gateway/opendaylight/single.yml b/neutron/gateway/opendaylight/single.yml -new file mode 100644 -index 0000000..2169001 ---- /dev/null -+++ b/neutron/gateway/opendaylight/single.yml -@@ -0,0 +1,7 @@ -+classes: -+- service.neutron.gateway.single -+parameters: -+ neutron: -+ gateway: -+ backend: -+ ovsdb_connection: tcp:127.0.0.1:6639 -diff --git a/opendaylight/server/single.yml b/opendaylight/server/single.yml -new file mode 100644 -index 0000000..3d11872 ---- /dev/null -+++ b/opendaylight/server/single.yml -@@ -0,0 +1,2 @@ -+classes: -+- service.opendaylight.server.single -diff --git a/reclass/storage/system/opendaylight_control_single.yml b/reclass/storage/system/opendaylight_control_single.yml -new file mode 100644 -index 0000000..ad809f5 ---- /dev/null -+++ b/reclass/storage/system/opendaylight_control_single.yml -@@ -0,0 +1,13 @@ -+parameters: -+ _param: -+ opendaylight_control_hostname: odl01 -+ reclass: -+ storage: -+ node: -+ opendaylight_control_node01: -+ name: ${_param:opendaylight_control_hostname} -+ domain: ${_param:cluster_domain} -+ params: -+ salt_master_host: ${_param:reclass_config_master} -+ linux_system_codename: ${_param:linux_system_codename} -+ single_address: ${_param:opendaylight_service_host} diff --git a/mcp/patches/reclass-system-salt-model/0003-Use-keystone-v3-endpoints-by-default.patch b/mcp/patches/reclass-system-salt-model/0001-Use-keystone-v3-endpoints-by-default.patch index 6f860bcce..f003c2031 100644 --- a/mcp/patches/reclass-system-salt-model/0003-Use-keystone-v3-endpoints-by-default.patch +++ b/mcp/patches/reclass-system-salt-model/0001-Use-keystone-v3-endpoints-by-default.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 @@ -20,10 +20,10 @@ Change-Id: I7e9a1b180f4e0ddb24ec72ed9f08c9e2580c7897 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keystone/client/single.yml b/keystone/client/single.yml -index ebf5b5f..8007710 100644 +index b8ab7f1b..98cf359c 100644 --- a/keystone/client/single.yml +++ b/keystone/client/single.yml -@@ -4,7 +4,7 @@ classes: +@@ -5,7 +5,7 @@ classes: - system.keystone.client.service.glance - system.keystone.client.service.heat - system.keystone.client.service.heat-cfn @@ -31,4 +31,4 @@ index ebf5b5f..8007710 100644 +- system.keystone.client.service.keystone3 - system.keystone.client.service.neutron parameters: - linux: + _param: diff --git a/mcp/patches/reclass-system-salt-model/0004-Revert-Admin-endpoint-for-keystone-v3.patch b/mcp/patches/reclass-system-salt-model/0002-Revert-Admin-endpoint-for-keystone-v3.patch index 8731c1340..00b4cf34b 100644 --- a/mcp/patches/reclass-system-salt-model/0004-Revert-Admin-endpoint-for-keystone-v3.patch +++ b/mcp/patches/reclass-system-salt-model/0002-Revert-Admin-endpoint-for-keystone-v3.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 @@ -24,12 +24,13 @@ Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keystone/client/service/keystone3.yml b/keystone/client/service/keystone3.yml -index bd0c63b..cc385f2 100644 +index 5138c4fc..9b69294b 100644 --- a/keystone/client/service/keystone3.yml +++ b/keystone/client/service/keystone3.yml -@@ -20,4 +20,4 @@ parameters: - internal_path: '/v3' +@@ -22,5 +22,5 @@ parameters: + internal_protocol: ${_param:keystone_service_protocol} admin_address: ${_param:keystone_service_host} admin_port: 35357 - admin_path: '/v2.0' + admin_path: '/v3' + admin_protocol: ${_param:keystone_service_protocol} diff --git a/mcp/patches/reclass-system-salt-model/0002-mongodb-Parameterize-cluster-hostnames.patch b/mcp/patches/reclass-system-salt-model/0002-mongodb-Parameterize-cluster-hostnames.patch deleted file mode 100644 index b75044b16..000000000 --- a/mcp/patches/reclass-system-salt-model/0002-mongodb-Parameterize-cluster-hostnames.patch +++ /dev/null @@ -1,37 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sun, 10 Dec 2017 21:58:52 +0100 -Subject: [PATCH] mongodb: Parameterize cluster hostnames - -Replace mdb{01,02,03} with reclass params, similar to prev commit. - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - mongodb/server/cluster.yml | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/mongodb/server/cluster.yml b/mongodb/server/cluster.yml -index f3c16d6..1d1e397 100644 ---- a/mongodb/server/cluster.yml -+++ b/mongodb/server/cluster.yml -@@ -3,9 +3,9 @@ classes: - parameters: - _param: - mongodb_server_replica_set: mongodb -- mongodb_master: mdb01 -+ mongodb_master: ${_param:openstack_telemetry_node01_hostname} - mongodb_server_members: -- - host: mdb01 -+ - host: ${_param:openstack_telemetry_node01_hostname} - priority: 2 -- - host: mdb02 -- - host: mdb03 -+ - host: ${_param:openstack_telemetry_node02_hostname} -+ - host: ${_param:openstack_telemetry_node03_hostname} diff --git a/mcp/patches/salt-formula-aodh/0001-Extend-apache-service-state.patch b/mcp/patches/salt-formula-aodh/0001-Extend-apache-service-state.patch new file mode 100644 index 000000000..9bf85efa0 --- /dev/null +++ b/mcp/patches/salt-formula-aodh/0001-Extend-apache-service-state.patch @@ -0,0 +1,47 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Wed, 10 Jul 2019 10:18:58 +0400 +Subject: [PATCH] Extend apache service state + +diff --git a/aodh/server.sls b/aodh/server.sls +index 04b0395..258e5fe 100644 +--- a/aodh/server.sls ++++ b/aodh/server.sls +@@ -183,20 +183,16 @@ aodh_api_config: + + {%- endif %} + +-aodh_apache_restart: +- service.running: +- - enable: true +- - name: apache2 +- {%- if grains.get('noservices') %} +- - onlyif: /bin/false +- {%- endif %} +- - watch: +- - file: /etc/aodh/aodh.conf +- {%- if pillar.get('apache', {}).get('server', {}).get('site', {}).aodh is defined %} +- - apache_enable_aodh_wsgi +- {%- else %} +- - file: aodh_api_apache_config +- {%- endif %} ++extend: ++ apache_service: ++ service.running: ++ - watch: ++ - file: /etc/aodh/aodh.conf ++ {%- if pillar.get('apache', {}).get('server', {}).get('site', {}).aodh is defined %} ++ - apache_enable_aodh_wsgi ++ {%- else %} ++ - file: aodh_api_apache_config ++ {%- endif %} + + {%- endif %} + diff --git a/mcp/patches/salt-formula-cinder/0001-Support-stein-version.patch b/mcp/patches/salt-formula-cinder/0001-Support-stein-version.patch new file mode 100644 index 000000000..bae93ce6f --- /dev/null +++ b/mcp/patches/salt-formula-cinder/0001-Support-stein-version.patch @@ -0,0 +1,25 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Tue, 9 Jul 2019 14:23:14 +0400 +Subject: [PATCH] Support stein version + +diff --git a/cinder/controller.sls b/cinder/controller.sls +index 31cb53c..f58e261 100644 +--- a/cinder/controller.sls ++++ b/cinder/controller.sls +@@ -72,7 +72,7 @@ cinder_controller_packages: + {%- endif %} + + {# Starting from ocata api running undder apache, so dedicated loggong.conf is not needed #} +-{%- if controller.version not in ('ocata','pike','queens', 'rocky') %} ++{%- if controller.version not in ('ocata','pike','queens', 'rocky', 'stein') %} + {%- do cinder_log_services.append('cinder-api') %} + {%- endif %} + diff --git a/mcp/patches/salt-formula-horizon/0001-Support-stein-version.patch b/mcp/patches/salt-formula-horizon/0001-Support-stein-version.patch new file mode 100644 index 000000000..3ae93638d --- /dev/null +++ b/mcp/patches/salt-formula-horizon/0001-Support-stein-version.patch @@ -0,0 +1,35 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Tue, 9 Jul 2019 14:54:50 +0400 +Subject: [PATCH] Support stein version + +--- + horizon/files/local_settings/stein_settings.py | 1 + + horizon/files/policy/stein | 1 + + 2 files changed, 2 insertions(+) + create mode 120000 horizon/files/local_settings/stein_settings.py + create mode 120000 horizon/files/policy/stein + +diff --git a/horizon/files/local_settings/stein_settings.py b/horizon/files/local_settings/stein_settings.py +new file mode 120000 +index 0000000..183e9a8 +--- /dev/null ++++ b/horizon/files/local_settings/stein_settings.py +@@ -0,0 +1 @@ ++rocky_settings.py +\ No newline at end of file +diff --git a/horizon/files/policy/stein b/horizon/files/policy/stein +new file mode 120000 +index 0000000..c8dbb8c +--- /dev/null ++++ b/horizon/files/policy/stein +@@ -0,0 +1 @@ ++rocky +\ No newline at end of file diff --git a/mcp/patches/salt-formula-horizon/0002-Align-packages-with-Stein-reqs.patch b/mcp/patches/salt-formula-horizon/0002-Align-packages-with-Stein-reqs.patch new file mode 100644 index 000000000..90a0057cb --- /dev/null +++ b/mcp/patches/salt-formula-horizon/0002-Align-packages-with-Stein-reqs.patch @@ -0,0 +1,30 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Mon, 30 Dec 2019 16:15:04 +0100 +Subject: [PATCH] Align packages with Stein reqs + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + horizon/map.jinja | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/horizon/map.jinja b/horizon/map.jinja +index 3779d69..0cebe0c 100644 +--- a/horizon/map.jinja ++++ b/horizon/map.jinja +@@ -6,7 +6,7 @@ + + {%- if not salt['pillar.get']('horizon:server:cache:backend') %} + {%- if salt['pillar.get']('horizon:server:version') not in ['mitaka','newton'] %} +- {%- set cache_pkgs = ['python-pylibmc'] %} ++ {%- set cache_pkgs = ['python3-pylibmc'] %} + {%- set default_cache_backend = 'django.core.cache.backends.memcached.PyLibMCCache' %} + {%- else %} + {% if grains['os_family'] == 'RedHat' %} diff --git a/mcp/patches/salt-formula-keystone/0001-Handle-extra-environment-variables.patch b/mcp/patches/salt-formula-keystone/0001-Handle-extra-environment-variables.patch new file mode 100644 index 000000000..2108587b1 --- /dev/null +++ b/mcp/patches/salt-formula-keystone/0001-Handle-extra-environment-variables.patch @@ -0,0 +1,28 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Mon, 12 Mar 2018 17:43:09 +0400 +Subject: [PATCH] Handle extra environment variables + +Change-Id: Ieae46ac65041630759c82238a8a5ce0535c454b2 +--- + keystone/files/keystonercv3 | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/keystone/files/keystonercv3 b/keystone/files/keystonercv3 +index 1b7f378..984c8a2 100644 +--- a/keystone/files/keystonercv3 ++++ b/keystone/files/keystonercv3 +@@ -11,3 +11,6 @@ export OS_REGION_NAME={{ server.region }} + export OS_INTERFACE=internal + export OS_ENDPOINT_TYPE="internal" + export OS_CACERT="{{ server.cacert }}" ++{%- for opt, value in server.get('openrc_extra', {}).iteritems() %} ++{{ "export %s=%s"|format(opt|upper, value) }} ++{%- endfor %} diff --git a/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch b/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch new file mode 100644 index 000000000..9479a990b --- /dev/null +++ b/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch @@ -0,0 +1,124 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Wed, 28 Feb 2018 17:54:28 +0400 +Subject: [PATCH] Set ovs bridges as L3 interfaces + +--- + linux/files/ovs_bridge | 22 ++++++++++++++++++++++ + linux/files/ovs_port | 8 +++++++- + linux/network/interface.sls | 34 +++++++++++++++++++++++++++++++++- + 3 files changed, 62 insertions(+), 2 deletions(-) + create mode 100644 linux/files/ovs_bridge + +diff --git a/linux/files/ovs_bridge b/linux/files/ovs_bridge +new file mode 100644 +index 0000000..4718b91 +--- /dev/null ++++ b/linux/files/ovs_bridge +@@ -0,0 +1,22 @@ ++# With systemd, adding OVS bridges as 'auto' can cause race conditions ++# https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian ++# auto {{ bridge_name }} ++allow-ovs {{ bridge_name }} ++iface {{ bridge_name }} inet {{ bridge.get('proto', 'static' if bridge.address is defined else 'manual') }} ++ ovs_type OVSBridge ++ {%- if bridge.address is defined %} ++ address {{ bridge.address }} ++ netmask {{ bridge.netmask }} ++ {%- endif %} ++ {%- if bridge.use_interfaces is defined %} ++ ovs_ports {{ bridge.use_interfaces|join(' ') }} ++ {%- endif %} ++ {%- if bridge.datapath_type is defined %} ++ ovs_extra set Bridge ${IFACE} datapath_type={{ bridge.datapath_type }} ++ {%- endif %} ++ {%- if bridge.gateway is defined %} ++ gateway {{ bridge.gateway }} ++ {%- endif %} ++ {%- if bridge.name_servers is defined %} ++ dns-nameservers {{ bridge.name_servers | join(' ') }} ++ {%- endif %} +diff --git a/linux/files/ovs_port b/linux/files/ovs_port +index 222ca8e..41821b7 100644 +--- a/linux/files/ovs_port ++++ b/linux/files/ovs_port +@@ -1,6 +1,12 @@ +-auto {{ port_name }} ++# With systemd, adding OVS bridges as 'auto' can cause race conditions ++# https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian ++# OVS ports will be automatically ifup-ed when ifup-ing the OVS bridge ++# auto {{ port_name }} + allow-{{ port.bridge }} {{ port_name }} + iface {{ port_name }} inet {{ port.get('proto', 'manual') }} ++{%- if '.' in port_name %} ++vlan-raw-device {{ port_name.split('.')[0] }} ++{%- endif %} + ovs_type {{ port.get('ovs_port_type', 'OVSIntPort') }} + mtu {{ port.get('mtu', '1500') }} + ovs_bridge {{ port.bridge }} +diff --git a/linux/network/interface.sls b/linux/network/interface.sls +index a39fc37..8bce092 100644 +--- a/linux/network/interface.sls ++++ b/linux/network/interface.sls +@@ -92,6 +92,35 @@ add_int_{{ int_name }}_to_ovs_dpdk_bridge_{{ interface_name }}: + ovs_bridge_{{ interface_name }}: + openvswitch_bridge.present: + - name: {{ interface_name }} ++ file.managed: ++ - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }} ++ - makedirs: True ++ - source: salt://linux/files/ovs_bridge ++ - defaults: ++ bridge: {{ interface|yaml }} ++ bridge_name: {{ interface_name }} ++ - template: jinja ++ ++linux_interfaces_include_{{ interface_name }}: ++ file.prepend: ++ - name: /etc/network/interfaces ++ - text: | ++ source /etc/network/interfaces.d/* ++ # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262 ++ source /etc/network/interfaces.u/* ++ ++ovs_bridge_up_{{ interface_name }}: ++ cmd.run: ++ - name: ifup --ignore-errors {{ interface_name }} ++ - require: ++ - file: ovs_bridge_{{ interface_name }} ++ - openvswitch_bridge: ovs_bridge_{{ interface_name }} ++ - file: linux_interfaces_final_include ++ {%- if network.noifupdown|d(false) or interface.noifupdown|d(false) %} ++ - onlyif: /bin/false ++ {%- else %} ++ - unless: grep -qFx up /sys/class/net/{{ interface_name }}/operstate ++ {%- endif %} + + {# add linux network interface into OVS bridge #} + {%- for int_name, int in network.interface.items() %} +@@ -102,7 +131,7 @@ ovs_bridge_{{ interface_name }}: + + add_int_{{ int_name }}_to_ovs_bridge_{{ interface_name }}: + cmd.run: +- - unless: ovs-vsctl show | grep {{ int_name }} ++ - unless: ovs-vsctl list-ports {{ interface_name }} | grep -qFx {{ int_name }} + - name: ovs-vsctl{%- if network.ovs_nowait %} --no-wait{%- endif %} add-port {{ interface_name }} {{ int_name }} + + {%- endif %} +@@ -176,6 +205,9 @@ ovs_port_{{ interface_name }}_line2: + ovs_port_up_{{ interface_name }}: + cmd.run: + - name: ifup {{ interface_name }} ++ {%- if network.noifupdown|d(false) or interface.noifupdown|d(false) %} ++ - onlyif: /bin/false ++ {%- endif %} + - require: + - file: ovs_port_{{ interface_name }} + - file: ovs_port_{{ interface_name }}_line1 diff --git a/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch b/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch new file mode 100644 index 000000000..5166be56a --- /dev/null +++ b/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch @@ -0,0 +1,139 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Mon, 10 Dec 2018 16:16:26 +0100 +Subject: [PATCH] network: Bring in basic VPP support + +For now, we only care about DPDK-backed VPP ports. + +TODO: +- README.rst: VPP port usage + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + linux/files/vpp_commands.txt | 4 +++ + linux/files/vpp_startup.conf | 47 ++++++++++++++++++++++++++++++++++++ + linux/network/dpdk.sls | 38 +++++++++++++++++++++++++++++ + 3 files changed, 89 insertions(+) + create mode 100644 linux/files/vpp_commands.txt + create mode 100644 linux/files/vpp_startup.conf + +diff --git a/linux/files/vpp_commands.txt b/linux/files/vpp_commands.txt +new file mode 100644 +index 0000000..2ce4726 +--- /dev/null ++++ b/linux/files/vpp_commands.txt +@@ -0,0 +1,4 @@ ++{%- from "linux/map.jinja" import network with context %} ++{%- if network.vpp.commands is defined %} ++{{ network.vpp.commands }} ++{%- endif %} +diff --git a/linux/files/vpp_startup.conf b/linux/files/vpp_startup.conf +new file mode 100644 +index 0000000..fcfc1fd +--- /dev/null ++++ b/linux/files/vpp_startup.conf +@@ -0,0 +1,47 @@ ++{%- from "linux/map.jinja" import network with context %} ++unix { ++ cli-listen /run/vpp/cli.sock ++ log /var/log/vpp.log ++ full-coredump ++ nodaemon ++ startup-config /etc/vpp/commands.txt ++{%- if network.vpp.gid is defined %} ++ gid {{ network.vpp.gid }} ++{%- endif %} ++} ++api-trace { ++ on ++} ++{%- if network.vpp.gid is defined %} ++api-segment { ++ gid {{ network.vpp.gid }} ++} ++{%- endif %} ++cpu { ++{%- if network.vpp.main_core is defined %} ++ main-core {{ network.vpp.main_core }} ++{%- endif %} ++{%- if network.vpp.corelist_workers is defined %} ++ corelist-workers {{ network.vpp.corelist_workers }} ++{%- endif %} ++{%- if network.vpp.skip_core is defined %} ++ skip-core {{ network.vpp.skip_core }} ++{%- endif %} ++{%- if network.vpp.workers is defined %} ++ workers {{ network.vpp.workers }} ++{%- endif %} ++} ++dpdk { ++{%- if network.vpp.decimal_interface_names is defined %} ++ decimal-interface-names ++{%- endif %} ++{%- if network.vpp.dpdk_socket_mem is defined %} ++ socket-mem {{ network.vpp.dpdk_socket_mem }} ++{%- endif %} ++ ## Whitelist specific interface by specifying PCI address ++{%- for interface_name, interface in network.interface.items() %} ++{%- if 'dpdk_vpp_port' in interface.type and interface.pci is defined %} ++ dev {{ interface.pci }} ++{%- endif %} ++{%- endfor %} ++} +diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls +index 786f7c8..09453c6 100644 +--- a/linux/network/dpdk.sls ++++ b/linux/network/dpdk.sls +@@ -32,6 +32,45 @@ linux_network_dpdk_service: + - watch: + - file: /etc/dpdk/interfaces + ++{%- if network.vpp is defined %} ++ ++vpp_pkgs: ++ pkg.installed: ++ - pkgs: ++ - vpp ++ - vpp-plugin-core ++ - vpp-plugin-dpdk ++ - bridge-utils ++ ++/etc/vpp/commands.txt: ++ file.managed: ++ - source: salt://linux/files/vpp_commands.txt ++ - template: jinja ++ - require: ++ - pkg: vpp_pkgs ++ ++/etc/vpp/startup.conf: ++ file.managed: ++ - source: salt://linux/files/vpp_startup.conf ++ - template: jinja ++ - require: ++ - pkg: vpp_pkgs ++ ++/etc/sysctl.d/80-vpp.conf: ++ file.managed: ++ - contents: ++ - '# Disabled by salt-formula-linux' ++ ++linux_network_vpp_service: ++ service.running: ++ - enable: true ++ - name: vpp ++ - watch: ++ - file: /etc/vpp/startup.conf ++ - file: /etc/vpp/commands.txt ++ ++{%- endif %} ++ + {%- if network.openvswitch is defined %} + + openvswitch_dpdk_pkgs: diff --git a/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch b/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch new file mode 100644 index 000000000..70b699a76 --- /dev/null +++ b/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch @@ -0,0 +1,97 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Fri, 25 Jan 2019 21:20:04 +0100 +Subject: [PATCH] OVS: Fix Debian service deps, OVS bridge ifup + +Fix OVS vs Linux bridge race condition: +- OVS services should start before networking service; +- OVS services should start after DPDK service (if present); +- networking service should ifup OVS bridges (and automatically their + OVS ports if present) after Linux interfaces/bridges; +- br-prv should be handled by OVS to avoid another race condition, + so use 'allow-ovs br-prv' instead of 'auto'; + +NOTE: +- OVS ports/bridges should NOT be configured as auto for this to work; +- OVS services correspond to OVS 2.9 or newer, since before that + ovsdb-server was called openvswitch-nonetwork. +- we also need to take care of one particularly ugly circular dep: + ovs-vswitchd --> ovsdb-server -(default dep)-> sysinit.target --> + cloud-init.service --> networking.service --> ovs-vswitchd + We'll just set 'DefaultDependencies=no' for ovs services, although + this might require explicitly adding back some of the indirect + dependencies of sysinit.target. + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + linux/network/dpdk.sls | 2 +- + linux/network/interface.sls | 36 ++++++++++++++++++++++++++++++++++++ + 2 files changed, 37 insertions(+), 1 deletion(-) + +diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls +index 09453c6..e866909 100644 +--- a/linux/network/dpdk.sls ++++ b/linux/network/dpdk.sls +@@ -199,7 +199,7 @@ linux_network_dpdk_bridge_interface_{{ interface_name }}: + /etc/network/interfaces.u/ifcfg-{{ interface_name }}: + file.managed: + - contents: | +- auto {{ interface_name }} ++ allow-ovs {{ interface_name }} + iface {{ interface_name }} inet static + address {{ interface.address }} + netmask {{ interface.netmask }} +diff --git a/linux/network/interface.sls b/linux/network/interface.sls +index 8bce092..11db5be 100644 +--- a/linux/network/interface.sls ++++ b/linux/network/interface.sls +@@ -24,6 +24,42 @@ linux_network_bridge_pkgs: + - pkgs: {{ network.bridge_pkgs }} + {%- endif %} + ++{%- if network.bridge == 'openvswitch' and grains.os_family == 'Debian' %} ++ ++{# create drop-in dpdk, networking dependency for ovs services #} ++/etc/systemd/system/ovsdb-server.service.d/override.conf: ++ file.managed: ++ - makedirs: true ++ - require: ++ - pkg: linux_network_bridge_pkgs ++ - contents: | ++ [Unit] ++ After=dpdk.service ++ Before=networking.service ++ DefaultDependencies=no ++ ++/etc/systemd/system/ovs-vswitchd.service.d/override.conf: ++ file.managed: ++ - makedirs: true ++ - require: ++ - pkg: linux_network_bridge_pkgs ++ - contents: | ++ [Unit] ++ Before=networking.service ++ DefaultDependencies=no ++ ++{# Debian/Ubuntu won't automatically ifup OVS bridges, workaround #} ++/etc/systemd/system/networking.service.d/ovs_workaround.conf: ++ file.managed: ++ - makedirs: true ++ - require: ++ - pkg: linux_network_bridge_pkgs ++ - contents: | ++ [Service] ++ ExecStart=/sbin/ifup --allow=ovs -a --read-environment ++ ++{%- endif %} ++ + {%- endif %} + + {%- for f in network.get('concat_iface_files', []) %} diff --git a/mcp/patches/salt-formula-linux/0004-dpdk-Handle-per-port-memory-model.patch b/mcp/patches/salt-formula-linux/0004-dpdk-Handle-per-port-memory-model.patch new file mode 100644 index 000000000..b54650007 --- /dev/null +++ b/mcp/patches/salt-formula-linux/0004-dpdk-Handle-per-port-memory-model.patch @@ -0,0 +1,25 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Tue, 30 Apr 2019 12:59:54 +0400 +Subject: [PATCH] [dpdk] Handle per port memory model + + +diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls +index 786f7c8..c6f3020 100644 +--- a/linux/network/dpdk.sls ++++ b/linux/network/dpdk.sls +@@ -49,6 +49,7 @@ linux_network_dpdk_ovs_service: + - unless: 'ovs-vsctl get Open_vSwitch . other_config | grep "dpdk-init=\"true\""' + + {%- set ovs_options = [ ++ 'per-port-memory="'+network.openvswitch.per_port_memory|d('false')+'"', + "pmd-cpu-mask=\""+network.openvswitch.pmd_cpu_mask+"\"", + "dpdk-socket-mem=\""+network.openvswitch.dpdk_socket_mem+"\"", + "dpdk-lcore-mask=\""+network.openvswitch.dpdk_lcore_mask+"\"", diff --git a/mcp/patches/salt-formula-linux/0005-network-RHEL-Set-bridge-for-member-interfaces.patch b/mcp/patches/salt-formula-linux/0005-network-RHEL-Set-bridge-for-member-interfaces.patch new file mode 100644 index 000000000..67004601c --- /dev/null +++ b/mcp/patches/salt-formula-linux/0005-network-RHEL-Set-bridge-for-member-interfaces.patch @@ -0,0 +1,44 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Tue, 11 Jun 2019 03:57:29 +0200 +Subject: [PATCH] network: RHEL: Set bridge for member interfaces + +For RHEL, bridge member interfaces need to be passed down the +bridge name, so lookup all bridges, find the one containing the +current interface (if any) and use it when calling +`network.managed`. + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + linux/network/interface.sls | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/linux/network/interface.sls b/linux/network/interface.sls +index 11db5be..ccac6d7 100644 +--- a/linux/network/interface.sls ++++ b/linux/network/interface.sls +@@ -303,6 +303,17 @@ linux_interface_{{ interface_name }}: + - cmd: ovs_port_up_{{ network }} + {%- endfor %} + {%- endif %} ++ {%- if grains.os_family == 'RedHat' %} ++ {%- set br_todo = [] %} ++ {%- for br_name, br_info in network.interface.items() %} ++ {%- if br_info.type == 'bridge' and interface_name in br_info.get('use_interfaces', []) %} ++ {%- do br_todo.append(br_info.get('name', br_name)) %} ++ {%- endif %} ++ {%- endfor %} ++ {%- if br_todo %} ++ - bridge: {{ br_todo | first }} ++ {%- endif %} ++ {%- endif %} + {%- if interface.type == 'bridge' %} + - bridge: {{ interface_name }} + - delay: 0 diff --git a/mcp/patches/salt-formula-linux/0006-dpdk-Remove-invalid-vhost-options.patch b/mcp/patches/salt-formula-linux/0006-dpdk-Remove-invalid-vhost-options.patch new file mode 100644 index 000000000..acc3c181f --- /dev/null +++ b/mcp/patches/salt-formula-linux/0006-dpdk-Remove-invalid-vhost-options.patch @@ -0,0 +1,25 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Tue, 30 Jul 2019 13:24:41 +0400 +Subject: [PATCH] [dpdk] Remove invalid vhost options + +diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls +index 786f7c8..c929e43 100644 +--- a/linux/network/dpdk.sls ++++ b/linux/network/dpdk.sls +@@ -52,7 +52,7 @@ linux_network_dpdk_ovs_service: + "pmd-cpu-mask=\""+network.openvswitch.pmd_cpu_mask+"\"", + "dpdk-socket-mem=\""+network.openvswitch.dpdk_socket_mem+"\"", + "dpdk-lcore-mask=\""+network.openvswitch.dpdk_lcore_mask+"\"", +- "dpdk-extra=\"-n "+network.openvswitch.memory_channels+" --vhost-owner libvirt-qemu:kvm --vhost-perm 0664\"" ++ "dpdk-extra=\"-n "+network.openvswitch.memory_channels+"\"" + ] + %} + diff --git a/mcp/patches/0002-maas-region-skip-credentials-update.patch b/mcp/patches/salt-formula-maas/0001-maas-region-skip-credentials-update.patch index 11e8befb8..eb607cf81 100644 --- a/mcp/patches/0002-maas-region-skip-credentials-update.patch +++ b/mcp/patches/salt-formula-maas/0001-maas-region-skip-credentials-update.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 @@ -17,12 +17,14 @@ updating credentials. Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> --- + maas/region.sls | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/maas/region.sls b/maas/region.sls -index d3227ca..8a2243d 100644 +index 066490c..de5054a 100644 --- a/maas/region.sls +++ b/maas/region.sls -@@ -6,10 +6,9 @@ +@@ -6,10 +6,9 @@ maas_region_packages: - names: {{ region.pkgs }} /etc/maas/regiond.conf: diff --git a/mcp/patches/0010-maas-region-allow-timeout-override.patch b/mcp/patches/salt-formula-maas/0002-maas-region-allow-timeout-override.patch index 5b8d5a1fe..3d8deff60 100644 --- a/mcp/patches/0010-maas-region-allow-timeout-override.patch +++ b/mcp/patches/salt-formula-maas/0002-maas-region-allow-timeout-override.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 @@ -31,17 +31,24 @@ reserved range, but instead DHCP will assign them *inside* the range. One alternative would be to handle this via API calls, for each node's PXE physical interface, but that overcomplicates things. +3. MaaS blocksize: For some reason the python library behind tftp forces ip +blocksize to be 1008. We can force it to be 1464 and gain some performance due +to MTU beeing 1500 (i.e. allow bigger packets). + JIRA: FUEL-316 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> --- + maas/region.sls | 30 ++++++++++++++++++++++++++++++ + 1 file changed, 30 insertions(+) diff --git a/maas/region.sls b/maas/region.sls +index de5054a..4a7f6cc 100644 --- a/maas/region.sls +++ b/maas/region.sls -@@ -19,6 +19,36 @@ - - require: - - pkg: maas_region_packages +@@ -38,6 +38,36 @@ restore_maas_database_{{ region.database.name }}: + + {%- endif %} +maas_timeout_commissioning: + file.replace: diff --git a/mcp/patches/salt-formula-maas/0003-Extend-wait_for-maas.py-wait_for_-attempts-arg.patch b/mcp/patches/salt-formula-maas/0003-Extend-wait_for-maas.py-wait_for_-attempts-arg.patch new file mode 100644 index 000000000..efd7cc2fd --- /dev/null +++ b/mcp/patches/salt-formula-maas/0003-Extend-wait_for-maas.py-wait_for_-attempts-arg.patch @@ -0,0 +1,268 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Sun, 23 Sep 2018 03:57:27 +0200 +Subject: [PATCH] Extend wait_for maas.py, wait_for_* attempts arg + +1. maas.py: Extend wait_for states with timeout param + +Extend the wait_for states with a timeout parameter. +The timeout value is taken from reclass pillar data if +defined. Oterwise, the states use the default value. +Based on Ting's PR [1], slightly refactored. + +2. maas.py: Extend `req_status` support to multiple values + +Previously, req_status could be one of the MaaS status strings, e.g. +'Ready'. Extend matching to '|'-separated statuses (e.g. +'Ready|Deployed') to allow idempotency in MaaS machine commissioning +and deployment cycles. + +Also provide a `maas.machines.wait_for_ready_or_deployed` sls. + +3. maas.py: wait_for_*: Add attempts arg + +Introduce a new parameter that allows a maximum number of automatic +recovery attempts for the common failures w/ machine operations. +If not present in pillar data, it defaults to 0 (OFF). + +Common error states, possible cause and automatic recovery pattern: +* New + - usually indicates issues with BMC connectivity (no network route, + but on rare occassions it happens due to MaaS API being flaky); + - fix: delete the machine, (re)process machine definitions; +* Failed commissioning + - various causes, usually a simple retry works; + - fix: delete the machine, (re)process machine definitions; +* Failed testing + - incompatible hardware, missing drivers etc. + - usually consistent and board-specific; + - fix: override failed testing +* Allocated + - on rare ocassions nodes get stuck in this state instead 'Deploy'; + - fix: mark-broken, mark-fixed, if it failed at least once before + perform a fio test (fixes another unrelated spurious issue with + encrypted disks from previous deployments), (re)deploy machines; +* Failed deployment + - various causes, usually a simple retry works; + - fix: same as for nodes stuck in 'Allocated'; + +[1] https://github.com/salt-formulas/salt-formula-maas/pull/34 + +Change-Id: Ifb7dd9f8fcfbbed557e47d8fdffb1f963604fb15 +Signed-off-by: ting wu <ting.wu@enea.com> +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + README.rst | 9 +++- + _modules/maas.py | 52 +++++++++++++++++--- + maas/machines/wait_for_deployed.sls | 2 + + maas/machines/wait_for_ready.sls | 3 ++ + maas/machines/wait_for_ready_or_deployed.sls | 15 ++++++ + maas/map.jinja | 4 ++ + tests/pillar/maas_region.sls | 4 ++ + 7 files changed, 81 insertions(+), 8 deletions(-) + create mode 100644 maas/machines/wait_for_ready_or_deployed.sls + +diff --git a/README.rst b/README.rst +index 20da43e..78d8aef 100644 +--- a/README.rst ++++ b/README.rst +@@ -622,12 +622,16 @@ Wait for status of selected machine's: + machines: + - kvm01 + - kvm02 +- timeout: 1200 # in seconds ++ timeout: {{ region.timeout.ready }} ++ attempts: {{ region.timeout.attempts }} + req_status: "Ready" + - require: + - cmd: maas_login_admin + ... + ++The timeout setting is taken from the reclass pillar data. ++If the pillar data is not defined, it will use the default value. ++ + If module run w/\o any extra paremeters, + ``wait_for_machines_ready`` will wait for defined in salt + machines. In this case, it is usefull to skip some machines: +@@ -642,7 +646,8 @@ machines. In this case, it is usefull to skip some machines: + module.run: + - name: maas.wait_for_machine_status + - kwargs: +- timeout: 1200 # in seconds ++ timeout: {{ region.timeout.deployed }} ++ attempts: {{ region.timeout.attempts }} + req_status: "Deployed" + ignore_machines: + - kvm01 # in case it's broken or whatever +diff --git a/_modules/maas.py b/_modules/maas.py +index c02f104..bb70576 100644 +--- a/_modules/maas.py ++++ b/_modules/maas.py +@@ -670,7 +670,7 @@ class DeployMachines(MaasObject): + if machine['status'] == self.DEPLOYED: + return + if machine['status'] != self.READY: +- raise Exception('Not in ready state') ++ return + data = { + 'system_id': machine['system_id'], + } +@@ -921,6 +921,7 @@ class MachinesStatus(MaasObject): + req_status: string; Polling status + machines: list; machine names + ignore_machines: list; machine names ++ attempts: max number of automatic hard retries + :ret: True + Exception - if something fail/timeout reached + """ +@@ -929,6 +930,8 @@ class MachinesStatus(MaasObject): + req_status = kwargs.get("req_status", "Ready") + to_discover = kwargs.get("machines", None) + ignore_machines = kwargs.get("ignore_machines", None) ++ attempts = kwargs.get("attempts", 0) ++ failed_attempts = {} + if not to_discover: + try: + to_discover = __salt__['config.get']('maas')['region'][ +@@ -943,11 +946,46 @@ class MachinesStatus(MaasObject): + while len(total) <= len(to_discover): + for m in to_discover: + for discovered in MachinesStatus.execute()['machines']: +- if m == discovered['hostname'] and \ +- discovered['status'].lower() == req_status.lower(): +- if m in total: ++ if m == discovered['hostname'] and m in total: ++ req_status_list = req_status.lower().split('|') ++ if discovered['status'].lower() in req_status_list: + total.remove(m) +- ++ elif attempts > 0 and (m not in failed_attempts or ++ failed_attempts[m] < attempts): ++ status = discovered['status'] ++ sid = discovered['system_id'] ++ cls._maas = _create_maas_client() ++ if status in ['Failed commissioning', 'New']: ++ LOG.info('Machine {0} deleted'.format(sid)) ++ cls._maas.delete(u'api/2.0/machines/{0}/' ++ .format(sid)) ++ Machine().process() ++ elif status in ['Failed testing']: ++ data = {} ++ LOG.info('Machine {0} overriden'.format(sid)) ++ action = 'override_failed_testing' ++ cls._maas.post(u'api/2.0/machines/{0}/' ++ .format(sid), action, **data) ++ elif status in ['Failed deployment', 'Allocated']: ++ data = {} ++ LOG.info('Machine {0} mark broken'.format(sid)) ++ cls._maas.post(u'api/2.0/machines/{0}/' ++ .format(sid), 'mark_broken', **data) ++ time.sleep(poll_time) ++ LOG.info('Machine {0} mark fixed'.format(sid)) ++ cls._maas.post(u'api/2.0/machines/{0}/' ++ .format(sid), 'mark_fixed', **data) ++ if m in failed_attempts and failed_attempts[m]: ++ LOG.info('Machine {0} fio test'.format(sid)) ++ data['testing_scripts'] = 'fio' ++ cls._maas.post(u'api/2.0/machines/{0}/' ++ .format(sid), 'commission', **data) ++ DeployMachines().process() ++ else: ++ continue ++ if m not in failed_attempts: ++ failed_attempts[m] = 0 ++ failed_attempts[m] = failed_attempts[m] + 1 + if len(total) <= 0: + LOG.debug( + "Machines:{} are:{}".format(to_discover, req_status)) +@@ -959,7 +997,9 @@ class MachinesStatus(MaasObject): + "Waiting status:{} " + "for machines:{}" + "\nsleep for:{}s " +- "Timeout:{}s".format(req_status, total, poll_time, timeout)) ++ "Timeout:{}s ({}s left)" ++ .format(req_status, total, poll_time, timeout, ++ timeout - (time.time() - started_at))) + time.sleep(poll_time) + + +diff --git a/maas/machines/wait_for_deployed.sls b/maas/machines/wait_for_deployed.sls +index ebeedac..a646fdb 100644 +--- a/maas/machines/wait_for_deployed.sls ++++ b/maas/machines/wait_for_deployed.sls +@@ -9,5 +9,7 @@ wait_for_machines_deployed: + - name: maas.wait_for_machine_status + - kwargs: + req_status: "Deployed" ++ timeout: {{ region.timeout.deployed }} ++ attempts: {{ region.timeout.attempts }} + - require: + - cmd: maas_login_admin +diff --git a/maas/machines/wait_for_ready.sls b/maas/machines/wait_for_ready.sls +index c5d3c28..d8a2963 100644 +--- a/maas/machines/wait_for_ready.sls ++++ b/maas/machines/wait_for_ready.sls +@@ -7,5 +7,8 @@ maas_login_admin: + wait_for_machines_ready: + module.run: + - name: maas.wait_for_machine_status ++ - kwargs: ++ timeout: {{ region.timeout.ready }} ++ attempts: {{ region.timeout.attempts }} + - require: + - cmd: maas_login_admin +diff --git a/maas/machines/wait_for_ready_or_deployed.sls b/maas/machines/wait_for_ready_or_deployed.sls +new file mode 100644 +index 0000000..db3dcc4 +--- /dev/null ++++ b/maas/machines/wait_for_ready_or_deployed.sls +@@ -0,0 +1,15 @@ ++{%- from "maas/map.jinja" import region with context %} ++ ++maas_login_admin: ++ cmd.run: ++ - name: "maas-region apikey --username {{ region.admin.username }} > /var/lib/maas/.maas_credentials" ++ ++wait_for_machines_ready_or_deployed: ++ module.run: ++ - name: maas.wait_for_machine_status ++ - kwargs: ++ req_status: "Ready|Deployed" ++ timeout: {{ region.timeout.ready }} ++ attempts: {{ region.timeout.attempts }} ++ - require: ++ - cmd: maas_login_admin +diff --git a/maas/map.jinja b/maas/map.jinja +index 0671435..1e6ac07 100644 +--- a/maas/map.jinja ++++ b/maas/map.jinja +@@ -22,6 +22,10 @@ Debian: + bind: + host: 0.0.0.0 + port: 80 ++ timeout: ++ ready: 1200 ++ deployed: 7200 ++ attempts: 0 + {%- endload %} + + {%- set region = salt['grains.filter_by'](region_defaults, merge=salt['pillar.get']('maas:region', {})) %} +diff --git a/tests/pillar/maas_region.sls b/tests/pillar/maas_region.sls +index d3325eb..d710216 100644 +--- a/tests/pillar/maas_region.sls ++++ b/tests/pillar/maas_region.sls +@@ -34,3 +34,7 @@ maas: + password: password + username: maas + salt_master_ip: 127.0.0.1 ++ timeout: ++ deployed: 900 ++ ready: 900 ++ attempts: 2 diff --git a/mcp/patches/salt-formula-maas/0004-curtin-Tune-default-salt-minion-config.patch b/mcp/patches/salt-formula-maas/0004-curtin-Tune-default-salt-minion-config.patch new file mode 100644 index 000000000..978f4ecb6 --- /dev/null +++ b/mcp/patches/salt-formula-maas/0004-curtin-Tune-default-salt-minion-config.patch @@ -0,0 +1,43 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Mon, 5 Nov 2018 16:47:13 +0100 +Subject: [PATCH] curtin: Tune default salt-minion config + +* Sync AArch64 configuration with the changes introduced by commit + c6a12de on amd64 + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + maas/files/curtin_userdata_arm64_generic_xenial | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/maas/files/curtin_userdata_arm64_generic_xenial b/maas/files/curtin_userdata_arm64_generic_xenial +index af9a047..1b2e401 100644 +--- a/maas/files/curtin_userdata_arm64_generic_xenial ++++ b/maas/files/curtin_userdata_arm64_generic_xenial +@@ -32,8 +32,16 @@ late_commands: + apt_03_update: ["curtin", "in-target", "--", "apt-get", "update"] + salt_01_install: ["curtin", "in-target", "--", "apt-get", "-y", "install", "salt-minion", "python-futures"] + salt_02_hostname_set: ["curtin", "in-target", "--", "echo", "{% raw %}{{node.hostname}}{% endraw %}.{{pillar.linux.system.domain}}"] +- salt_03_hostname_get: ["curtin", "in-target", "--", "sh", "-c", "echo 'id: {% raw %}{{node.hostname}}{% endraw %}.{{pillar.linux.system.domain}}' >> /etc/salt/minion"] +- salt_04_master: ["curtin", "in-target", "--", "sh", "-c", "echo 'master: {{ salt_master_ip }}' >> /etc/salt/minion"] ++ salt_03_hostname_get: ["curtin", "in-target", "--", "sh", "-c", "echo 'id: {% raw %}{{node.hostname}}{% endraw %}.{{pillar.linux.system.domain}}' >> /etc/salt/minion.d/minion.conf"] ++ salt_04_master: ["curtin", "in-target", "--", "sh", "-c", "echo 'master: {{ salt_master_ip }}' >> /etc/salt/minion.d/minion.conf"] ++ salt_05_max_event_size: ["curtin", "in-target", "--", "sh", "-c", "echo 'max_event_size: 100000000' >> /etc/salt/minion.d/minion.conf"] ++ salt_06_acceptance_wait_time_max: ["curtin", "in-target", "--", "sh", "-c", "echo 'acceptance_wait_time_max: 60' >> /etc/salt/minion.d/minion.conf"] ++ salt_07_acceptance_wait_time: ["curtin", "in-target", "--", "sh", "-c", "echo 'acceptance_wait_time: 10' >> /etc/salt/minion.d/minion.conf"] ++ salt_08_random_reauth_delay: ["curtin", "in-target", "--", "sh", "-c", "echo 'random_reauth_delay: 270' >> /etc/salt/minion.d/minion.conf"] ++ salt_09_recon_default: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_default: 1000' >> /etc/salt/minion.d/minion.conf"] ++ salt_10_recon_max: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_max: 60000' >> /etc/salt/minion.d/minion.conf"] ++ salt_11_recon_randomize: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_randomize: True' >> /etc/salt/minion.d/minion.conf"] ++ salt_12_auth_timeout: ["curtin", "in-target", "--", "sh", "-c", "echo 'auth_timeout: 60' >> /etc/salt/minion.d/minion.conf"] + {% raw %} + {{if third_party_drivers and driver}} + driver_00_key_get: curtin in-target -- sh -c "/bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg" diff --git a/mcp/patches/salt-formula-maas/0005-Implement-tags-support.patch b/mcp/patches/salt-formula-maas/0005-Implement-tags-support.patch new file mode 100644 index 000000000..09d21d022 --- /dev/null +++ b/mcp/patches/salt-formula-maas/0005-Implement-tags-support.patch @@ -0,0 +1,95 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Sat, 29 Dec 2018 23:09:01 +0100 +Subject: [PATCH] Implement 'tags' support + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + README.rst | 5 +++++ + _modules/maas.py | 26 ++++++++++++++++++++++++++ + maas/region.sls | 8 ++++++++ + 3 files changed, 39 insertions(+) + +diff --git a/README.rst b/README.rst +index 78d8aef..8c35458 100644 +--- a/README.rst ++++ b/README.rst +@@ -181,6 +181,11 @@ Single MAAS region service [single UI/API]: + mac: '66:55:44:33:22:11' + commissioning_scripts: + 00-maas-05-simplify-network-interfaces: /etc/maas/files/commisioning_scripts/00-maas-05-simplify-network-interfaces ++ tags: ++ aarch64_hugepages_1g: ++ comment: 'Enable 1G pagesizes on aarch64' ++ definition: '//capability[@id="asimd"]' ++ kernel_opts: 'default_hugepagesz=1G hugepagesz=1G' + maas_config: + # domain: mydomain.local # This function broken + http_proxy: http://192.168.0.10:3142 +diff --git a/_modules/maas.py b/_modules/maas.py +index bb70576..0cda8dd 100644 +--- a/_modules/maas.py ++++ b/_modules/maas.py +@@ -876,6 +876,28 @@ class Domain(MaasObject): + return ret + + ++class Tags(MaasObject): ++ def __init__(self): ++ super(Tags, self).__init__() ++ self._all_elements_url = u'api/2.0/tags/' ++ self._create_url = u'api/2.0/tags/' ++ self._config_path = 'region.tags' ++ self._update_url = u'api/2.0/tags/{0}/' ++ self._update_key = 'name' ++ ++ def fill_data(self, name, tag_data): ++ data = { ++ 'name': name, ++ } ++ for key in ['comment', 'definition', 'kernel_opts']: ++ if key in tag_data: ++ data[key] = tag_data[key] ++ return data ++ ++ def update(self, new, old): ++ return new ++ ++ + class MachinesStatus(MaasObject): + @classmethod + def execute(cls, objects_name=None): +@@ -1065,5 +1087,9 @@ def process_sshprefs(): + return SSHPrefs().process() + + ++def process_tags(): ++ return Tags().process() ++ ++ + def wait_for_machine_status(**kwargs): + return MachinesStatus.wait_for_machine_status(**kwargs) +diff --git a/maas/region.sls b/maas/region.sls +index 4a7f6cc..52fb952 100644 +--- a/maas/region.sls ++++ b/maas/region.sls +@@ -444,4 +444,12 @@ maas_sshkey_{{ idx }}: + {% endfor %} + {%- endif %} + ++{%- if region.get('tags', False) %} ++maas_tags: ++ module.run: ++ - name: maas.process_tags ++ - require: ++ - cmd: maas_login_admin ++{%- endif %} ++ + {%- endif %} diff --git a/mcp/patches/salt-formula-maas/0006-curtin-Add-Bionic-support.patch b/mcp/patches/salt-formula-maas/0006-curtin-Add-Bionic-support.patch new file mode 100644 index 000000000..c69507b20 --- /dev/null +++ b/mcp/patches/salt-formula-maas/0006-curtin-Add-Bionic-support.patch @@ -0,0 +1,231 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Wed, 16 Oct 2019 15:02:39 +0200 +Subject: [PATCH] curtin: Add Bionic support + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + .../curtin_userdata_amd64_generic_bionic | 84 +++++++++++++++++++ + .../curtin_userdata_arm64_generic_bionic | 79 +++++++++++++++++ + maas/region.sls | 24 ++++++ + 3 files changed, 187 insertions(+) + create mode 100644 maas/files/curtin_userdata_amd64_generic_bionic + create mode 100644 maas/files/curtin_userdata_arm64_generic_bionic + +diff --git a/maas/files/curtin_userdata_amd64_generic_bionic b/maas/files/curtin_userdata_amd64_generic_bionic +new file mode 100644 +index 0000000..11af3cf +--- /dev/null ++++ b/maas/files/curtin_userdata_amd64_generic_bionic +@@ -0,0 +1,84 @@ ++{%- from "maas/map.jinja" import cluster with context %} ++{%- raw %} ++#cloud-config ++debconf_selections: ++ maas: | ++ {{for line in str(curtin_preseed).splitlines()}} ++ {{line}} ++ {{endfor}} ++early_commands: ++ thin_tools_install: ["sh", "-c", "apt-get update --quiet && apt-get --assume-yes install thin-provisioning-tools"] ++{{if third_party_drivers and driver}} ++ {{py: key_string = ''.join(['\\x%x' % x for x in map(ord, driver['key_binary'])])}} ++ driver_00_get_key: /bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg ++ driver_01_add_key: ["apt-key", "add", "/tmp/maas-{{driver['package']}}.gpg"] ++ driver_02_add: ["add-apt-repository", "-y", "deb {{driver['repository']}} {{node.get_distro_series()}} main"] ++ driver_03_update_install: ["sh", "-c", "apt-get update --quiet && apt-get --assume-yes install {{driver['package']}}"] ++ driver_04_load: ["sh", "-c", "depmod && modprobe {{driver['module']}}"] ++{{endif}} ++late_commands: ++ maas: [wget, '--no-proxy', {{node_disable_pxe_url|escape.json}}, '--post-data', {{node_disable_pxe_data|escape.json}}, '-O', '/dev/null'] ++{% endraw %} ++ ++{%- if cluster.get('saltstack_repo_key', False) %} ++ {% set salt_repo_key = salt['hashutil.base64_b64encode'](cluster.saltstack_repo_key) %} ++ apt_00_set_gpg: ["curtin", "in-target", "--", "sh", "-c", "echo '{{salt_repo_key}}' | base64 -d | apt-key add -"] ++{%- endif %} ++{% if cluster.saltstack_repo_bionic.startswith('deb') %} ++ {%- set saltstack_repo = cluster.saltstack_repo_bionic -%} ++{%- else %} ++ {%- set saltstack_repo = 'deb [arch=amd64] ' + cluster.saltstack_repo_bionic -%} ++{%- endif %} ++ ++ apt_01_set_repo: ["curtin", "in-target", "--", "sh", "-c", "echo '{{ saltstack_repo }}' >> /etc/apt/sources.list.d/mcp_saltstack.list"] ++ apt_03_update: ["curtin", "in-target", "--", "apt-get", "update"] ++{%- if salt['pillar.get']('maas:cluster:curtin_vars:amd64:bionic:extra_pkgs:enabled')|default(false) %} ++ {% for pkg in pillar.maas.cluster.curtin_vars.amd64.bionic.extra_pkgs.pkgs -%} ++ apt_04_install_pkgs_{{ loop.index }}: ["curtin", "in-target", "--", "apt-get", "-y", "install", "{{ pkg }}"] ++ {% endfor %} ++{%- endif %} ++{%- if salt['pillar.get']('maas:cluster:curtin_vars:amd64:bionic:kernel_package:enabled')|default(false) %} ++ apt_05_kernel_old_absent: ["curtin", "in-target", "--", "sh", "-c", "dpkg -l '*linux-generic-*[0-9]*' '*linux-image-*[0-9]*' '*linux-headers-*[0-9]*' '*linux-image-extra-*[0-9]*' '*linux-modules-extra-*[0-9]*' 'linux-generic' 'linux-image-generic' 'linux-headers-generic' 2>/dev/null | grep -E '^ii' | awk '{print $2}' | grep -v '{{ pillar.maas.cluster.curtin_vars.amd64.bionic.kernel_package.value.split('-')[2:-1] | join('-') }}' | xargs dpkg --purge --force-depends"] ++{%- endif %} ++ salt_01_install: ["curtin", "in-target", "--", "apt-get", "-y", "install", "salt-minion", "ifupdown", "cloud-init", "dnsmasq"] ++ salt_02_hostname_set: ["curtin", "in-target", "--", "echo", "{% raw %}{{node.hostname}}{% endraw %}.{{pillar.linux.system.domain}}"] ++ salt_03_hostname_get: ["curtin", "in-target", "--", "sh", "-c", "echo 'id: {% raw %}{{node.hostname}}{% endraw %}.{{pillar.linux.system.domain}}' >> /etc/salt/minion.d/minion.conf"] ++ salt_04_master: ["curtin", "in-target", "--", "sh", "-c", "echo 'master: {{ salt_master_ip }}' >> /etc/salt/minion.d/minion.conf"] ++ salt_05_max_event_size: ["curtin", "in-target", "--", "sh", "-c", "echo 'max_event_size: 100000000' >> /etc/salt/minion.d/minion.conf"] ++ salt_06_acceptance_wait_time_max: ["curtin", "in-target", "--", "sh", "-c", "echo 'acceptance_wait_time_max: 60' >> /etc/salt/minion.d/minion.conf"] ++ salt_07_acceptance_wait_time: ["curtin", "in-target", "--", "sh", "-c", "echo 'acceptance_wait_time: 10' >> /etc/salt/minion.d/minion.conf"] ++ salt_08_random_reauth_delay: ["curtin", "in-target", "--", "sh", "-c", "echo 'random_reauth_delay: 270' >> /etc/salt/minion.d/minion.conf"] ++ salt_09_recon_default: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_default: 1000' >> /etc/salt/minion.d/minion.conf"] ++ salt_10_recon_max: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_max: 60000' >> /etc/salt/minion.d/minion.conf"] ++ salt_11_recon_randomize: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_randomize: True' >> /etc/salt/minion.d/minion.conf"] ++ salt_12_auth_timeout: ["curtin", "in-target", "--", "sh", "-c", "echo 'auth_timeout: 60' >> /etc/salt/minion.d/minion.conf"] ++ ++ salt_20_bionic_nplan_stop: ["curtin", "in-target", "--", "systemctl", "stop", "systemd-networkd.socket", "systemd-networkd", "networkd-dispatcher", "systemd-networkd-wait-online", "systemd-resolved"] ++ salt_21_bionic_nplan_disable: ["curtin", "in-target", "--", "systemctl", "disable", "systemd-networkd.socket", "systemd-networkd", "networkd-dispatcher", "systemd-networkd-wait-online", "systemd-resolved"] ++ salt_22_bionic_nplan_mask: ["curtin", "in-target", "--", "systemctl", "mask", "systemd-networkd.socket", "systemd-networkd", "networkd-dispatcher", "systemd-networkd-wait-online", "systemd-resolved"] ++ salt_23_bionic_nplan_purge: ["curtin", "in-target", "--", "apt", "--assume-yes", "purge", "nplan", "netplan.io"] ++ salt_24_bionic_interfaces: ["curtin", "in-target", "--", "sh", "-c", "echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces"] ++ salt_25_bionic_networking_unmask: ["curtin", "in-target", "--", "systemctl", "unmask", "networking.service"] ++ salt_26_bionic_networking_enable: ["curtin", "in-target", "--", "systemctl", "enable", "networking.service"] ++ salt_27_bionic_networking_start: ["curtin", "in-target", "--", "systemctl", "start", "networking.service"] ++ ++{%- if salt['pillar.get']('maas:cluster:curtin_vars:amd64:bionic:kernel_package:enabled')|default(false) %} ++kernel: ++ package: {{ pillar.maas.cluster.curtin_vars.amd64.bionic.kernel_package.value }} ++{%- endif %} ++ ++{% raw %} ++{{if third_party_drivers and driver}} ++ driver_00_key_get: curtin in-target -- sh -c "/bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg" ++ driver_02_key_add: ["curtin", "in-target", "--", "apt-key", "add", "/tmp/maas-{{driver['package']}}.gpg"] ++ driver_03_add: ["curtin", "in-target", "--", "add-apt-repository", "-y", "deb {{driver['repository']}} {{node.get_distro_series()}} main"] ++ driver_04_update_install: ["curtin", "in-target", "--", "apt-get", "update", "--quiet"] ++ driver_05_install: ["curtin", "in-target", "--", "apt-get", "-y", "install", "{{driver['package']}}"] ++ driver_06_depmod: ["curtin", "in-target", "--", "depmod"] ++ driver_07_update_initramfs: ["curtin", "in-target", "--", "update-initramfs", "-u"] ++{{endif}} ++{% endraw %} ++ ++{# ++# vim: ft=jinja ++#} +diff --git a/maas/files/curtin_userdata_arm64_generic_bionic b/maas/files/curtin_userdata_arm64_generic_bionic +new file mode 100644 +index 0000000..006d8c2 +--- /dev/null ++++ b/maas/files/curtin_userdata_arm64_generic_bionic +@@ -0,0 +1,79 @@ ++{%- from "maas/map.jinja" import cluster with context %} ++{% raw %} ++#cloud-config ++debconf_selections: ++ maas: | ++ {{for line in str(curtin_preseed).splitlines()}} ++ {{line}} ++ {{endfor}} ++early_commands: ++ thin_tools_install: ["sh", "-c", "apt-get update --quiet && apt-get --assume-yes install thin-provisioning-tools"] ++{{if third_party_drivers and driver}} ++ {{py: key_string = ''.join(['\\x%x' % x for x in map(ord, driver['key_binary'])])}} ++ driver_00_get_key: /bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg ++ driver_01_add_key: ["apt-key", "add", "/tmp/maas-{{driver['package']}}.gpg"] ++ driver_02_add: ["add-apt-repository", "-y", "deb {{driver['repository']}} {{node.get_distro_series()}} main"] ++ driver_03_update_install: ["sh", "-c", "apt-get update --quiet && apt-get --assume-yes install {{driver['package']}}"] ++ driver_04_load: ["sh", "-c", "depmod && modprobe {{driver['module']}}"] ++{{endif}} ++late_commands: ++ maas: [wget, '--no-proxy', {{node_disable_pxe_url|escape.json}}, '--post-data', {{node_disable_pxe_data|escape.json}}, '-O', '/dev/null'] ++{% endraw %} ++{%- if cluster.get('saltstack_repo_key', False) %} ++ {% set salt_repo_key = salt['hashutil.base64_b64encode'](cluster.saltstack_repo_key) %} ++ apt_00_set_gpg: ["curtin", "in-target", "--", "sh", "-c", "echo '{{salt_repo_key}}' | base64 -d | apt-key add -"] ++{%- endif %} ++{% if cluster.saltstack_repo_bionic.startswith('deb') %} ++ {%- set saltstack_repo = cluster.saltstack_repo_bionic -%} ++{%- else %} ++ {%- set saltstack_repo = 'deb [arch=amd64] ' + cluster.saltstack_repo_bionic -%} ++{%- endif %} ++{#- NOTE: Re-use amd64 repos on arm64 since most packages are arch independent #} ++ apt_01_set_repo: ["curtin", "in-target", "--", "sh", "-c", "echo '{{ saltstack_repo }}' >> /etc/apt/sources.list.d/mcp_saltstack.list"] ++ apt_03_update: ["curtin", "in-target", "--", "apt-get", "update"] ++{%- if salt['pillar.get']('maas:cluster:curtin_vars:arm64:bionic:extra_pkgs:enabled')|default(false) %} ++ {% for pkg in pillar.maas.cluster.curtin_vars.arm64.bionic.extra_pkgs.pkgs -%} ++ apt_04_install_pkgs_{{ loop.index }}: ["curtin", "in-target", "--", "apt-get", "-y", "install", "{{ pkg }}"] ++ {% endfor %} ++{%- endif %} ++{%- if salt['pillar.get']('maas:cluster:curtin_vars:arm64:bionic:kernel_package:enabled')|default(false) %} ++ apt_05_kernel_old_absent: ["curtin", "in-target", "--", "sh", "-c", "dpkg -l '*linux-generic-*[0-9]*' '*linux-image-*[0-9]*' '*linux-headers-*[0-9]*' '*linux-image-extra-*[0-9]*' '*linux-modules-extra-*[0-9]*' 'linux-generic' 'linux-image-generic' 'linux-headers-generic' 2>/dev/null | grep -E '^ii' | awk '{print $2}' | grep -v '{{ pillar.maas.cluster.curtin_vars.arm64.bionic.kernel_package.value.split('-')[2:-1] | join('-') }}' | xargs dpkg --purge --force-depends"] ++{%- endif %} ++ salt_01_install: ["curtin", "in-target", "--", "apt-get", "-y", "install", "salt-minion", "python-futures", "ifupdown", "cloud-init", "dnsmasq"] ++ salt_02_hostname_set: ["curtin", "in-target", "--", "echo", "{% raw %}{{node.hostname}}{% endraw %}.{{pillar.linux.system.domain}}"] ++ salt_03_hostname_get: ["curtin", "in-target", "--", "sh", "-c", "echo 'id: {% raw %}{{node.hostname}}{% endraw %}.{{pillar.linux.system.domain}}' >> /etc/salt/minion.d/minion.conf"] ++ salt_04_master: ["curtin", "in-target", "--", "sh", "-c", "echo 'master: {{ salt_master_ip }}' >> /etc/salt/minion.d/minion.conf"] ++ salt_05_max_event_size: ["curtin", "in-target", "--", "sh", "-c", "echo 'max_event_size: 100000000' >> /etc/salt/minion.d/minion.conf"] ++ salt_06_acceptance_wait_time_max: ["curtin", "in-target", "--", "sh", "-c", "echo 'acceptance_wait_time_max: 60' >> /etc/salt/minion.d/minion.conf"] ++ salt_07_acceptance_wait_time: ["curtin", "in-target", "--", "sh", "-c", "echo 'acceptance_wait_time: 10' >> /etc/salt/minion.d/minion.conf"] ++ salt_08_random_reauth_delay: ["curtin", "in-target", "--", "sh", "-c", "echo 'random_reauth_delay: 270' >> /etc/salt/minion.d/minion.conf"] ++ salt_09_recon_default: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_default: 1000' >> /etc/salt/minion.d/minion.conf"] ++ salt_10_recon_max: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_max: 60000' >> /etc/salt/minion.d/minion.conf"] ++ salt_11_recon_randomize: ["curtin", "in-target", "--", "sh", "-c", "echo 'recon_randomize: True' >> /etc/salt/minion.d/minion.conf"] ++ salt_12_auth_timeout: ["curtin", "in-target", "--", "sh", "-c", "echo 'auth_timeout: 60' >> /etc/salt/minion.d/minion.conf"] ++ ++ salt_20_bionic_nplan_stop: ["curtin", "in-target", "--", "systemctl", "stop", "systemd-networkd.socket", "systemd-networkd", "networkd-dispatcher", "systemd-networkd-wait-online", "systemd-resolved"] ++ salt_21_bionic_nplan_disable: ["curtin", "in-target", "--", "systemctl", "disable", "systemd-networkd.socket", "systemd-networkd", "networkd-dispatcher", "systemd-networkd-wait-online", "systemd-resolved"] ++ salt_22_bionic_nplan_mask: ["curtin", "in-target", "--", "systemctl", "mask", "systemd-networkd.socket", "systemd-networkd", "networkd-dispatcher", "systemd-networkd-wait-online", "systemd-resolved"] ++ salt_23_bionic_nplan_purge: ["curtin", "in-target", "--", "apt", "--assume-yes", "purge", "nplan", "netplan.io"] ++ salt_24_bionic_interfaces: ["curtin", "in-target", "--", "sh", "-c", "echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces"] ++ salt_25_bionic_networking_unmask: ["curtin", "in-target", "--", "systemctl", "unmask", "networking.service"] ++ salt_26_bionic_networking_enable: ["curtin", "in-target", "--", "systemctl", "enable", "networking.service"] ++ salt_27_bionic_networking_start: ["curtin", "in-target", "--", "systemctl", "start", "networking.service"] ++ ++{%- if salt['pillar.get']('maas:cluster:curtin_vars:arm64:bionic:kernel_package:enabled')|default(false) %} ++kernel: ++ package: {{ pillar.maas.cluster.curtin_vars.arm64.bionic.kernel_package.value }} ++{%- endif %} ++ ++{% raw %} ++{{if third_party_drivers and driver}} ++ driver_00_key_get: curtin in-target -- sh -c "/bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg" ++ driver_02_key_add: ["curtin", "in-target", "--", "apt-key", "add", "/tmp/maas-{{driver['package']}}.gpg"] ++ driver_03_add: ["curtin", "in-target", "--", "add-apt-repository", "-y", "deb {{driver['repository']}} {{node.get_distro_series()}} main"] ++ driver_04_update_install: ["curtin", "in-target", "--", "apt-get", "update", "--quiet"] ++ driver_05_install: ["curtin", "in-target", "--", "apt-get", "-y", "install", "{{driver['package']}}"] ++ driver_06_depmod: ["curtin", "in-target", "--", "depmod"] ++ driver_07_update_initramfs: ["curtin", "in-target", "--", "update-initramfs", "-u"] ++{{endif}} ++{% endraw %} +diff --git a/maas/region.sls b/maas/region.sls +index 52fb952..ca876ee 100644 +--- a/maas/region.sls ++++ b/maas/region.sls +@@ -138,6 +138,30 @@ maas_apache_headers: + - require: + - pkg: maas_region_packages + ++/etc/maas/preseeds/curtin_userdata_amd64_generic_bionic: ++ file.managed: ++ - source: salt://maas/files/curtin_userdata_amd64_generic_bionic ++ - template: jinja ++ - user: root ++ - group: root ++ - mode: 644 ++ - context: ++ salt_master_ip: {{ region.salt_master_ip }} ++ - require: ++ - pkg: maas_region_packages ++ ++/etc/maas/preseeds/curtin_userdata_arm64_generic_bionic: ++ file.managed: ++ - source: salt://maas/files/curtin_userdata_arm64_generic_bionic ++ - template: jinja ++ - user: root ++ - group: root ++ - mode: 644 ++ - context: ++ salt_master_ip: {{ region.salt_master_ip }} ++ - require: ++ - pkg: maas_region_packages ++ + Configure /root/.pgpass for MAAS: + file.managed: + - name: /root/.pgpass diff --git a/mcp/patches/salt-formula-maas/0007-region-s-syncdb-migrate-for-MaaS-2.4-compatibility.patch b/mcp/patches/salt-formula-maas/0007-region-s-syncdb-migrate-for-MaaS-2.4-compatibility.patch new file mode 100644 index 000000000..f0a70ffc4 --- /dev/null +++ b/mcp/patches/salt-formula-maas/0007-region-s-syncdb-migrate-for-MaaS-2.4-compatibility.patch @@ -0,0 +1,30 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Mon, 27 Jan 2020 17:10:04 +0100 +Subject: [PATCH] region: s/syncdb/migrate/ for MaaS 2.4 compatibility + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + maas/region.sls | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/maas/region.sls b/maas/region.sls +index ca876ee..31e9906 100644 +--- a/maas/region.sls ++++ b/maas/region.sls +@@ -186,7 +186,7 @@ maas_region_services: + maas_region_syncdb: + cmd.run: + - names: +- - maas-region syncdb --noinput ++ - maas-region migrate --noinput + - require: + - file: /etc/maas/regiond.conf + {%- if grains['saltversioninfo'][0] >= 2017 and grains['saltversioninfo'][1] >= 7 %} diff --git a/mcp/patches/salt-formula-neutron/0001-Bring-in-basic-VPP-support.patch b/mcp/patches/salt-formula-neutron/0001-Bring-in-basic-VPP-support.patch new file mode 100644 index 000000000..d790ede3d --- /dev/null +++ b/mcp/patches/salt-formula-neutron/0001-Bring-in-basic-VPP-support.patch @@ -0,0 +1,195 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Thu, 6 Dec 2018 18:25:42 +0100 +Subject: [PATCH] Bring in basic VPP support + +TODO: +- update README + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> + +diff --git a/neutron/agents/_vpp.sls b/neutron/agents/_vpp.sls +new file mode 100644 +index 0000000..c1845d0 +--- /dev/null ++++ b/neutron/agents/_vpp.sls +@@ -0,0 +1,25 @@ ++{%- if pillar.neutron.gateway is defined %} ++{%- from "neutron/map.jinja" import gateway as neutron with context %} ++{%- else %} ++{%- from "neutron/map.jinja" import compute as neutron with context %} ++{%- endif %} ++ ++{%- if 'vpp' in neutron.get('backend', {}).get('mechanism', []) %} ++ ++/etc/neutron/plugins/ml2/ml2_conf.ini: ++ file.managed: ++ - source: salt://neutron/files/{{ neutron.version }}/_ml2_conf.vpp.ini ++ - mode: 0640 ++ - user: root ++ - group: neutron ++ - template: jinja ++ ++vpp: ++ service.running: ++ - enable: True ++ ++vpp-agent: ++ service.running: ++ - enable: True ++ ++{%- endif %} +diff --git a/neutron/compute.sls b/neutron/compute.sls +index 708a51d..3767011 100644 +--- a/neutron/compute.sls ++++ b/neutron/compute.sls +@@ -111,7 +111,9 @@ neutron_metadata_agent: + {%- if compute.opendaylight is defined %} + {%- include "neutron/opendaylight/client.sls" %} + {%- else %} ++ {#- We can reuse this for ml2_vpp and ignore openvswitch_agent.ini #} + {%- include "neutron/ml2_ovs/init.sls" %} ++ {%- include "neutron/agents/_vpp.sls" %} + {%- endif %} + + {%- elif compute.backend.engine == "ovn" %} +diff --git a/neutron/files/rocky/_ml2_conf.vpp.ini b/neutron/files/rocky/_ml2_conf.vpp.ini +new file mode 100644 +index 0000000..2373f64 +--- /dev/null ++++ b/neutron/files/rocky/_ml2_conf.vpp.ini +@@ -0,0 +1,41 @@ ++{%- if pillar.neutron.server is defined %} ++{%- from "neutron/map.jinja" import server as neutron with context %} ++{%- elif pillar.neutron.gateway is defined %} ++{%- from "neutron/map.jinja" import gateway as neutron with context %} ++{%- else %} ++{%- from "neutron/map.jinja" import compute as neutron with context %} ++{%- endif %} ++ ++{%- if 'vpp' in neutron.get('backend', {}).get('mechanism', []) %} ++ ++{%- set physnets_vpp = [] %} ++{%- set mechanism_vpp = neutron.backend.mechanism.vpp %} ++{%- for physnet, params in neutron.backend.get('physnets', {}).iteritems() %} ++{%- if params.get('vpp_interface', False) %} ++{%- do physnets_vpp.append([physnet, params.get('vpp_interface')]|join(":")) %} ++{%- endif %} ++{%- endfor %} ++{%- if not physnets_vpp %} ++{%- do physnets_vpp.append('physnet1:tap-0') %} ++{%- endif %} ++ ++{%- if pillar.neutron.server is not defined %} ++[ml2] ++type_drivers = flat,vlan ++{%- endif %} ++ ++[ml2_vpp] ++jwt_signing = False ++etcd_insecure_explicit_disable_https = True ++l3_hosts = {{ mechanism_vpp.get('l3_hosts', '127.0.0.1') }} ++enable_l3_ha = False ++gpe_locators = ++gpe_src_cidr = ++enable_vpp_restart = False ++etcd_pass = {{ mechanism_vpp.get('etcd_pass', '') }} ++etcd_user = {{ mechanism_vpp.get('etcd_user', '') }} ++etcd_port = {{ mechanism_vpp.get('etcd_port', 2379) }} ++etcd_host = {{ mechanism_vpp.get('etcd_host', '127.0.0.1') }} ++physnets = {{ ','.join(physnets_vpp) }} ++ ++{%- endif %} +diff --git a/neutron/files/rocky/ml2_conf.ini b/neutron/files/rocky/ml2_conf.ini +index a9a598f..4429c80 100644 +--- a/neutron/files/rocky/ml2_conf.ini ++++ b/neutron/files/rocky/ml2_conf.ini +@@ -27,6 +27,9 @@ agent_boot_time = {{ server.get('agent_boot_time', 180) }} + # List of network type driver entrypoints to be loaded from the + # neutron.ml2.type_drivers namespace. (list value) + #type_drivers = local,flat,vlan,gre,vxlan,geneve ++{%- if 'vpp' in server.backend.get('mechanism', []) %} ++type_drivers = flat,vlan ++{%- endif %} + + # Ordered list of network_types to allocate as tenant networks. The default + # value 'local' is useful for single-box testing but provides no connectivity +@@ -239,6 +242,7 @@ neutron_sync_mode = {{ _ovn.neutron_sync_mode|default('repair') }} + enable_distributed_floating_ip = {{ server.dvr|default('false') }} + {%- endif %} + ++{%- include "neutron/files/rocky/_ml2_conf.vpp.ini" %} + + {%- if server.backend.opendaylight|default(False) %} + [ml2_odl] +diff --git a/neutron/gateway.sls b/neutron/gateway.sls +index e51990a..95d4d07 100644 +--- a/neutron/gateway.sls ++++ b/neutron/gateway.sls +@@ -40,6 +40,8 @@ haproxy: + + {%- endif %} + ++{%- include "neutron/agents/_vpp.sls" %} ++ + {%- if gateway.l2gw is defined %} + {%- include "neutron/agents/_l2gw.sls" %} + {%- endif %} +diff --git a/neutron/map.jinja b/neutron/map.jinja +index 9e6cb36..17cd5b3 100644 +--- a/neutron/map.jinja ++++ b/neutron/map.jinja +@@ -14,9 +14,13 @@ + {%- do compute_pkgs_ovn.extend(['neutron-common', 'python-networking-ovn', 'haproxy']) %} + {%- endif %} + {%- set linuxbridge_enabled = pillar.neutron.compute is defined and pillar.neutron.compute.get('backend', {}).get('mechanism', {}).get('lb', {}).get('driver', {}) == "linuxbridge" %} ++{%- set vpp_enabled = 'vpp' in pillar.neutron.get('compute', {}).get('backend', {}).get('mechanism', []) %} + {%- if linuxbridge_enabled %} + {%- set pkgs_cmp = ['neutron-linuxbridge-agent'] %} + {%- set services_cmp = ['neutron-linuxbridge-agent'] %} ++{%- elif vpp_enabled %} ++{%- set pkgs_cmp = ['vpp-agent'] %} ++{%- set services_cmp = ['vpp-agent'] %} + {%- else %} + {%- set pkgs_cmp = ['neutron-openvswitch-agent', 'python-pycadf'] %} + {%- set services_cmp = ['neutron-openvswitch-agent'] %} +@@ -73,6 +77,7 @@ + {%- set opendaylight_enabled = pillar.neutron.gateway is defined and pillar.neutron.gateway.opendaylight is defined %} + {%- set linuxbridge_enabled = pillar.neutron.gateway is defined and pillar.neutron.gateway.get('backend', {}).get('mechanism', {}).get('lb', {}).get('driver', {}) == "linuxbridge" %} + {%- set dhcp_enabled = pillar.neutron.gateway is defined and pillar.neutron.gateway.get('dhcp_agent_enabled', True) %} ++{%- set vpp_enabled = 'vpp' in pillar.neutron.get('gateway', {}).get('backend', {}).get('mechanism', []) %} + {%- set pkgs_list = ['neutron-metadata-agent'] %} + + {%- set services_list = ['neutron-metadata-agent'] %} +@@ -83,6 +88,13 @@ + {%- if linuxbridge_enabled %} + {%- do pkgs_list.extend(['neutron-linuxbridge-agent', 'neutron-l3-agent']) %} + {%- do services_list.extend(['neutron-linuxbridge-agent', 'neutron-l3-agent']) %} ++{%- elif vpp_enabled %} ++{%- do pkgs_list.extend(['vpp-agent']) %} ++{%- do services_list.extend(['vpp-agent']) %} ++{%- if 'vpp-router' not in pillar.neutron.gateway.backend.get('router', '') %} ++{%- do pkgs_list.extend(['neutron-l3-agent']) %} ++{%- do services_list.extend(['neutron-l3-agent']) %} ++{%- endif %} + {%- elif not opendaylight_enabled %} + {%- do pkgs_list.extend(['neutron-openvswitch-agent', 'neutron-l3-agent']) %} + {%- do services_list.extend(['neutron-openvswitch-agent', 'neutron-l3-agent']) %} +@@ -132,6 +144,10 @@ + {%- set server_services_list = ['neutron-server'] %} + {%- do server_services_list.append('neutron-rpc-server') if wsgi_enabled %} + ++{%- if 'vpp' in pillar.neutron.get('server', {}).get('backend', {}).get('mechanism', []) %} ++{%- do server_pkgs_list.extend(['python3-networking-vpp']) %} ++{%- endif %} ++ + {% set server = salt['grains.filter_by']({ + 'BaseDefaults': default_params, + 'Debian': { diff --git a/mcp/patches/salt-formula-neutron/0002-Align-packages-with-stein-reqs.patch b/mcp/patches/salt-formula-neutron/0002-Align-packages-with-stein-reqs.patch new file mode 100644 index 000000000..6dcd91a3c --- /dev/null +++ b/mcp/patches/salt-formula-neutron/0002-Align-packages-with-stein-reqs.patch @@ -0,0 +1,114 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Thu, 11 Jul 2019 11:52:53 +0400 +Subject: [PATCH] Align packages with stein reqs + +diff --git a/neutron/map.jinja b/neutron/map.jinja +index 17cd5b3..ed1831a 100644 +--- a/neutron/map.jinja ++++ b/neutron/map.jinja +@@ -11,7 +11,7 @@ + {%- if os_family == "Debian" %} + {%- set compute_pkgs_ovn = ['ovn-common', 'ovn-host'] %} + {%- if pillar.neutron.compute is defined and pillar.neutron.compute.metadata is defined %} +-{%- do compute_pkgs_ovn.extend(['neutron-common', 'python-networking-ovn', 'haproxy']) %} ++{%- do compute_pkgs_ovn.extend(['neutron-common', 'python3-networking-ovn', 'haproxy']) %} + {%- endif %} + {%- set linuxbridge_enabled = pillar.neutron.compute is defined and pillar.neutron.compute.get('backend', {}).get('mechanism', {}).get('lb', {}).get('driver', {}) == "linuxbridge" %} + {%- set vpp_enabled = 'vpp' in pillar.neutron.get('compute', {}).get('backend', {}).get('mechanism', []) %} +@@ -22,7 +22,7 @@ + {%- set pkgs_cmp = ['vpp-agent'] %} + {%- set services_cmp = ['vpp-agent'] %} + {%- else %} +-{%- set pkgs_cmp = ['neutron-openvswitch-agent', 'python-pycadf'] %} ++{%- set pkgs_cmp = ['neutron-openvswitch-agent'] %} + {%- set services_cmp = ['neutron-openvswitch-agent'] %} + {%- endif %} + {%- endif %} +@@ -33,7 +33,7 @@ + 'Debian': { + 'pkgs': pkgs_cmp, + 'pkgs_ovn': compute_pkgs_ovn, +- 'pkgs_bagpipe': ['python-networking-bagpipe'], ++ 'pkgs_bagpipe': ['python3-networking-bagpipe'], + 'services': services_cmp, + 'services_ovn': ['ovn-host'], + 'dpdk': false, +@@ -138,9 +138,9 @@ + + {%- set sfc_enabled = pillar.neutron.get('server', {}).get('sfc', {}).get('enabled', False) %} + {%- set wsgi_enabled = pillar.neutron.get('server', {}).get('wsgi', {}).get('enabled', False) %} +-{%- set server_pkgs_list = ['python-neutron-lbaas'] %} ++{%- set server_pkgs_list = [] %} + {%- do server_pkgs_list.append('uwsgi-plugin-python' if wsgi_enabled else 'neutron-server') %} +-{%- do server_pkgs_list.append('python-networking-sfc') if sfc_enabled %} ++{%- do server_pkgs_list.append('python3-networking-sfc') if sfc_enabled %} + {%- set server_services_list = ['neutron-server'] %} + {%- do server_services_list.append('neutron-rpc-server') if wsgi_enabled %} + +@@ -152,11 +152,11 @@ + 'BaseDefaults': default_params, + 'Debian': { + 'pkgs': server_pkgs_list, +- 'pkgs_ovn': ['python-networking-ovn', 'ovn-common', 'ovn-central'], ++ 'pkgs_ovn': ['python3-networking-ovn', 'ovn-common', 'ovn-central'], + 'pkgs_ml2': ['neutron-plugin-ml2'], +- 'pkgs_l2gw': ['python-networking-l2gw'], +- 'pkgs_bgpvpn': ['python-networking-bgpvpn'], +- 'pkgs_bagpipe': ['python-networking-bagpipe'], ++ 'pkgs_l2gw': ['python3-networking-l2gw'], ++ 'pkgs_bgpvpn': ['python3-networking-bgpvpn'], ++ 'pkgs_bagpipe': ['python3-networking-bagpipe'], + 'services': server_services_list, + 'services_ovn': ['openvswitch-switch', 'ovn-central'], + 'notification': {}, +@@ -204,7 +204,7 @@ + + {% set client = salt['grains.filter_by']({ + 'Debian': { +- 'pkgs': ['python-neutronclient'], ++ 'pkgs': ['python3-neutronclient'], + 'enabled': false + }, + 'RedHat': { +diff --git a/neutron/opendaylight/client.sls b/neutron/opendaylight/client.sls +index fb5829f..be9aff6 100644 +--- a/neutron/opendaylight/client.sls ++++ b/neutron/opendaylight/client.sls +@@ -4,7 +4,7 @@ + {%- from "neutron/map.jinja" import compute as neutron with context %} + {%- endif %} + +-python-networking-odl: ++python3-networking-odl: + pkg.installed + + {%- if not grains.get('noservices', False) %} +@@ -31,6 +31,6 @@ neutron_odl_ovs_hostconfig: + cmd.run: + - name: 'neutron-odl-ovs-hostconfig {{ ovs_hostconfig|join(' ') }}' + - require: +- - pkg: python-networking-odl ++ - pkg: python3-networking-odl + + {%- endif %} +diff --git a/neutron/server.sls b/neutron/server.sls +index 99bbdef..692e0ce 100644 +--- a/neutron/server.sls ++++ b/neutron/server.sls +@@ -115,7 +115,7 @@ ml2_plugin_link: + {%- endif %} + + {%- if server.backend.get('opendaylight', False) %} +-python-networking-odl: ++python3-networking-odl: + pkg.installed: + - require_in: + - pkg: neutron_server_packages diff --git a/mcp/patches/salt-formula-rabbitmq/0001-Stop-epmd.socket-before-relaunching-rabbit-service.patch b/mcp/patches/salt-formula-rabbitmq/0001-Stop-epmd.socket-before-relaunching-rabbit-service.patch new file mode 100644 index 000000000..f7b85f5ab --- /dev/null +++ b/mcp/patches/salt-formula-rabbitmq/0001-Stop-epmd.socket-before-relaunching-rabbit-service.patch @@ -0,0 +1,34 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Fri, 18 Oct 2019 17:07:13 +0200 +Subject: [PATCH] Stop epmd.socket before relaunching rabbit service + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + rabbitmq/server/service.sls | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/rabbitmq/server/service.sls b/rabbitmq/server/service.sls +index 3e95a30..05f2eb1 100644 +--- a/rabbitmq/server/service.sls ++++ b/rabbitmq/server/service.sls +@@ -58,6 +58,12 @@ rabbitmq_limits_systemd: + - require: + - pkg: rabbitmq_server + ++rabbitmq_epmd_socket: ++ service.dead: ++ - name: epmd.socket ++ - require: ++ - pkg: rabbitmq_server ++ + {%- endif %} + + {%- if server.secret_key is defined and not grains.get('noservices', False) %} diff --git a/mcp/patches/salt-formula-redis/0001-Add-Ubuntu-Bionic-support.patch b/mcp/patches/salt-formula-redis/0001-Add-Ubuntu-Bionic-support.patch new file mode 100644 index 000000000..1c06bd9d3 --- /dev/null +++ b/mcp/patches/salt-formula-redis/0001-Add-Ubuntu-Bionic-support.patch @@ -0,0 +1,44 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Thu, 24 Oct 2019 23:04:16 +0200 +Subject: [PATCH] Add Ubuntu Bionic support + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + redis/map.jinja | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/redis/map.jinja b/redis/map.jinja +index 299d5a4..7cbceb4 100755 +--- a/redis/map.jinja ++++ b/redis/map.jinja +@@ -37,6 +37,9 @@ + 'xenial': { + 'version': '3.0', + }, ++ 'bionic': { ++ 'version': '3.0', ++ }, + }, grain='oscodename', merge=salt['pillar.get']('redis:server'))) %} + + {% set cluster = salt['grains.filter_by']({ +@@ -60,4 +63,12 @@ + 'port': '26379' + } + }, ++ 'bionic': { ++ 'pkgs': ['redis-sentinel'], ++ 'service': 'redis-sentinel', ++ 'sentinel': { ++ 'address': '127.0.0.1', ++ 'port': '26379' ++ } ++ }, + }, grain='oscodename', merge=salt['pillar.get']('redis:cluster'))) %} diff --git a/mcp/patches/scripts/0001-salt-master-setup.sh-Allow-arm64-salt-bootstrap.patch b/mcp/patches/scripts/0001-salt-master-setup.sh-Allow-arm64-salt-bootstrap.patch deleted file mode 100644 index 8d0c46c92..000000000 --- a/mcp/patches/scripts/0001-salt-master-setup.sh-Allow-arm64-salt-bootstrap.patch +++ /dev/null @@ -1,59 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Fri, 1 Sep 2017 00:48:26 +0200 -Subject: [PATCH] salt-master-setup.sh: Allow arm64 salt-bootstrap - -Upstream commit [1] broke Salt bootstrap on AArch64, by -introducing an architecture condition that is too strict to allow -Debian package installation (even if we provide our own repo). - -Add "arm64" to the list of supported architectures. This needs -to be done on the fly, as the bootstrap script is fetched using -`curl` from <salt-master-setup.sh>. - -[1] https://github.com/saltstack/salt-bootstrap/commit/caa6d7d - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - salt-master-setup.sh | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/salt-master-setup.sh b/salt-master-setup.sh -index cba21fb..0dd3036 100755 ---- a/salt-master-setup.sh -+++ b/salt-master-setup.sh -@@ -237,12 +237,12 @@ install_salt_master_pkg() - debian) - $SUDO apt-get install -y git - which reclass || $SUDO apt install -qqq -y reclass -- curl -L https://bootstrap.saltstack.com | $SUDO sh -s -- -M ${BOOTSTRAP_SALTSTACK_OPTS} &>/dev/null || true -+ curl -L https://bootstrap.saltstack.com | sed 's@"amd64")@"amd64"|"arm64")@g' | $SUDO sh -s -- -M ${BOOTSTRAP_SALTSTACK_OPTS} &>/dev/null || true - ;; - rhel) - yum install -y git - which reclass || $SUDO yum install -y reclass -- curl -L https://bootstrap.saltstack.com | $SUDO sh -s -- -M ${BOOTSTRAP_SALTSTACK_OPTS} &>/dev/null || true -+ curl -L https://bootstrap.saltstack.com | sed 's@"amd64")@"amd64"|"arm64")@g' | $SUDO sh -s -- -M ${BOOTSTRAP_SALTSTACK_OPTS} &>/dev/null || true - ;; - esac - -@@ -310,10 +310,10 @@ install_salt_minion_pkg() - - case $PLATFORM_FAMILY in - debian) -- curl -L https://bootstrap.saltstack.com | $SUDO sh -s -- ${BOOTSTRAP_SALTSTACK_OPTS} &>/dev/null || true -+ curl -L https://bootstrap.saltstack.com | sed 's@"amd64")@"amd64"|"arm64")@g' | $SUDO sh -s -- ${BOOTSTRAP_SALTSTACK_OPTS} &>/dev/null || true - ;; - rhel) -- curl -L https://bootstrap.saltstack.com | $SUDO sh -s -- ${BOOTSTRAP_SALTSTACK_OPTS} &>/dev/null || true -+ curl -L https://bootstrap.saltstack.com | sed 's@"amd64")@"amd64"|"arm64")@g' | $SUDO sh -s -- ${BOOTSTRAP_SALTSTACK_OPTS} &>/dev/null || true - ;; - esac - diff --git a/mcp/reclass/classes/cluster/.gitignore b/mcp/reclass/classes/cluster/.gitignore index 496fab912..9ab39928b 100644 --- a/mcp/reclass/classes/cluster/.gitignore +++ b/mcp/reclass/classes/cluster/.gitignore @@ -1 +1,28 @@ **/*_pdf.yml +all-mcp-arch-common/init.yml +all-mcp-arch-common/opnfv/init.yml +mcp*common-*/infra/config.yml +mcp-common-ha/infra/init.yml +all-mcp-arch-common/infra/maas.yml +mcp-common-ha/infra/kvm_novcp.yml +all-mcp-arch-common/opnfv/maas_proxy.yml +mcp-common-*/openstack_control.yml +mcp-common-ha/openstack_telemetry.yml +mcp*common-*/openstack_init.yml +mcp-common-ha/openstack_interface_vcp_biport.yml +mcp-common-ha/openstack_interface_vcp_triport.yml +mcp-common-ha/openstack_proxy.yml +mcp-*-ha/infra/kvm.yml +mcp-*-ha/infra/init_vcp.yml +mcp-odl-ha/infra/maas.yml +mcp-odl-*/opendaylight/control.yml +mcp-odl-ha/openstack/init.yml +mcp-odl-*/infra/config.yml +mcp-*-noha/openstack/compute.yml +mcp-common-noha/infra/init.yml +mcp-*-noha/openstack/gateway.yml +mcp-fdio-noha/infra/config.yml +mcp-iec-noha/akraino/iec.yml +mcp-iec-noha/infra/config.yml +mcp-iec-noha/infra/init.yml +mcp-iec-noha/infra/kvm.yml diff --git a/mcp/reclass/classes/cluster/README.rst b/mcp/reclass/classes/cluster/README.rst index dc09cfbac..2bb0f265b 100644 --- a/mcp/reclass/classes/cluster/README.rst +++ b/mcp/reclass/classes/cluster/README.rst @@ -2,22 +2,22 @@ .. http://creativecommons.org/licenses/by/4.0 .. (c) 2017 Mirantis Inc., Enea AB and others. -Fuel@OPNFV Cluster Reclass Models +OPNFV Fuel Cluster Reclass Models ================================= Overview -------- -#. Common classes (baremetal + virtual) +#. Common classes (HA **and** noHA) - - all-mcp-arch-common + - all-mcp-arch-common -#. Common classes (specific to either baremetal or virtual deploys) +#. Common classes (HA **or** noHA) - - baremetal-mcp-<release>-common-ha - - virtual-mcp-<release>-common-noha + - mcp-common-ha + - mcp-common-noha #. Cluster specific classes - - baremetal-mcp-<release>-*-{ha,noha} - - virtual-mcp-<release>-*-{ha,noha} + - mcp-\*-ha + - mcp-\*-noha diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/aarch64/init.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/aarch64/init.yml deleted file mode 100644 index 719e47166..000000000 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/aarch64/init.yml +++ /dev/null @@ -1,27 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -parameters: - _param: - salt_control_xenial_image: salt://salt/files/control/images/base_image_opnfv_fuel_vcp.img - - # VMs spawned on Foundation Node / Jump Host net ifaces (max 4) - opnfv_fn_vm_primary_interface: enp1s0 - opnfv_fn_vm_secondary_interface: enp2s0 - opnfv_fn_vm_tertiary_interface: enp3s0 - opnfv_fn_vm_quaternary_interface: enp4s0 - - # VCP VMs spawned on KVM Hosts net ifaces (max 3) - # NOTE(armband): Only x86 VCP VMs spawned via salt.control names differ - opnfv_vcp_vm_primary_interface: ${_param:opnfv_fn_vm_primary_interface} - opnfv_vcp_vm_secondary_interface: ${_param:opnfv_fn_vm_secondary_interface} - opnfv_vcp_vm_tertiary_interface: ${_param:opnfv_fn_vm_tertiary_interface} - - # MaaS timeouts - opnfv_maas_timeout_comissioning: 10 - opnfv_maas_timeout_deploying: 20 diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/backports.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/backports.yml new file mode 100644 index 000000000..04b38abae --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/backports.yml @@ -0,0 +1,74 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.linux.system.repo.keystorage.mirantis_com + - cluster.all-mcp-arch-common.uca_repo +parameters: + _param: + backports_version: rocky + fakeinitscripts_ppa_key: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + + xsFNBFwKq9ABEADqWu9anJFs3RJ87i53tU8lBC8JGa55YmRlN7LgvkPYMtXj3xOR + tBn8HJ3B0b2fKx2htUs+oWtFFCkNUmptnNz+tMVdwXt1lXSr2MEzO6PgBBAvak0j + GMLSsI4p60YqoPARMjPXvZ+VNcGZ6RSOKlNnEqSb+M76iaVaqEWBipDR1g+llCd9 + lgUVQ8iKolw+5iCnPnjmm0GdE9iw7Az0aUIv3yXNaEZwnGb9egdoioY4OvkY9HqR + KkgsrTVBWiTOsoDctrPkLNsB1BZLA/Qkgv4Sih2Bc7atgid6SvvuGClex+9MdBPQ + r0nT03O0uiXQ4Zk/ULlXaE2ci9dhMD5SNspgZnEULcubqL/Xd2iq6DlW22iXmj2X + PSoF6YxrtxlocaC2ChKFGITR7yiudxDYSCyBzXBMP7zfLVwZC3IX309HaxJRPCk5 + PEatmq0++z3lWfNXEjQ48Rt0mYTC5ktcJQGpSSp30hjrIfz5Jxa/FACQCJBGbr0/ + jO6cB6TJpHDnwdsEvCLJmeI6+OYkEzExarL8Wg8DdQUo5uppS4zANAgMsUbVqFz5 + 7WDlLMKPRAheEdZJIwCHXZrB3TibZTNUuafmQD+4a50cfKgNHlb+ks/5gbkxRdNj + DdZYI6gbh7PZcvIKOvakrEer8RIpqgSXyWPxIviyCGpp/+webUyapFwstQARAQAB + zRxMYXVuY2hwYWQgUFBBIGZvciBPUE5GViBGdWVswsF4BBMBAgAiBQJcCqvQAhsD + BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCVWdwe/i1a+JgbEADZPwsdXStw + kqS+bg+bL4sCK55LnYAPWWnqXLuqpEEXusuGYEyahu69SOidL3/AXY1iM9FnbBE0 + qyycLQVOv/lt7Bs1WVg7M3gNjTsnCH7RbZsGVWDnOuZ1G0KP2o72dmrR9GYFArHA + MMc3YVoKAWhRBWHUKdSp/D68i/cfJ4V1PNhDpchOz4ytPjo2xyHyBW+wxLxNiC32 + 3uZeT7EpO8UbhuFDd3+PLaNrI1p2mkYxdmTpVBLIdKdAMq1QYi0B1nLvJ7Cp2yck + 2HKrI6pb74l7dkQOxx+x/inAMbZKX/AvKSjzyJ+Fxc4TT28m79QLuHtORiaPWCep + HePcl/0Qu2n85qOtWbWFWCJwlmvfTkHw2u7PEjutTgX9zOLdEFliu3v9nhvec7Mk + AzwpilBD6eAHav8Yhx6CKNR5GReK3viJ8+lso/D/56ap7el+W+M6K59imJ/r8WVx + 79qPXTAB29Co8hC5ky2qqeHMHw39VqC/JpCYPjH7qZNyWWhXBwHcobktuCc+tXdq + t1qlTz0aU/DLGUW8Buk9R6ZZTvSUibT8tRqDYtVhyJ7u/2qCdqhFoculWr6e6DQF + KP41NGKN4LtqQh7HmFCswvBnlu7BpkVlBqlHEMpqRUbJd7fg0oGkEf6P8hhWwdd2 + 0keWK/lCMRHDEN6+/1ppP7M90/JyUPXfFA== + =stQK + -----END PGP PUBLIC KEY BLOCK----- + linux: + system: + repo: + opnfv_fakeinitscripts: + source: "deb http://ppa.launchpad.net/opnfv-fuel/fakeinitscripts/ubuntu ${_param:linux_system_codename} main" + key: ${_param:fakeinitscripts_ppa_key} + mirantis_openstack: + # yamllint disable-line rule:line-length + source: "deb ${_param:linux_system_repo_url}/openstack-${_param:backports_version}/xenial xenial main" + key: ${_param:linux_system_repo_mirror_mirantis_key} + architectures: ${_param:linux_system_architecture} + clean_file: true + pinning: + 10: + enabled: true + pin: 'release o=Mirantis' + priority: 1101 + package: '/jinja2|redis/' + 15: + enabled: true + pin: 'release o=Mirantis,l=extra-nightly' + priority: -1 + package: 'mysql-common' + 20: + enabled: true + pin: 'release o=Mirantis,l=openstack-rocky-nightly' + priority: 1 + mirantis_extra: + # yamllint disable-line rule:line-length + source: "deb ${_param:linux_system_repo_url}extra/${_param:linux_system_codename} ${_param:linux_system_codename} main" + key: ${_param:linux_system_repo_mirror_mirantis_key} diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/fdio_repo.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/fdio_repo.yml new file mode 100644 index 000000000..2a3bfddc4 --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/fdio_repo.yml @@ -0,0 +1,118 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +parameters: + _param: + vpp_version: '19.08.1-*' + linux: + system: + repo: + fdio-ubuntu: + source: "deb https://packagecloud.io/fdio/1908/ubuntu/ ${_param:linux_system_codename} main" + key: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + + mQINBF1LI+cBEAC8PxQ5U6GUwSfd1iYf8UgTr4MKvQ9+rEhpZFBb/p6KYjeDKC+R + ZcSMO115J9vVMUFw05gZ76o4qAOe9u3WXEpTx8XGgCI7hx1r7TMhPNgbwUBRBunj + iRafzb+E8THX1lO2rE9W71AcFgBMS/+4LyofsVofBd7ldJaNeGUmOiOESpqmLkTz + KIv/w+XvJmeZViRupRY8RK/J6DDruE66UgPaQv3A0Bb3tMeKago0+dC74NEqDYez + eIKqZCh0xCxt+DhVXH4jykt5qka+Z4XWwac7jNG5nWK38af6pj/jYto9yQ3FVTkd + MBsq0haZiul4jtl1/29ydEfcPKojuxBrImUk1K5EEghTvKH8iX97oFn5df+dTpY9 + oZaYjWoLPhqxC8ruTBQyU2Tj0J2k70LK7QtB5XXYVUb5pTHLAkabQIEajtYnYsUl + 538/SMVk++U/gMpfM/DTConIiA2Vr2lSRU/zD2O1fR4fXtCsHSqCc7wUiMfkXjWN + mPfspeb5wwBU3j6EVWejf264oSY5BDUMJlgw/fpm0OO/814tCJAvM8mpGxNMqmNc + MmJTvqH5VWsMswhP/oLkniNfOZ7uRmEHP+wdmeE+D9F/IRAp59Zw4YptuZw/yjum + caLpPa5g+XR5ThxnaehUDJPRr/jIBA7oncb61cLgvEL9yLwBiOpxDYO3ywARAQAB + tGZodHRwczovL3BhY2thZ2VjbG91ZC5pby9mZGlvLzE5MDggKGh0dHBzOi8vcGFj + a2FnZWNsb3VkLmlvL2RvY3MjZ3BnX3NpZ25pbmcpIDxzdXBwb3J0QHBhY2thZ2Vj + bG91ZC5pbz6JAk4EEwEKADgWIQQsCK0NKJY6yc/hkfO+1QWW1GNBDwUCXUsj5wIb + LwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRC+1QWW1GNBDyYWD/sHWt0oyD+f + k9wk8y2Ot8o2yrpRVeY1mr3EI+AKQlZ3f2ABeQ6cBJHPQiqq+YORsw+gGX7UKkIR + 83J1hSdRshPomwOOnml9kDGVfH+cF2F9UC4xvsGp9LovOoDptgeGXnndv1IIFFvl + G6WIVz1OHeOH8xLoaL5QamQ5SrZkbMHDqPZ/FiS8SVK3y81O2CwGPJg7c/MBl7bK + FrRveA5ZkpvfjbHlv+Hd8AN8EjWjzU9HRETHuG2wMRZbHFlKYQSWKbAVjE8MotSh + c7pVCGYOMFh/jiFWVd9/6nD61AWKqLk9M7hxg4baQbz5kB2A14vNQWCtT9xq8QvC + JtE5wSNkeW+2yvntxsFxwLwsXtVfFuETro3c2ocUv7tgmR7x81h2fSYg6JP6Ch49 + u7URVpXU4NfAfw9Ii1PuHFPhLbJL0jHJKPWRkv2iUOv72tnb8Op2O7sAqSbdky8a + vNfMsr9aR53wFErTJnxitAMuUaEaS42SqmYP1H1De2ejw2NTsM0cFaNqF9tkYRaI + HOxLEkVtnWZ0eQkT+erRw0MRY9Y0btCRVTKAO8kW8WbNyBIQ8pynJsRHuMqWHgqC + pdzycyC70uyXMPhPtuaf7JdXbcH4Drg/x1CDA7KQPmOfmSI8RxzrFTigvVQ0zrmf + s0UoEAcFH269I8D4qmxsZajk91V93PK2dLkCDQRdSyPnARAAx5Y3uV3D8xp5HlUX + qVY2D1Mf75Qkn/oJbPAc/E9OetNA92ry1TLSq4chgLd46iMaCmLxXTLM7DRs9TMP + vqPM5kFI9ogKUxSwpjvrgDNscmPTUNA+/oyy4MCZROEGlP2wqGoISFC01MqQDm2i + 3yneqNcO/LFTJWpvjj3n+4GrEhQkc4o69QKZrjaWi79O58FMxLM/4ePHViPLMaX0 + y1JAt/qp8A0mr1mBXUfG6SireC5JAqmbB+pxONIuf7tgLGqIHqRKo+Kgk6/bqGN+ + UU/bGqLMVeTKHavp/vPjH24r70fL/j06IdEbYQxajjeIGp8hx1r0xRvw/4ktgfEf + LNqH7n8/tKdp6j/TEU4nJANzp+SLtewaWCNPlLvU9AkHngydbmknaVyjgZJe05UD + zdUBfFcHtJPiMcge7il+mhRA+7LSwiPQfRBFHWti/7z5D7sxSCt3o5XRIuzzjZKU + wjkoxh2x7b4Vt32UCVa2f/tAYAlWlEuPydZgvAsI0azym/TWmVVP+xQO9auGsvOK + 7H9/QgYmpIcOZwezyDWmySHC/8ju2bJXNmvUC9OP5oqMgfkfOEJr5xRihH9f1Xvw + DM4EU99ITYP36fD0kH6Xd6OdBPTk1W6R5Trr2zlxQfpts5JKyaH2PU4fJeXoQLFH + Al5m7f5Z9YayNKp1I1tZmZjgWasAEQEAAYkEbAQYAQoAIBYhBCwIrQ0oljrJz+GR + 877VBZbUY0EPBQJdSyPnAhsuAkAJEL7VBZbUY0EPwXQgBBkBCgAdFiEEC9r8C6QH + M4zVmwdGcMYVlT/IHRcFAl1LI+cACgkQcMYVlT/IHRetbxAAlKgcBsBuTtmdtzhQ + TkKIjm+eizcwkPVYl5WKZkp6uZV9hJFlpKWnnli2IosRy678NVdQFaT79/ImpH4t + uN5WNAh2WS15ZjYFCTOLygNNqGepXR0pwYG66oY8WKHBqk9FTOf5aSOl0gQvH2oX + x5HJI0dIJ3RcA+qozmXbRuF+uCmPlkfAQRSHyUpeveCwCUF4l568yCRhe4V63KI8 + klfVRx0wBzfgAgwrz2+Bsfr7NehU4LJYfklGIvZI4CzGuH49J3wZXDDmtWj2V6pf + WF1gCqpn5J6BTj/FSPJ6o3c1esECb/CDNnxm+V6xknE0yl2niwG/uEVf5v8VpTZK + f9Ct9nSp7Y9hzvzsajALKcYmEVB8hjyUBCf/LS2TGw/oNnnRfJFb/L1hxJsFZOw/ + kdaTuxJhM3M5UsM+snOxeGWe5sdfA/q0B1reVvbnjOE4aBLRm+NP/YJwZo7JMXGV + YBuOE1Qu4GYtAJ99G8/JoyEApc9sy+UPGNhdYApjDxsnbDVqDQ6Ge7tgtf+kFU8T + 9rCMDo/0riS+hSIeQn4XA65xDSBfP9WfEwLjYBl6P5aAKrV3yYs8qqeC0L4caOr/ + 2abq5zp5ZnQb2XEqoKiNY8M+/rbaIPuZJPJg/tOr4u6WZdDClZzoFx3JTBk7sAOI + /iHa3HxNcd6JHgKDT4R0G3NvvW47ghAAr0YdMziI7dJZlIYjcO3kx7fRbUP5xOdn + W793aaC5SGmHXBARmhgaqwfj4HA0OYAajdoUiG1cvhiNb2hHOKaNOn+2aLABapDT + v2cJtpl5B+hZycYE2Iidg4ezTUYEMOLJW961XICXlYWeZVDx7QI9VTGyTyTuUZaf + UbKgrOtIEeqR9wgVM67iyhvEqkngeCVmewIPlBA9TrysDHH3a2r3kuG+N5NMXHDt + Cgkj78jvZzQE9mvgIZGjWIiS4WHj2IOBr34kSQkKZtcUxqsWTm8JORoM2USG/RMg + 5ODQGurz1sNkILPvUIbAVLBnLj5ePC6pV0wrDfWg98h1Y3HuNr/UsD6A1NyfY1hD + 6nHogzKntI6S3oGhxx3JwK1Bh9vagZJpxINYDJdo3pOkbYCE7XbiBAsHyAI7JIK1 + rWzuzs/ofkcEfy7CdplNwIjhAwH3EmA7VfJ/R7WPEqqzWoM1ip0uhjerpbRU+Qf/ + iRi32wIfnk1t7dTdd8nYtR299o7nKHb9rYRrVgIAaNf2SuCmCFJ2+DTD96s1ka95 + i/uC/rNY0kKqoAWv1kn2Y4mPZJ8S1un/MjLSKO/P7f//fK15pwFGWQCozOXO1bCc + +9E6qetMManZflq+NUP3MsnPQb+2adtVyGSmYqFNIv8B+RSbJ0/7n0eRYmwGvuxR + Stl5YLE/10c= + =/RWK + -----END PGP PUBLIC KEY BLOCK----- + pin: + - pin: 'version ${_param:vpp_version}' + priority: 1200 + package: 'vpp*' + networking-vpp: + source: "deb http://ppa.launchpad.net/opnfv-fuel/networking-vpp/ubuntu ${_param:linux_system_codename} main" + key: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: GnuPG v1 + + mQINBFwKq9ABEADqWu9anJFs3RJ87i53tU8lBC8JGa55YmRlN7LgvkPYMtXj3xOR + tBn8HJ3B0b2fKx2htUs+oWtFFCkNUmptnNz+tMVdwXt1lXSr2MEzO6PgBBAvak0j + GMLSsI4p60YqoPARMjPXvZ+VNcGZ6RSOKlNnEqSb+M76iaVaqEWBipDR1g+llCd9 + lgUVQ8iKolw+5iCnPnjmm0GdE9iw7Az0aUIv3yXNaEZwnGb9egdoioY4OvkY9HqR + KkgsrTVBWiTOsoDctrPkLNsB1BZLA/Qkgv4Sih2Bc7atgid6SvvuGClex+9MdBPQ + r0nT03O0uiXQ4Zk/ULlXaE2ci9dhMD5SNspgZnEULcubqL/Xd2iq6DlW22iXmj2X + PSoF6YxrtxlocaC2ChKFGITR7yiudxDYSCyBzXBMP7zfLVwZC3IX309HaxJRPCk5 + PEatmq0++z3lWfNXEjQ48Rt0mYTC5ktcJQGpSSp30hjrIfz5Jxa/FACQCJBGbr0/ + jO6cB6TJpHDnwdsEvCLJmeI6+OYkEzExarL8Wg8DdQUo5uppS4zANAgMsUbVqFz5 + 7WDlLMKPRAheEdZJIwCHXZrB3TibZTNUuafmQD+4a50cfKgNHlb+ks/5gbkxRdNj + DdZYI6gbh7PZcvIKOvakrEer8RIpqgSXyWPxIviyCGpp/+webUyapFwstQARAQAB + tBxMYXVuY2hwYWQgUFBBIGZvciBPUE5GViBGdWVsiQI4BBMBAgAiBQJcCqvQAhsD + BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCVWdwe/i1a+JgbEADZPwsdXStw + kqS+bg+bL4sCK55LnYAPWWnqXLuqpEEXusuGYEyahu69SOidL3/AXY1iM9FnbBE0 + qyycLQVOv/lt7Bs1WVg7M3gNjTsnCH7RbZsGVWDnOuZ1G0KP2o72dmrR9GYFArHA + MMc3YVoKAWhRBWHUKdSp/D68i/cfJ4V1PNhDpchOz4ytPjo2xyHyBW+wxLxNiC32 + 3uZeT7EpO8UbhuFDd3+PLaNrI1p2mkYxdmTpVBLIdKdAMq1QYi0B1nLvJ7Cp2yck + 2HKrI6pb74l7dkQOxx+x/inAMbZKX/AvKSjzyJ+Fxc4TT28m79QLuHtORiaPWCep + HePcl/0Qu2n85qOtWbWFWCJwlmvfTkHw2u7PEjutTgX9zOLdEFliu3v9nhvec7Mk + AzwpilBD6eAHav8Yhx6CKNR5GReK3viJ8+lso/D/56ap7el+W+M6K59imJ/r8WVx + 79qPXTAB29Co8hC5ky2qqeHMHw39VqC/JpCYPjH7qZNyWWhXBwHcobktuCc+tXdq + t1qlTz0aU/DLGUW8Buk9R6ZZTvSUibT8tRqDYtVhyJ7u/2qCdqhFoculWr6e6DQF + KP41NGKN4LtqQh7HmFCswvBnlu7BpkVlBqlHEMpqRUbJd7fg0oGkEf6P8hhWwdd2 + 0keWK/lCMRHDEN6+/1ppP7M90/JyUPXfFA== + =73aY + -----END PGP PUBLIC KEY BLOCK----- diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 new file mode 100644 index 000000000..1178843d9 --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/config_pdf.yml.j2 @@ -0,0 +1,116 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +--- +classes: + - system.reclass.storage.salt +{%- if nm.cluster.has_baremetal_nodes %} + - system.reclass.storage.system.infra_maas_single +{%- endif %} + - system.salt.master.api + - system.salt.master.single + - system.salt.minion.ca.salt_master +parameters: + _param: + salt_master_environment_repository: "https://github.com/tcpcloud" + salt_master_environment_revision: master + reclass_data_repository: local + salt_master_base_environment: prd + # yamllint disable-line rule:line-length + salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1" + infra_maas_system_codename: bionic + linux: + system: + user: + salt: + home: /home/salt + salt: + master: + accept_policy: open_mode + file_recv: true + minion: + mine: + module: + x509.get_pem_entries: ['/etc/pki/all_cas/*'] + reclass: + storage: + data_source: + engine: local +{%- if nm.cmp_nodes > 0 %} + node: + # We support per-node (not only per-role) compute configuration via IDF +{%- for cmp in range(1, nm.cmp_nodes + 1) %} + {%- set n = '%02d' | format(cmp) %} + {%- set i = nm.cmp001.idx + cmp - 1 %} + + {%- set admin = nm.net_admin_hosts | length + nm.start_ip[nm.net_admin] + loop.index %} + {%- set mgmt = nm.net_mgmt_hosts | length + nm.start_ip[nm.net_mgmt] + loop.index %} + {%- set pub = nm.net_public_hosts | length + nm.start_ip[nm.net_public] + loop.index %} + {%- set pri = nm.net_private_hosts | length + nm.start_ip[nm.net_private] + loop.index %} + openstack_compute_node{{ n }}: + name: cmp{{ '%03d' | format(cmp) }} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.compute + params: + pxe_admin_address: {{ nm.net_admin | ipnet_hostaddr(admin) }} + pxe_admin_interface: {{ conf.idf.fuel.network.node[i].interfaces[nm.idx_admin] }} + single_address: {{ nm.net_mgmt | ipnet_hostaddr(mgmt) }} + tenant_address: {{ nm.net_private | ipnet_hostaddr(pri) }} + external_address: {{ nm.net_public | ipnet_hostaddr(pub) }} + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: bionic + + {#- No partial defaults, all or nothing. Defaults tuned for lf-pod2. #} + {%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO or '-fdio-' in conf.MCP_DEPLOY_SCENARIO %} + {%- set private_speed = conf.nodes[i].interfaces[nm.idx_private].speed %} + {%- set private_pci = conf.idf.fuel.network.node[i].busaddr[nm.idx_private] %} + {%- if conf.idf.fuel.reclass is defined %} + {%- if conf.idf.fuel.reclass.node[i].compute_params.dpdk is defined %} + {#- Can't dump json here due to dpdk0_* below, explicitly create yaml #} + {%- set _dpdk = conf.idf.fuel.reclass.node[i].compute_params.dpdk %} + {%- set private_drv = _dpdk.dpdk0_driver %} + {%- for _i in _dpdk %} + {{ _i }}: '"{{ _dpdk[_i] }}"' + {%- endfor %} + {%- endif %} + {%- else %} + compute_hugepages_size: 2M + compute_hugepages_count: 13312 + compute_hugepages_mount: /mnt/hugepages_2M + compute_kernel_isolcpu: 3,8,9,10,11 + compute_dpdk_driver: uio + compute_ovs_pmd_cpu_mask: '"0x708"' + compute_ovs_dpdk_socket_mem: '"4096,4096"' + compute_ovs_dpdk_lcore_mask: '"0x800"' + compute_ovs_memory_channels: '"2"' + dpdk0_driver: igb_uio + dpdk0_n_rxq: 2 + {%- endif %} + dpdk0_name: {{ conf.idf.fuel.network.node[i].interfaces[nm.idx_private] }} + dpdk0_pci: '"{{ private_pci }}"' + dpdk0_vpp: {{ ma.vpp_interface_str(private_speed, private_pci, private_drv or '') }} + {%- else %} + {%- if conf.idf.fuel.reclass is defined %} + {%- if conf.idf.fuel.reclass.node[i].compute_params.common is defined %} + {%- set _common = conf.idf.fuel.reclass.node[i].compute_params.common %} + {%- for _i in _common %} + {{ _i }}: '"{{ _common[_i] }}"' + {%- endfor %} + {%- else %} + dummy_value: ~ + {%- endif %} + {%- else %} + compute_hugepages_size: 1G + compute_hugepages_count: 16 + compute_hugepages_mount: /mnt/hugepages_1G + {%- endif %} + {%- endif %} +{%- endfor %} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 new file mode 100644 index 000000000..092febabb --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 @@ -0,0 +1,172 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +# NOTE: pod_config is generated and transferred into its final location on +# cfg01 only during deployment to prevent leaking sensitive data +classes: + - system.maas.region.single + - service.maas.cluster.single + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf + - cluster.all-mcp-arch-common.opnfv.pod_config +parameters: + _param: + linux_system_codename: bionic + maas_admin_username: opnfv + dns_server01: '{{ nm.dns_public[0] }}' + single_address: ${_param:infra_maas_node01_deploy_address} + hwe_kernel: 'ga-18.04' + opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }} + opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }} + maas: + region: + services: + - maas-regiond + - bind9 +{%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO or '-fdio-' in conf.MCP_DEPLOY_SCENARIO %} + tags: + aarch64_hugepages_1g: + comment: 'Enable 1G pagesizes on aarch64' + definition: '//capability[@id="asimd"]|//capability[@id="cp15_barrier"]' + kernel_opts: 'default_hugepagesz=1G hugepagesz=1G kpti=off' +{%- endif %} + enable_iframe: False + timeout: + # Set maas.wait_for_<state> timeouts to ~2.5x of MaaS <state> timeout + ready: {{ nm.maas_timeout_comissioning * 150 }} + deployed: {{ nm.maas_timeout_deploying * 150 }} + attempts: 3 + boot_sources_delete_all_others: true + boot_sources: + resources_mirror: + url: http://images.maas.io/ephemeral-v3/daily + keyring_file: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg + boot_sources_selections: + bionic: + url: "http://images.maas.io/ephemeral-v3/daily" + os: "ubuntu" + release: "${_param:linux_system_codename}" + arches: +{%- for arch in nm.cluster.arch %} + - "{{ arch | dpkg_arch }}" +{%- endfor %} + subarches: + - "generic" + - "ga-18.04" + labels: '"*"' + fabrics: + pxe_admin: + name: 'pxe_admin' + description: Fabric for PXE/admin + vlans: + 0: + name: 'vlan 0' + description: PXE/admin VLAN + dhcp: true + primary_rack: "${linux:network:hostname}" + subnets: + {{ nm.net_admin }}: + name: {{ nm.net_admin }} + cidr: {{ nm.net_admin }} + gateway_ip: ${_param:single_address} + fabric: ${maas:region:fabrics:pxe_admin:name} + vlan: 0 + ipranges: + 1: + start: {{ nm.net_admin_pool_start }} + end: {{ nm.net_admin_pool_end }} + type: dynamic + sshprefs: + - '{{ conf.MAAS_SSH_KEY }}' +{%- if 'aarch64' in nm.cluster.arch %} + package_repositories: + armband: + name: armband + enabled: '1' + url: 'http://linux.enea.com/mcp-repos/${_param:armband_repo_version}/xenial' + distributions: '${_param:armband_repo_version}-armband' + components: 'main' + arches: 'arm64' + key: ${_param:armband_key} +{%- endif %} + salt_master_ip: ${_param:reclass_config_master} + domain: ${_param:cluster_domain} + ~maas_config: + maas_name: mas01 + active_discovery_interval: 600 + ntp_external_only: true + upstream_dns: ${_param:dns_server01} + commissioning_distro_series: 'bionic' + default_distro_series: 'bionic' + default_osystem: 'ubuntu' + default_storage_layout: 'lvm' + enable_http_proxy: true + disk_erase_with_secure_erase: false + dnssec_validation: 'no' + enable_third_party_drivers: true + network_discovery: 'enabled' + default_min_hwe_kernel: ${_param:hwe_kernel} + kernel_opts: 'spectre_v2=off nopti kpti=off nospec_store_bypass_disable noibrs noibpb' + cluster: + saltstack_repo_bionic: "deb [arch=amd64] http://archive.repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7/ bionic main" + region: + host: ${_param:single_address} + port: 5240 +{%- if '-iec-' not in conf.MCP_DEPLOY_SCENARIO and conf.MCP_KERNEL_VER %} + curtin_vars: + amd64: + bionic: &curtin_vars_bionic + kernel_package: + enabled: True + value: 'linux-image-{{ conf.MCP_KERNEL_VER }}-generic' + extra_pkgs: + enabled: True + pkgs: + - linux-image-{{ conf.MCP_KERNEL_VER }}-generic + - linux-headers-{{ conf.MCP_KERNEL_VER }}-generic + - linux-modules-extra-{{ conf.MCP_KERNEL_VER }}-generic + arm64: + bionic: + <<: *curtin_vars_bionic +{%- endif %} + linux: + system: + repo: + armband_3: + enabled: false + ~locale: '' + ~kernel: + sysctl: + net.ipv4.ip_forward: 1 + iptables: + schema: + epoch: 1 + service: + v4: + enabled: true + persistent_config: /etc/iptables/rules.v4 + v6: + enabled: false + tables: + v4: + filter: + chains: + INPUT: + ruleset: + 10: + rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask} + 11: + rule: -d ${_param:single_address}/${_param:opnfv_net_admin_mask} + nat: + chains: + POSTROUTING: + policy: ACCEPT + ruleset: + 10: + rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask} + action: MASQUERADE diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/init.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/init.yml.j2 new file mode 100644 index 000000000..fc5bbaa7b --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/init.yml.j2 @@ -0,0 +1,60 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.defaults + - system.linux.system.single + - cluster.all-mcp-arch-common.opnfv + - cluster.all-mcp-arch-common.passwords +parameters: + _param: + openstack_version: stein + armband_repo_version: rocky + mcp_version: nightly + + banner_company_name: OPNFV + + salt_control_trusty_image: '' # Dummy value, to keep reclass 1.5.2 happy + salt_control_bionic_image: salt://salt/files/control/images/base_image_opnfv_fuel_vcp.img + + # VCP VMs spawned on KVM Hosts net ifaces (max 3) +{%- if conf.MCP_JUMP_ARCH == 'aarch64' %} + opnfv_vcp_vm_primary_interface: enp1s0 + opnfv_vcp_vm_secondary_interface: enp2s0 + opnfv_vcp_vm_tertiary_interface: enp3s0 +{%- else %} + opnfv_vcp_vm_primary_interface: ens2 + opnfv_vcp_vm_secondary_interface: ens3 + opnfv_vcp_vm_tertiary_interface: ens4 +{%- endif %} + + interface_mtu: {{ conf.idf.fuel.network.interface_mtu or 1500 }} + + ntp_strata_host1: {{ conf.idf.fuel.network.ntp_strata_host1 or '1.pool.ntp.org' }} + ntp_strata_host2: {{ conf.idf.fuel.network.ntp_strata_host2 or '0.pool.ntp.org' }} + + armband_key: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: GnuPG v2.0.14 (GNU/Linux) + + mQENBFagAroBCADWboNIjuF6lB1mWv2+EbvqY3lKl5mLKhr2DnSUkKeHUPBv8gNM + qK8Q00AMIyPiyEhgjA+dWizZ+5aBgxoiY7oMeLJ2Xym36U/8SYq2BWd3SGCbMNoz + SJDxDUSM/HFVs6atF1M3DY9oN65hSVnu4uy5Tu6asf6k4rhAyk0z4+pRcPBCu2vq + mnGi3COM/+9PShrEKeVOx5W2vRJywUFuq8EDvQnRoJ0GvM28JiJIanw17YwIPxhg + BKZVpZjan5X+ihVMXwA2h/G/FS5Omhd50RqV6LWSYs94VJJgYqHx8UMm7izcxI+P + ct3IcbD195bPbJ+SbuiFe45ZLsdY1MyGiU2BABEBAAG0K0VuZWEgQXJtYmFuZCBE + ZXZvcHMgVGVhbSA8YXJtYmFuZEBlbmVhLmNvbT6JATgEEwECACICGwMGCwkIBwMC + BhUIAgkKCwQWAgMBAh4BAheABQJaY3bYAAoJEN6rkLp5irHRoQMH/0PYl0A/6eWw + nQ/szhEFrr76Ln6wA4vEO+PiuWj9kTkZM2NaCnkisrIuHSPIVvOLfFmztbE6sKGe + t+a2b7Jqw48DZ/gq508aZE4Q307ookxdCOrzIu/796hFO34yXg3sqZoJh3VmKIjY + 4DL8yG1iAiQ5vOw3IFWQnATwIZUgaCcjmE7HGap+9ePuJfFuQ8mIG5cy28t8qocx + AB/B2tucfBMwomYxKqgbLI5AG7iSt58ajvrrNa9f8IX7Ihj/jiuXhUwX+geEp98K + IWVI1ftEthZvfBpZW4BS98J4z//dEPi31L4jb9RQXq3afF2RpXchDeUN85bW45nu + W/9PMAlgE/U= + =m+zE + -----END PGP PUBLIC KEY BLOCK----- diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/init.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/init.yml.j2 new file mode 100644 index 000000000..755d2cb08 --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/init.yml.j2 @@ -0,0 +1,46 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +parameters: + _param: + opnfv_net_admin_mask: {{ nm.net_admin | ipnet_netmask }} + opnfv_net_mgmt_mask: {{ nm.net_admin | ipnet_netmask }} + opnfv_net_private_mask: {{ nm.net_admin | ipnet_netmask }} + opnfv_net_public_mask: {{ nm.net_public | ipnet_netmask }} + + opnfv_net_public: {{ nm.net_public }} + opnfv_net_public_gw: {{ nm.net_public_gw }} + opnfv_net_public_pool_start: {{ nm.net_public_pool_start }} + opnfv_net_public_pool_end: {{ nm.net_public_pool_end }} + + opnfv_net_tenant_vlan: "{{ nm.vlan_private | string | replace('-', ':') }}" + +{%- for network in nm.networks %} +{%- for key in nm.hosts[network] %} +{%- set i = loop.index + nm.start_ip[network] %} + {{key}}: {{ network | ipnet_hostaddr(i) }} +{%- endfor %} +{%- endfor %} + salt: + minion: + tcp_keepalive: True + tcp_keepalive_idle: 60 + linux: + network: + resolv: + dns: +{%- for server in nm.dns_public %} + - {{ server }} +{%- endfor %} +{%- if '-iec-' not in conf.MCP_DEPLOY_SCENARIO and conf.MCP_KERNEL_VER %} + system: + kernel: + version: '{{ conf.MCP_KERNEL_VER }}' + headers: True +{%- endif %} diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/lab_proxy_pdf.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/lab_proxy_pdf.yml.j2 new file mode 100644 index 000000000..3f238d667 --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/lab_proxy_pdf.yml.j2 @@ -0,0 +1,25 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +# We'll craft this class so it can be reused on both cfg01 and mas01 +{%- if conf.idf.fuel.network.upstream_proxy is defined %} +{%- set upstream_proxy=conf.idf.fuel.network.upstream_proxy %} +parameters: + maas: + region: + upstream_proxy: + address: {{ upstream_proxy.address }} + port: {{ upstream_proxy.port }} + linux: + system: + proxy: + pkg: + enabled: true + http: http://{{ upstream_proxy.address }}:{{ upstream_proxy.port }} + https: http://{{ upstream_proxy.address }}:{{ upstream_proxy.port }} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/include/proxy.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/maas_proxy.yml.j2 index 5d7475812..58ea46cad 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/include/proxy.yml +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/maas_proxy.yml.j2 @@ -1,11 +1,12 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- +{%- if 'maas' in conf.cluster.states %} parameters: # NOTE: Apt proxy is set by curtin, Salt minion proxy is configured below, # only enable proxy via /etc/environment if you need it for smth else @@ -16,8 +17,11 @@ parameters: # https_proxy: http://${_param:infra_maas_node01_deploy_address}:8000 # no_proxy: # - .local - salt: - minion: + linux: + system: proxy: - host: ${_param:infra_maas_node01_deploy_address} - port: 8000 + pkg: + enabled: true + http: http://${_param:infra_maas_node01_deploy_address}:8000 + https: http://${_param:infra_maas_node01_deploy_address}:8000 +{%- endif %} diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/pod_config.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/pod_config.yml deleted file mode 100644 index d72df2eb6..000000000 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/pod_config.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -parameters: - _param: - # NOTE: This file is overwritten at runtime by parsing the PDF. - opnfv_use_pod_descriptor_file: true diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/pod_config.yml.example b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/pod_config.yml.example deleted file mode 100644 index 3a70e5f83..000000000 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/pod_config.yml.example +++ /dev/null @@ -1,107 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -parameters: - _param: - - opnfv_infra_config_address: 10.167.4.100 - opnfv_infra_config_pxe_address: 192.168.11.2 - opnfv_infra_maas_node01_address: 10.167.4.3 - opnfv_infra_maas_node01_deploy_address: 192.168.11.3 - opnfv_infra_kvm_address: 10.167.4.140 - opnfv_infra_kvm_node01_address: 10.167.4.141 - opnfv_infra_kvm_node02_address: 10.167.4.142 - opnfv_infra_kvm_node03_address: 10.167.4.143 - - opnfv_infra_maas_pxe_network_address: 192.168.11.0 - opnfv_infra_maas_pxe_start_address: 192.168.11.4 - opnfv_infra_maas_pxe_end_address: 192.168.11.100 - - opnfv_openstack_gateway_node01_address: 10.167.4.124 - opnfv_openstack_gateway_node02_address: 10.167.4.125 - opnfv_openstack_gateway_node03_address: 10.167.4.126 - opnfv_openstack_gateway_node01_tenant_address: 10.1.0.6 - opnfv_openstack_gateway_node02_tenant_address: 10.1.0.7 - opnfv_openstack_gateway_node03_tenant_address: 10.1.0.9 - opnfv_openstack_proxy_address: 172.30.10.103 - opnfv_openstack_proxy_node01_address: 172.30.10.104 - opnfv_openstack_proxy_node02_address: 172.30.10.105 - opnfv_openstack_proxy_control_address: 10.167.4.103 - opnfv_openstack_proxy_node01_control_address: 10.167.4.104 - opnfv_openstack_proxy_node02_control_address: 10.167.4.105 - opnfv_openstack_control_address: 10.167.4.10 - opnfv_openstack_control_node01_address: 10.167.4.11 - opnfv_openstack_control_node02_address: 10.167.4.12 - opnfv_openstack_control_node03_address: 10.167.4.13 - opnfv_openstack_database_address: 10.167.4.50 - opnfv_openstack_database_node01_address: 10.167.4.51 - opnfv_openstack_database_node02_address: 10.167.4.52 - opnfv_openstack_database_node03_address: 10.167.4.53 - opnfv_openstack_message_queue_address: 10.167.4.40 - opnfv_openstack_message_queue_node01_address: 10.167.4.41 - opnfv_openstack_message_queue_node02_address: 10.167.4.42 - opnfv_openstack_message_queue_node03_address: 10.167.4.43 - opnfv_openstack_telemetry_address: 10.167.4.75 - opnfv_openstack_telemetry_node01_address: 10.167.4.76 - opnfv_openstack_telemetry_node02_address: 10.167.4.77 - opnfv_openstack_telemetry_node03_address: 10.167.4.78 - opnfv_openstack_compute_node01_single_address: 10.167.4.101 - opnfv_openstack_compute_node02_single_address: 10.167.4.102 - opnfv_openstack_compute_node03_single_address: 10.167.4.103 - opnfv_openstack_compute_node01_control_address: 10.167.4.101 - opnfv_openstack_compute_node02_control_address: 10.167.4.102 - opnfv_openstack_compute_node03_control_address: 10.167.4.103 - opnfv_openstack_compute_node01_tenant_address: 10.1.0.101 - opnfv_openstack_compute_node02_tenant_address: 10.1.0.102 - opnfv_openstack_compute_node03_tenant_address: 10.1.0.103 - opnfv_openstack_compute_node01_external_address: 172.30.10.101 - opnfv_openstack_compute_node02_external_address: 172.30.10.102 - - opnfv_opendaylight_server_node01_single_address: 10.167.4.111 - - opnfv_net_public_gw: 172.30.10.1 - opnfv_name_servers: ['8.8.8.8', '8.8.4.4'] - opnfv_dns_server01: '8.8.8.8' - - opnfv_net_mgmt_vlan: 300 - opnfv_net_tenant_vlan: 1000 - - opnfv_maas_node01_architecture: 'amd64/generic' - opnfv_maas_node01_power_address: 172.30.8.75 - opnfv_maas_node01_power_type: ipmi - opnfv_maas_node01_power_user: admin - opnfv_maas_node01_power_password: octopus - opnfv_maas_node01_interface_mac: '00:25:b5:a0:00:2a' - - opnfv_maas_node02_architecture: 'amd64/generic' - opnfv_maas_node02_power_address: 172.30.8.65 - opnfv_maas_node02_power_type: ipmi - opnfv_maas_node02_power_user: admin - opnfv_maas_node02_power_password: octopus - opnfv_maas_node02_interface_mac: '00:25:b5:a0:00:3a' - - opnfv_maas_node03_architecture: 'amd64/generic' - opnfv_maas_node03_power_address: 172.30.8.74 - opnfv_maas_node03_power_type: ipmi - opnfv_maas_node03_power_user: admin - opnfv_maas_node03_power_password: octopus - opnfv_maas_node03_interface_mac: '00:25:b5:a0:00:4a' - - opnfv_maas_node04_architecture: 'amd64/generic' - opnfv_maas_node04_power_address: 172.30.8.73 - opnfv_maas_node04_power_type: ipmi - opnfv_maas_node04_power_user: admin - opnfv_maas_node04_power_password: octopus - opnfv_maas_node04_interface_mac: '00:25:b5:a0:00:5a' - - opnfv_maas_node05_architecture: 'amd64/generic' - opnfv_maas_node05_power_address: 172.30.8.72 - opnfv_maas_node05_power_type: ipmi - opnfv_maas_node05_power_user: admin - opnfv_maas_node05_power_password: octopus - opnfv_maas_node05_interface_mac: '00:25:b5:a0:00:6a' diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/runtime.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/runtime.yml deleted file mode 100644 index 387b57f8b..000000000 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/runtime.yml +++ /dev/null @@ -1,14 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -parameters: - _param: - opnfv_salt_master_ip: 10.20.0.2 - opnfv_maas_mcp_address: 10.20.0.3 - opnfv_net_mcpcontrol: 10.20.0.0 - opnfv_net_mcpcontrol_mask: 255.255.255.0 diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/runtime.yml.template b/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/runtime.yml.template deleted file mode 100644 index 64f75350c..000000000 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/runtime.yml.template +++ /dev/null @@ -1,14 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -parameters: - _param: - opnfv_salt_master_ip: ${SALT_MASTER} - opnfv_maas_mcp_address: ${MAAS_IP} - opnfv_net_mcpcontrol: ${SALT_MASTER%.*}.0 - opnfv_net_mcpcontrol_mask: 255.255.255.0 diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/passwords.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/passwords.yml new file mode 100644 index 000000000..f51563e7c --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/passwords.yml @@ -0,0 +1,64 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +parameters: + _param: + opnfv_main_password: opnfv_secret + + maas_admin_password: ${_param:opnfv_main_password} + maas_db_password: ${_param:opnfv_main_password} + infra_maas_database_password: ${_param:opnfv_main_password} + + galera_server_maintenance_password: ${_param:opnfv_main_password} + galera_server_admin_password: ${_param:opnfv_main_password} + rabbitmq_secret_key: ${_param:opnfv_main_password} + rabbitmq_admin_password: ${_param:opnfv_main_password} + rabbitmq_openstack_password: ${_param:opnfv_main_password} + rabbitmq_cold_password: ${_param:opnfv_main_password} + mysql_admin_password: ${_param:opnfv_main_password} + mysql_cinder_password: ${_param:opnfv_main_password} + mysql_ceilometer_password: ${_param:opnfv_main_password} + mysql_glance_password: ${_param:opnfv_main_password} + mysql_grafana_password: ${_param:opnfv_main_password} + mysql_heat_password: ${_param:opnfv_main_password} + mysql_keystone_password: ${_param:opnfv_main_password} + mysql_neutron_password: ${_param:opnfv_main_password} + mysql_nova_password: ${_param:opnfv_main_password} + mysql_aodh_password: ${_param:opnfv_main_password} + mysql_designate_password: ${_param:opnfv_main_password} + keystone_aodh_password: ${_param:opnfv_main_password} + keystone_service_token: ${_param:opnfv_main_password} + keystone_admin_password: ${_param:opnfv_main_password} + keystone_ceilometer_password: ${_param:opnfv_main_password} + keystone_cinder_password: ${_param:opnfv_main_password} + keystone_glance_password: ${_param:opnfv_main_password} + keystone_heat_password: ${_param:opnfv_main_password} + keystone_keystone_password: ${_param:opnfv_main_password} + keystone_neutron_password: ${_param:opnfv_main_password} + keystone_nova_password: ${_param:opnfv_main_password} + keystone_designate_password: ${_param:opnfv_main_password} + mysql_barbican_password: ${_param:opnfv_main_password} + keystone_barbican_password: ${_param:opnfv_main_password} + metadata_password: ${_param:opnfv_main_password} + openstack_telemetry_keepalived_password: ${_param:opnfv_main_password} + mysql_panko_password: ${_param:opnfv_main_password} + keystone_panko_password: ${_param:opnfv_main_password} + mysql_gnocchi_password: ${_param:opnfv_main_password} + keystone_gnocchi_password: ${_param:opnfv_main_password} + mysql_tacker_password: ${_param:opnfv_main_password} + keystone_tacker_password: ${_param:opnfv_main_password} + heat_domain_admin_password: ${_param:opnfv_main_password} + ceilometer_influxdb_password: ${_param:opnfv_main_password} + ceilometer_secret_key: ${_param:opnfv_main_password} + openstack_telemetry_redis_password: ${_param:opnfv_main_password} + + opendaylight_password: admin + + barbican_simple_crypto_kek: "YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY=" + horizon_secret_key: opaesee8Que2yahJoh9fo0eefo1Aeyo6ahyei8zeiboh3aeth5loth7ieNa5xi5e + designate_bind9_rndc_key: 4pc+X4PDqb2q+5o72dISm72LM1Ds9X2EYZjqg+nmsS7FhdTwzFFY8l/iEDmHxnyjkA33EQC8H+z0fLLBunoitw== diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/uca_repo.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/uca_repo.yml new file mode 100644 index 000000000..2ca6f01d4 --- /dev/null +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/uca_repo.yml @@ -0,0 +1,68 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +parameters: + linux: + system: + repo: + uca: + # yamllint disable-line rule:line-length + source: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu ${_param:linux_system_codename}-updates/${_param:openstack_version} main" + key: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: GnuPG v1 + + mQINBFAqSlgBEADPKwXUwqbgoDYgR20zFypxSZlSbrttOKVPEMb0HSUx9Wj8VvNC + r+mT4E9wAyq7NTIs5ad2cUhXoyenrjcfGqK6k9R6yRHDbvAxCSWTnJjw7mzsajDN + ocXC6THKVW8BSjrh0aOBLpht6d5QCO2vyWxw65FKM65GOsbX03ZngUPMuOuiOEHQ + Zo97VSH2pSB+L+B3d9B0nw3QnU8qZMne+nVWYLYRXhCIxSv1/h39SXzHRgJoRUFH + vL2aiiVrn88NjqfDW15HFhVJcGOFuACZnRA0/EqTq0qNo3GziQO4mxuZi3bTVL5s + GABiYW9uIlokPqcS7Fa0FRVIU9R+bBdHZompcYnKAeGag+uRvuTqC3MMRcLUS9Oi + /P9I8fPARXUPwzYN3fagCGB8ffYVqMunnFs0L6td08BgvWwer+Buu4fPGsQ5OzMc + lgZ0TJmXyOlIW49lc1UXnORp4sm7HS6okA7P6URbqyGbaplSsNUVTgVbi+vc8/jY + dfExt/3HxVqgrPlq9htqYgwhYvGIbBAxmeFQD8Ak/ShSiWb1FdQ+f7Lty+4mZLfN + 8x4zPZ//7fD5d/PETPh9P0msF+lLFlP564+1j75wx+skFO4v1gGlBcDaeipkFzeo + zndAgpegydKSNTF4QK9iTYobTIwsYfGuS8rV21zE2saLM0CE3T90aHYB/wARAQAB + tD1DYW5vbmljYWwgQ2xvdWQgQXJjaGl2ZSBTaWduaW5nIEtleSA8ZnRwbWFzdGVy + QGNhbm9uaWNhbC5jb20+iQI3BBMBCAAhBQJQKkpYAhsDBQsJCAcDBRUKCQgLBRYC + AwEAAh4BAheAAAoJEF7bG2LsSSbqKxkQAIKtgImrk02YCDldg6tLt3b69ZK0kIVI + 3Xso/zCBZbrYFmgGQEFHAa58mIgpv5GcgHHxWjpX3n4tu2RM9EneKvFjFBstTTgo + yuCgFr7iblvs/aMW4jFJAiIbmjjXWVc0CVB/JlLqzBJ/MlHdR9OWmojN9ZzoIA+i + +tWlypgUot8iIxkR6JENxit5v9dN8i6anmnWybQ6PXFMuNi6GzQ0JgZIVs37n0ks + 2wh0N8hBjAKuUgqu4MPMwvNtz8FxEzyKwLNSMnjLAhzml/oje/Nj1GBB8roj5dmw + 7PSul5pAqQ5KTaXzl6gJN5vMEZzO4tEoGtRpA0/GTSXIlcx/SGkUK5+lqdQIMdyS + n8bImU6V6rDSoOaI9YWHZtpv5WeUsNTdf68jZsFCRD+2+NEmIqBVm11yhmUoasC6 + dYw5l9P/PBdwmFm6NBUSEwxb+ROfpL1ICaZk9Jy++6akxhY//+cYEPLin02r43Z3 + o5Piqujrs1R2Hs7kX84gL5SlBzTM4Ed+ob7KVtQHTefpbO35bQllkPNqfBsC8AIC + 8xvTP2S8FicYOPATEuiRWs7Kn31TWC2iwswRKEKVRmN0fdpu/UPdMikyoNu9szBZ + RxvkRAezh3WheJ6MW6Fmg9d+uTFJohZt5qHdpxYa4beuN4me8LF0TYzgfEbFT6b9 + D6IyTFoT0LequQINBFAqSlgBEADmL3TEq5ejBYrA+64zo8FYvCF4gziPa5rCIJGZ + /gZXQ7pm5zek/lOe9C80mhxNWeLmrWMkMOWKCeaDMFpMBOQhZZmRdakOnH/xxO5x + +fRdOOhy+5GTRJiwkuGOV6rB9eYJ3UN9caP2hfipCMpJjlg3j/GwktjhuqcBHXhA + HMhzxEOIDE5hmpDqZ051f8LGXld9aSL8RctoYFM8sgafPVmICTCq0Wh03dr5c2JA + gEXy3ushYm/8i2WFmyldo7vbtTfx3DpmJc/EMpGKV+GxcI3/ERqSkde0kWlmfPZb + o/5+hRqSryqfQtRKnFEQgAqAhPIwXwOkjCpPnDNfrkvzVEtl2/BWP/1/SOqzXjk9 + TIb1Q7MHANeFMrTCprzPLX6IdC4zLp+LpV91W2zygQJzPgWqH/Z/WFH4gXcBBqmI + 8bFpMPONYc9/67AWUABo2VOCojgtQmjxuFn+uGNw9PvxJAF3yjl781PVLUw3n66d + wHRmYj4hqxNDLywhhnL/CC7KUDtBnUU/CKn/0Xgm9oz3thuxG6i3F3pQgpp7MeMn + tKhLFWRXo9Bie8z/c0NV4K5HcpbGa8QPqoDseB5WaO4yGIBOt+nizM4DLrI+v07y + Xe3Jm7zBSpYSrGarZGK68qamS3XPzMshPdoXXz33bkQrTPpivGYQVRZuzd/R6b+6 + IurV+QARAQABiQIfBBgBCAAJBQJQKkpYAhsMAAoJEF7bG2LsSSbq59EP/1U3815/ + yHV3cf/JeHgh6WS/Oy2kRHp/kJt3ev/l/qIxfMIpyM3u/D6siORPTUXHPm3AaZrb + w0EDWByA3jHQEzlLIbsDGZgrnl+mxFuHwC1yEuW3xrzgjtGZCJureZ/BD6xfRuRc + mvnetAZv/z98VN/oj3rvYhUi71NApqSvMExpNBGrdO6gQlI5azhOu8xGNy4OSke8 + J6pAsMUXIcEwjVEIvewJuqBW/3rj3Hh14tmWjQ7shNnYBuSJwbLeUW2e8bURnfXE + TxrCmXzDmQldD5GQWCcD5WDosk/HVHBmHlqrqy0VO2nE3c73dQlNcI4jVWeC4b4Q + SpYVsFz/6Iqy5ZQkCOpQ57MCf0B6P5nF92c5f3TYPMxHf0x3DrjDbUVZytxDiZZa + XsbZzsejbbc1bSNp4hb+IWhmWoFnq/hNHXzKPHBTapObnQju+9zUlQngV0BlPT62 + hOHOw3Pv7suOuzzfuOO7qpz0uAy8cFKe7kBtLSFVjBwaG5JX89mgttYW+lw9Rmsb + p9Iw4KKFHIBLOwk7s+u0LUhP3d8neBI6NfkOYKZZCm3CuvkiOeQP9/2okFjtj+29 + jEL+9KQwrGNFEVNe85Un5MJfYIjgyqX3nJcwypYxidntnhMhr2VD3HL2R/4CiswB + Oa4g9309p/+af/HU1smBrOfIeRoxb8jQoHu3 + =xg4S + -----END PGP PUBLIC KEY BLOCK----- diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/x86_64/init.yml b/mcp/reclass/classes/cluster/all-mcp-arch-common/x86_64/init.yml deleted file mode 100644 index 1d6157605..000000000 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/x86_64/init.yml +++ /dev/null @@ -1,27 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -parameters: - _param: - salt_control_xenial_image: salt://salt/files/control/images/base_image_opnfv_fuel_vcp.img - - # VMs spawned on Foundation Node / Jump Host net ifaces (max 4) - opnfv_fn_vm_primary_interface: ens3 - opnfv_fn_vm_secondary_interface: ens4 - opnfv_fn_vm_tertiary_interface: ens5 - opnfv_fn_vm_quaternary_interface: ens6 - - # VCP VMs spawned on KVM Hosts net ifaces (max 3) - # NOTE(armband): Only x86 VCP VMs spawned via salt.control names differ - opnfv_vcp_vm_primary_interface: ens2 - opnfv_vcp_vm_secondary_interface: ens3 - opnfv_vcp_vm_tertiary_interface: ens4 - - # MaaS timeouts - opnfv_maas_timeout_comissioning: 10 - opnfv_maas_timeout_deploying: 15 diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/config.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/config.yml deleted file mode 100644 index 6b44be6a4..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/config.yml +++ /dev/null @@ -1,162 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - service.git.client - - system.linux.system.single - - system.linux.system.repo.mcp.salt - - system.linux.system.repo.saltstack.xenial - - system.salt.master.api - - system.salt.master.pkg - - system.salt.minion.ca.salt_master - - system.reclass.storage.salt - - system.reclass.storage.system.physical_control_cluster - - system.reclass.storage.system.openstack_control_cluster - - system.reclass.storage.system.openstack_proxy_cluster - - system.reclass.storage.system.openstack_database_cluster - - system.reclass.storage.system.openstack_message_queue_cluster - - system.reclass.storage.system.openstack_telemetry_cluster - # - system.reclass.storage.system.stacklight_log_cluster - # - system.reclass.storage.system.stacklight_monitor_cluster - # - system.reclass.storage.system.stacklight_telemetry_cluster - - system.reclass.storage.system.infra_maas_single -parameters: - _param: - salt_master_base_environment: prd - reclass_data_repository: local - salt_master_environment_repository: "https://github.com/tcpcloud" - salt_master_environment_revision: master - single_address: ${_param:infra_config_address} - deploy_address: ${_param:infra_config_deploy_address} - pxe_address: ${_param:opnfv_infra_config_pxe_address} - salt_master_host: ${_param:infra_config_deploy_address} - # yamllint disable rule:line-length - salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1" - dhcp_nic: ${_param:opnfv_fn_vm_primary_interface} - single_nic: ${_param:opnfv_fn_vm_secondary_interface} - pxe_nic: ${_param:opnfv_fn_vm_tertiary_interface} - linux: - network: - interface: - dhcp: - enabled: true - type: eth - proto: dhcp - name: ${_param:dhcp_nic} - single: - enabled: true - type: eth - proto: static - name: ${_param:single_nic} - address: ${_param:single_address} - netmask: 255.255.255.0 - pxe: - enabled: true - type: eth - proto: static - name: ${_param:pxe_nic} - address: ${_param:pxe_address} - netmask: 255.255.255.0 - salt: - master: - accept_policy: open_mode - file_recv: true - reclass: - storage: - data_source: - engine: local - node: - infra_kvm_node01: - params: - keepalived_vip_priority: 100 - linux_system_codename: xenial - infra_kvm_node02: - params: - keepalived_vip_priority: 101 - linux_system_codename: xenial - infra_kvm_node03: - params: - keepalived_vip_priority: 102 - linux_system_codename: xenial - openstack_telemetry_node01: - params: - linux_system_codename: xenial - openstack_telemetry_node02: - params: - linux_system_codename: xenial - openstack_telemetry_node03: - params: - linux_system_codename: xenial - openstack_message_queue_node01: - params: - linux_system_codename: xenial - openstack_message_queue_node02: - params: - linux_system_codename: xenial - openstack_message_queue_node03: - params: - linux_system_codename: xenial - openstack_proxy_node01: - params: - linux_system_codename: xenial - openstack_proxy_node02: - params: - linux_system_codename: xenial - # stacklight_log_node01: - # classes: - # - system.elasticsearch.client.single - # stacklight_monitor_node01: - # classes: - # - system.grafana.client.single - # - system.kibana.client.single - openstack_control_node01: - classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_control_init - params: - linux_system_codename: xenial - openstack_control_node02: - params: - linux_system_codename: xenial - openstack_control_node03: - params: - linux_system_codename: xenial - openstack_database_node01: - classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_database_init - params: - linux_system_codename: xenial - openstack_database_node02: - params: - linux_system_codename: xenial - openstack_database_node03: - params: - linux_system_codename: xenial - openstack_compute_node01: - name: ${_param:openstack_compute_node01_hostname} - domain: ${_param:cluster_domain} - classes: - - cluster.${_param:cluster_name}.openstack.compute - params: - salt_master_host: ${_param:reclass_config_master} - linux_system_codename: xenial - control_address: ${_param:openstack_compute_node01_control_address} - single_address: ${_param:openstack_compute_node01_single_address} - tenant_address: ${_param:openstack_compute_node01_tenant_address} - external_address: ${_param:openstack_compute_node01_external_address} - openstack_compute_node02: - name: ${_param:openstack_compute_node02_hostname} - domain: ${_param:cluster_domain} - classes: - - cluster.${_param:cluster_name}.openstack.compute - params: - salt_master_host: ${_param:reclass_config_master} - linux_system_codename: xenial - control_address: ${_param:openstack_compute_node02_control_address} - single_address: ${_param:openstack_compute_node02_single_address} - tenant_address: ${_param:openstack_compute_node02_tenant_address} - external_address: ${_param:openstack_compute_node02_external_address} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/kvm_pdf.yml.j2 b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/kvm_pdf.yml.j2 deleted file mode 100644 index b7f6b7cdc..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/kvm_pdf.yml.j2 +++ /dev/null @@ -1,98 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{# NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} -{%- if conf.net_config is defined and conf.idf is defined -%} - {#- NOTE: Currently, we assume all cluster nodes use the same mapping -#} - - {#- Determine interface index for each network (plumbing vars) -#} - {%- set idx_admin = conf['net_config']['admin']['interface'] -%} - {%- set idx_mgmt = conf['net_config']['mgmt']['interface'] -%} - {%- set idx_private = conf['net_config']['private']['interface'] -%} - {%- set idx_public = conf['net_config']['public']['interface'] -%} - - {#- Physical interface OS name for each network (e.g. em1, enp1s0f1) -#} - {%- set node = conf['idf']['fuel']['network']['node'][0] -%} - {%- set nic_admin = node['interfaces'][idx_admin] -%} - {%- set nic_mgmt = node['interfaces'][idx_mgmt] -%} - {%- set nic_private = node['interfaces'][idx_private] -%} - {%- set nic_public = node['interfaces'][idx_public] -%} - - {#- PCI addresses (only for DPDK on private) -#} - {%- set bus_private = node['busaddr'][idx_private] -%} - - {#- VLAN for each network (only untagged 'admin' is supported by MaaS config!) -#} - {%- set vlan_admin = conf['net_config']['admin']['vlan'] -%} - {%- set vlan_mgmt = conf['net_config']['mgmt']['vlan'] -%} - {%- set vlan_private = conf['net_config']['private']['vlan'] -%} - {%- set vlan_public = conf['net_config']['public']['vlan'] -%} -{%- else -%} - {%- set nic_admin = 'enp6s0' -%} - {%- set nic_mgmt = 'enp6s0' -%} - {%- set nic_private = None -%} - {%- set nic_public = None -%} - {%- set vlan_admin = 'native' -%} - {%- set vlan_mgmt = '300' -%} - {%- set vlan_private = '1000' -%} -{%- endif -%} - -{#- Filter-out NIC duplicates by constructing a dict (used NICs only) -#} -{%- set nics = { nic_admin: True, nic_mgmt: True, nic_public: True } -%} - -{%- set vlans = { vlan_admin: nic_admin, vlan_mgmt: nic_mgmt, vlan_public: nic_public } -%} ---- -parameters: - linux: - network: - interface: -{%- for nic in nics %} - {{ nic }}: - enabled: true - type: eth - proto: manual - address: 0.0.0.0 - netmask: 255.255.255.0 - name: {{ nic }} - noifupdown: true -{%- endfor %} - -{%- for vlan in vlans %} - {%- if vlan and vlan != 'native' %} - {{ vlans[vlan] }}.{{ vlan }}: - enabled: true - proto: manual - type: vlan - name: {{ vlans[vlan] }}.{{ vlan }} - use_interfaces: - - {{ vlans[vlan] }} - {%- endif %} -{%- endfor %} - - br-mgmt: - enabled: true - proto: dhcp - type: bridge - use_interfaces: - - {{ nic_admin }}{% if vlan_admin and vlan_admin != 'native' %}.{{ vlan_admin }}{% endif %} - noifupdown: true - br-ctl: - enabled: true - type: bridge - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 - use_interfaces: - - {{ nic_mgmt }}{% if vlan_mgmt and vlan_mgmt != 'native' %}.{{ vlan_mgmt }}{% endif %} - br-ex: - enabled: true - proto: manual - address: 0.0.0.0 - netmask: 255.255.255.0 - type: bridge - use_interfaces: - - {{ nic_public }}{% if vlan_public and vlan_public != 'native' %}.{{ vlan_public }}{% endif %} - noifupdown: true diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/maas.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/maas.yml deleted file mode 100644 index 04ffdb44d..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/maas.yml +++ /dev/null @@ -1,137 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.maas.region.single - - service.maas.cluster.single -parameters: - _param: - dhcp_interface: ${_param:opnfv_fn_vm_primary_interface} - primary_interface: ${_param:opnfv_fn_vm_secondary_interface} - pxe_interface: ${_param:opnfv_fn_vm_tertiary_interface} - interface_mtu: 1500 - # MaaS has issues using MTU > 1500 for PXE interface - pxe_interface_mtu: 1500 - linux_system_codename: xenial - maas_admin_username: opnfv - maas_admin_password: opnfv_secret - maas_db_password: opnfv_secret - dns_server01: ${_param:opnfv_dns_server01} - single_address: ${_param:infra_maas_node01_deploy_address} - hwe_kernel: 'hwe-16.04-edge' - maas: - region: - salt_master_ip: ${_param:reclass_config_master} - domain: ${_param:cluster_domain} - maas_config: - commissioning_distro_series: 'xenial' - default_distro_series: 'xenial' - default_osystem: 'ubuntu' - default_storage_layout: 'lvm' - enable_http_proxy: true - disk_erase_with_secure_erase: false - dnssec_validation: 'no' - enable_third_party_drivers: true - network_discovery: 'enabled' - default_min_hwe_kernel: ${_param:hwe_kernel} - subnets: - opnfv_maas_pxe: - name: ${_param:opnfv_infra_maas_pxe_network_address}/24 - cidr: ${_param:opnfv_infra_maas_pxe_network_address}/24 - gateway_ip: ${_param:single_address} - iprange: - start: ${_param:opnfv_infra_maas_pxe_start_address} - end: ${_param:opnfv_infra_maas_pxe_end_address} - type: dynamic - vlans: - untagged: - vid: 0 - dhcp_on: true - primary_rack: ${_param:infra_maas_node01_hostname} - machines: - kvm01: - interface: - mac: ${_param:opnfv_maas_node01_interface_mac} - power_parameters: - power_address: ${_param:opnfv_maas_node01_power_address} - power_password: ${_param:opnfv_maas_node01_power_password} - power_type: ${_param:opnfv_maas_node01_power_type} - power_user: ${_param:opnfv_maas_node01_power_user} - architecture: ${_param:opnfv_maas_node01_architecture} - distro_series: xenial - hwe_kernel: ${_param:hwe_kernel} - kvm02: - interface: - mac: ${_param:opnfv_maas_node02_interface_mac} - power_parameters: - power_address: ${_param:opnfv_maas_node02_power_address} - power_password: ${_param:opnfv_maas_node02_power_password} - power_type: ${_param:opnfv_maas_node02_power_type} - power_user: ${_param:opnfv_maas_node02_power_user} - architecture: ${_param:opnfv_maas_node02_architecture} - distro_series: xenial - hwe_kernel: ${_param:hwe_kernel} - kvm03: - interface: - mac: ${_param:opnfv_maas_node03_interface_mac} - power_parameters: - power_address: ${_param:opnfv_maas_node03_power_address} - power_password: ${_param:opnfv_maas_node03_power_password} - power_type: ${_param:opnfv_maas_node03_power_type} - power_user: ${_param:opnfv_maas_node03_power_user} - architecture: ${_param:opnfv_maas_node03_architecture} - distro_series: xenial - hwe_kernel: ${_param:hwe_kernel} - cmp001: - interface: - mac: ${_param:opnfv_maas_node04_interface_mac} - power_parameters: - power_address: ${_param:opnfv_maas_node04_power_address} - power_password: ${_param:opnfv_maas_node04_power_password} - power_type: ${_param:opnfv_maas_node04_power_type} - power_user: ${_param:opnfv_maas_node04_power_user} - architecture: ${_param:opnfv_maas_node04_architecture} - distro_series: xenial - hwe_kernel: ${_param:hwe_kernel} - cmp002: - interface: - mac: ${_param:opnfv_maas_node05_interface_mac} - power_parameters: - power_address: ${_param:opnfv_maas_node05_power_address} - power_password: ${_param:opnfv_maas_node05_power_password} - power_type: ${_param:opnfv_maas_node05_power_type} - power_user: ${_param:opnfv_maas_node05_power_user} - architecture: ${_param:opnfv_maas_node05_architecture} - distro_series: xenial - hwe_kernel: ${_param:hwe_kernel} - cluster: - saltstack_repo_xenial: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.11/ xenial main" - linux: - network: - interface: - dhcp_interface: - enabled: true - name: ${_param:dhcp_interface} - type: eth - proto: dhcp - primary_interface: - enabled: true - name: ${_param:primary_interface} - mtu: ${_param:interface_mtu} - proto: static - address: ${_param:infra_maas_node01_address} - netmask: 255.255.255.0 - type: eth - pxe_interface: - enabled: true - name: ${_param:pxe_interface} - mtu: ${_param:pxe_interface_mtu} - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 - type: eth diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_compute_pdf.yml.j2 deleted file mode 100644 index bf2b66e4f..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_compute_pdf.yml.j2 +++ /dev/null @@ -1,114 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{# NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} -{%- if conf.net_config is defined and conf.idf is defined -%} - {#- NOTE: Currently, we assume all cluster nodes use the same mapping -#} - - {#- Determine interface index for each network (plumbing vars) -#} - {%- set idx_admin = conf['net_config']['admin']['interface'] -%} - {%- set idx_mgmt = conf['net_config']['mgmt']['interface'] -%} - {%- set idx_private = conf['net_config']['private']['interface'] -%} - {%- set idx_public = conf['net_config']['public']['interface'] -%} - - {#- Physical interface OS name for each network (e.g. em1, enp1s0f1) -#} - {%- set iface_names = conf['idf']['fuel']['network']['node'][3]['interfaces'] -%} - {%- set nic_admin = iface_names[idx_admin] -%} - {%- set nic_mgmt = iface_names[idx_mgmt] -%} - {%- set nic_private = iface_names[idx_private] -%} - {%- set nic_public = iface_names[idx_public] -%} - - {#- VLAN for each network (only untagged 'admin' is supported by MaaS config!) -#} - {%- set vlan_admin = conf['net_config']['admin']['vlan'] -%} - {%- set vlan_mgmt = conf['net_config']['mgmt']['vlan'] -%} - {%- set vlan_private = conf['net_config']['private']['vlan'] -%} - {%- set vlan_public = conf['net_config']['public']['vlan'] -%} -{%- else -%} - {%- set nic_admin = 'enp6s0' -%} - {%- set nic_mgmt = 'enp6s0' -%} - {%- set nic_private = None -%} - {%- set nic_public = None -%} - {%- set vlan_admin = 'native' -%} - {%- set vlan_mgmt = '300' -%} - {%- set vlan_private = '1000' -%} -{%- endif -%} - -{#- Filter-out NIC duplicates by constructing a dict (used NICs only) -#} -{%- set nics = { nic_admin: True, nic_mgmt: True } -%} - -{%- set vlans = { vlan_admin: nic_admin, vlan_mgmt: nic_mgmt } -%} ---- -parameters: - linux: - network: - bridge: openvswitch - interface: -{%- for nic in nics %} - {%- if nic == nic_admin %} - {{ nic }}: - enabled: true - type: eth - proto: dhcp - name: {{ nic }} - {%- else %} - {{ nic }}: - enabled: true - type: eth - proto: manual - address: 0.0.0.0 - netmask: 255.255.255.0 - mtu: ${_param:interface_mtu} - name: {{ nic }} - {%- endif %} -{%- endfor %} - -{%- for vlan in vlans %} - {%- if vlan and vlan != 'native' %} - {{ vlans[vlan] }}.{{ vlan }}: - enabled: true - proto: manual - type: vlan - name: {{ vlans[vlan] }}.{{ vlan }} - use_interfaces: - - {{ vlans[vlan] }} - {%- endif %} -{%- endfor %} - - br-ctl: - enabled: true - type: bridge - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 - use_interfaces: - - {{ nic_mgmt }}{% if vlan_mgmt and vlan_mgmt != 'native' %}.{{ vlan_mgmt }}{% endif %} - br-floating: - enabled: true - type: ovs_bridge - mtu: ${_param:interface_mtu} - br-ex: - enabled: true - type: ovs_port - bridge: br-floating - proto: static - {%- if vlan_public and vlan_public != 'native' %} - ovs_options: tag={{ vlan_public }} - {%- endif %} - address: ${_param:external_address} - netmask: 255.255.255.0 - route: - public: - address: 0.0.0.0 - netmask: 0.0.0.0 - gateway: ${_param:opnfv_net_public_gw} - {{ nic_public }}: - enabled: true - proto: manual - ovs_port_type: OVSPort - type: ovs_port - ovs_bridge: br-floating - bridge: br-floating diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_control.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_control.yml deleted file mode 100644 index cf09a4123..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_control.yml +++ /dev/null @@ -1,112 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.linux.system.repo.glusterfs - - system.ceilometer.client - - system.memcached.server.single - - system.keystone.server.cluster - - system.keystone.server.wsgi - - system.glance.control.cluster - - system.nova.control.cluster - - system.cinder.control.cluster - - system.cinder.control.backend.lvm - - system.heat.server.cluster - - system.designate.server.cluster - - system.designate.server.backend.bind - - system.bind.server.single - - system.haproxy.proxy.listen.openstack.nova-placement - - system.haproxy.proxy.listen.openstack.glare - - system.glusterfs.client.cluster - - system.glusterfs.client.volume.glance - - system.glusterfs.client.volume.keystone -parameters: - _param: - keepalived_vip_interface: ${_param:single_nic} - keepalived_vip_virtual_router_id: 50 - cluster_vip_address: ${_param:openstack_control_address} - cluster_local_address: ${_param:single_address} - cluster_node01_hostname: ${_param:openstack_control_node01_hostname} - cluster_node01_address: ${_param:openstack_control_node01_address} - cluster_node02_hostname: ${_param:openstack_control_node02_hostname} - cluster_node02_address: ${_param:openstack_control_node02_address} - cluster_node03_hostname: ${_param:openstack_control_node03_hostname} - cluster_node03_address: ${_param:openstack_control_node03_address} - nova_vncproxy_url: https://${_param:cluster_public_host}:6080 - glusterfs_version: '3.13' - heat: - server: - metadata: - host: ${_param:openstack_proxy_control_address} - port: 8000 - protocol: http - waitcondition: - host: ${_param:openstack_proxy_control_address} - port: 8000 - protocol: http - watch: - host: ${_param:openstack_proxy_control_address} - port: 8003 - protocol: http - nova: - controller: - pkgs: - - nova-api - - nova-conductor - - nova-consoleauth - - nova-novncproxy - - nova-scheduler - - python-novaclient - neutron: - server: - vlan_aware_vms: true - keystone: - server: - cacert: /etc/ssl/certs/mcp_os_cacert - bind: - server: - control: - mgmt: - enabled: true - bind: - address: ${_param:single_address} - port: 953 - allow: - - ${_param:openstack_control_node01_address} - - ${_param:openstack_control_node02_address} - - ${_param:openstack_control_node03_address} - keys: - - designate - designate: - server: - pools: - default: - description: 'test pool' - targets: - default: - description: 'test target1' - default1: - type: ${_param:designate_pool_target_type} - description: 'test target2' - masters: ${_param:designate_pool_target_masters} - options: - host: ${_param:openstack_control_node02_address} - port: 53 - rndc_host: ${_param:openstack_control_node02_address} - rndc_port: 953 - rndc_key_file: /etc/designate/rndc.key - default2: - type: ${_param:designate_pool_target_type} - description: 'test target3' - masters: ${_param:designate_pool_target_masters} - options: - host: ${_param:openstack_control_node03_address} - port: 53 - rndc_host: ${_param:openstack_control_node03_address} - rndc_port: 953 - rndc_key_file: /etc/designate/rndc.key diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_control_init.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_control_init.yml deleted file mode 100644 index deb4cd7e9..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_control_init.yml +++ /dev/null @@ -1,17 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.keystone.client.single - - system.keystone.client.service.aodh - - system.keystone.client.service.ceilometer - - system.keystone.client.service.nova21 - - system.keystone.client.service.nova-placement - - system.keystone.client.service.glare - - system.keystone.client.service.cinder3 - - system.keystone.client.service.designate diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_interface_vcp_biport.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_interface_vcp_biport.yml deleted file mode 100644 index f5a4ad0ef..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_interface_vcp_biport.yml +++ /dev/null @@ -1,29 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.include.proxy -parameters: - _param: - dhcp_nic: ${_param:opnfv_vcp_vm_primary_interface} - single_nic: ${_param:opnfv_vcp_vm_secondary_interface} - linux: - network: - interface: - dhcp: - enabled: true - type: eth - proto: dhcp - name: ${_param:dhcp_nic} - single: - enabled: true - type: eth - proto: static - name: ${_param:single_nic} - address: ${_param:single_address} - netmask: 255.255.255.0 diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_proxy.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_proxy.yml deleted file mode 100644 index f83590ced..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_proxy.yml +++ /dev/null @@ -1,45 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.nginx.server.single - - system.nginx.server.proxy.openstack_api - - system.nginx.server.proxy.openstack_vnc - - system.nginx.server.proxy.openstack_web - - system.nginx.server.proxy.openstack.aodh - - system.nginx.server.proxy.openstack.ceilometer - - system.horizon.server.single - - system.salt.minion.cert.proxy - - system.sphinx.server.doc.reclass - - service.keepalived.cluster.single - - system.keepalived.cluster.instance.openstack_web_public_vip -parameters: - _param: - cluster_vip_address: ${_param:openstack_proxy_address} - keepalived_openstack_web_public_vip_address: ${_param:cluster_vip_address} - keepalived_openstack_web_public_vip_interface: ${_param:single_nic} - keepalived_vip_address: ${_param:openstack_proxy_control_address} - keepalived_vip_interface: ${_param:control_nic} - keepalived_vip_virtual_router_id: 240 - nginx_proxy_ssl: - enabled: true - authority: ${_param:salt_minion_ca_authority} - engine: salt - mode: secure - salt_minion_ca_host: cfg01.${_param:cluster_domain} - linux: - system: - package: - libapache2-mod-wsgi: - version: latest - salt: - minion: - cert: - proxy: - alternative_names: "IP:${_param:openstack_proxy_address}" - key_usage: 'digitalSignature, keyEncipherment' diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_telemetry.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_telemetry.yml deleted file mode 100644 index 94c0ce468..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_telemetry.yml +++ /dev/null @@ -1,33 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.linux.system.repo.mcp.extra - - system.mongodb.server.cluster - - system.mongodb.server.database.ceilometer - - system.ceilometer.server.backend.mongodb - # - system.ceilometer.server.backend.influxdb - # - system.heka.ceilometer_collector.single - - system.ceilometer.server.cluster - - system.aodh.server.cluster -parameters: - _param: - keepalived_openstack_telemetry_vip_interface: ${_param:single_nic} - keepalived_vip_virtual_router_id: 230 - cluster_vip_address: ${_param:openstack_telemetry_address} - cluster_local_address: ${_param:single_address} - cluster_node01_hostname: ${_param:openstack_telemetry_node01_hostname} - cluster_node01_address: ${_param:openstack_telemetry_node01_address} - cluster_node02_hostname: ${_param:openstack_telemetry_node02_hostname} - cluster_node02_address: ${_param:openstack_telemetry_node02_address} - cluster_node03_hostname: ${_param:openstack_telemetry_node03_hostname} - cluster_node03_address: ${_param:openstack_telemetry_node03_address} - mongodb: - server: - logging: - verbose: v diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/config.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/config.yml deleted file mode 100644 index d9f723a7c..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/config.yml +++ /dev/null @@ -1,22 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.reclass.storage.system.opendaylight_control_single - - cluster.baremetal-mcp-pike-common-ha.infra.config - - cluster.baremetal-mcp-pike-odl-ha.infra -parameters: - reclass: - storage: - node: - opendaylight_control_node01: - classes: - - cluster.${_param:cluster_name}.opendaylight.control - params: - linux_system_codename: xenial - single_address: ${_param:opendaylight_server_node01_single_address} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/kvm.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/kvm.yml deleted file mode 100644 index bbc80e271..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/kvm.yml +++ /dev/null @@ -1,29 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.infra.kvm - - cluster.baremetal-mcp-pike-odl-ha.infra -parameters: - salt: - control: - size: # RAM 4096,8192,16384,32768,65536 - # Default production sizing - opendaylight.server: - cpu: 4 - ram: 6144 - disk_profile: small - net_profile: default - cluster: - internal: - node: - odl01: - name: ${_param:opendaylight_server_node01_hostname} - provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} - image: ${_param:salt_control_xenial_image} - size: opendaylight.server diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/compute.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/compute.yml deleted file mode 100644 index 473b3ff48..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/compute.yml +++ /dev/null @@ -1,31 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_compute - - cluster.baremetal-mcp-pike-odl-ha.openstack.compute_pdf - - cluster.baremetal-mcp-pike-odl-ha.infra - - system.neutron.gateway.opendaylight.single -parameters: - _param: - neutron_agents: - - neutron-dhcp-agent - - neutron-metadata-agent - opendaylight: - client: - ovsdb_server_iface: ptcp:6639:127.0.0.1 - ovsdb_odl_iface: tcp:${_param:opendaylight_service_host}:6640 - tunnel_ip: ${_param:tenant_address} - provider_mappings: physnet1:br-floating - neutron: - gateway: - agent_mode: ${_param:neutron_gateway_agent_mode} - pkgs: ${_param:neutron_agents} - services: ${_param:neutron_agents} - backend: - router: ${_param:opendaylight_router} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/compute_pdf.yml.j2 deleted file mode 100644 index 7809bd8c8..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/compute_pdf.yml.j2 +++ /dev/null @@ -1,79 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{# NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} -{%- if conf.net_config is defined and conf.idf is defined -%} - {#- NOTE: Currently, we assume all cluster nodes use the same mapping -#} - - {#- Determine interface index for each network (plumbing vars) -#} - {%- set idx_admin = conf['net_config']['admin']['interface'] -%} - {%- set idx_mgmt = conf['net_config']['mgmt']['interface'] -%} - {%- set idx_private = conf['net_config']['private']['interface'] -%} - {%- set idx_public = conf['net_config']['public']['interface'] -%} - - {#- Physical interface OS name for each network (e.g. em1, enp1s0f1) -#} - {%- set node = conf['idf']['fuel']['network']['node'][1] -%} - {%- set nic_admin = node['interfaces'][idx_admin] -%} - {%- set nic_mgmt = node['interfaces'][idx_mgmt] -%} - {%- set nic_private = node['interfaces'][idx_private] -%} - {%- set nic_public = node['interfaces'][idx_public] -%} - - {#- PCI addresses (only for DPDK on private) -#} - {%- set bus_private = node['busaddr'][idx_private] -%} - - {#- VLAN for each network (only untagged 'admin' is supported by MaaS config!) -#} - {%- set vlan_admin = conf['net_config']['admin']['vlan'] -%} - {%- set vlan_mgmt = conf['net_config']['mgmt']['vlan'] -%} - {%- set vlan_private = conf['net_config']['private']['vlan'] -%} - {%- set vlan_public = conf['net_config']['public']['vlan'] -%} -{%- else -%} - {%- set nic_admin = 'enp6s0' -%} - {%- set nic_mgmt = 'enp6s0' -%} - {%- set nic_private = None -%} - {%- set nic_public = None -%} - {%- set vlan_admin = 'native' -%} - {%- set vlan_mgmt = '300' -%} - {%- set vlan_private = '1000' -%} -{%- endif -%} - -{#- Filter-out NIC duplicates by constructing a dict (used NICs only) -#} -{%- set nics = { nic_private: True } -%} - -{%- set vlans = { vlan_private: nic_private } -%} ---- -parameters: - linux: - network: - interface: -{%- for nic in nics %} - {{ nic }}: - enabled: true - type: eth - proto: manual - name: {{ nic }} -{%- endfor %} - -{%- for vlan in vlans %} - {%- if vlan and vlan != 'native' %} - {{ vlans[vlan] }}.{{ vlan }}: - enabled: true - proto: manual - type: vlan - name: {{ vlans[vlan] }}.{{ vlan }} - use_interfaces: - - {{ vlans[vlan] }} - {%- endif %} -{%- endfor %} - - br-mesh: - enabled: true - type: bridge - address: ${_param:tenant_address} - netmask: 255.255.255.0 - mtu: 1500 - use_interfaces: - - {{ nic_private }}{% if vlan_private and vlan_private != 'native' %}.{{ vlan_private }}{% endif %} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/database.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/database.yml deleted file mode 100644 index 8585c6915..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/database.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_database - - cluster.baremetal-mcp-pike-odl-ha diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/init.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/init.yml deleted file mode 100644 index 0859dc9f0..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/init.yml +++ /dev/null @@ -1,32 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_init -parameters: - _param: - # opendaylight options - opendaylight_server_node01_single_address: ${_param:opnfv_opendaylight_server_node01_single_address} - opendaylight_service_host: ${_param:opendaylight_server_node01_single_address} - opendaylight_server_node01_hostname: odl01 - opendaylight_router: odl-router_v2 - - neutron_tenant_network_types: "flat,vxlan" - nova_cpu_pinning: "1,2,3,4,5,7,8,9,10,11" - compute_hugepages_size: 1G - compute_hugepages_count: 16 - compute_hugepages_mount: /mnt/hugepages_1G - compute_kernel_isolcpu: ${_param:nova_cpu_pinning} - linux: - network: - host: - odl01: - address: ${_param:opendaylight_service_host} - names: - - ${_param:opendaylight_server_node01_hostname} - - ${_param:opendaylight_server_node01_hostname}.${_param:cluster_domain} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/message_queue.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/message_queue.yml deleted file mode 100644 index dfe1e28ca..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/message_queue.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_message_queue - - cluster.baremetal-mcp-pike-odl-ha diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/telemetry.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/telemetry.yml deleted file mode 100644 index 83d1be89a..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/telemetry.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_telemetry - - cluster.baremetal-mcp-pike-odl-ha.infra diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/config.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/config.yml deleted file mode 100644 index 3b7ba99e0..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/config.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.infra.config - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra.config_pdf diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/config_pdf.yml.j2 b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/config_pdf.yml.j2 deleted file mode 100644 index 5511ed774..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/config_pdf.yml.j2 +++ /dev/null @@ -1,54 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{# NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} -{%- if conf.net_config is defined and conf.idf is defined -%} - {#- NOTE: Currently, we assume all cluster nodes use the same mapping -#} - - {#- Determine interface index for each network (plumbing vars) -#} - {%- set idx_admin = conf['net_config']['admin']['interface'] -%} - {%- set idx_mgmt = conf['net_config']['mgmt']['interface'] -%} - {%- set idx_private = conf['net_config']['private']['interface'] -%} - {%- set idx_public = conf['net_config']['public']['interface'] -%} - - {#- Physical interface OS name for each network (e.g. em1, enp1s0f1) -#} - {%- set node = conf['idf']['fuel']['network']['node'][0] -%} - {%- set nic_admin = node['interfaces'][idx_admin] -%} - {%- set nic_mgmt = node['interfaces'][idx_mgmt] -%} - {%- set nic_private = node['interfaces'][idx_private] -%} - {%- set nic_public = node['interfaces'][idx_public] -%} - - {#- PCI addresses (only for DPDK on private) -#} - {%- set bus_private = node['busaddr'][idx_private] -%} - - {#- VLAN for each network (only untagged 'admin' is supported by MaaS config!) -#} - {%- set vlan_admin = conf['net_config']['admin']['vlan'] -%} - {%- set vlan_mgmt = conf['net_config']['mgmt']['vlan'] -%} - {%- set vlan_private = conf['net_config']['private']['vlan'] -%} - {%- set vlan_public = conf['net_config']['public']['vlan'] -%} -{%- else -%} - {%- set nic_admin = 'enp6s0' -%} - {%- set nic_mgmt = 'enp6s0' -%} - {%- set nic_private = None -%} - {%- set nic_public = None -%} - {%- set vlan_admin = 'native' -%} - {%- set vlan_mgmt = '300' -%} - {%- set vlan_private = '1000' -%} -{%- endif -%} ---- -parameters: - reclass: - storage: - node: - openstack_compute_node01: - params: - dpdk0_name: {{ nic_private }} - dpdk0_pci: '"{{ bus_private }}"' - openstack_compute_node02: - params: - dpdk0_name: {{ nic_private }} - dpdk0_pci: '"{{ bus_private }}"' diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/maas.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/maas.yml deleted file mode 100644 index fb55539f5..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/maas.yml +++ /dev/null @@ -1,11 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.infra.maas - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/database.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/database.yml deleted file mode 100644 index 86b4038c2..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/database.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_database - - cluster.baremetal-mcp-pike-ovs-dpdk-ha diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/init.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/init.yml deleted file mode 100644 index 7d85fda41..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/init.yml +++ /dev/null @@ -1,24 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_init -parameters: - _param: - neutron_tenant_network_types: "flat,vlan" - neutron_tenant_vlan_range: "1000:1030" - nova_cpu_pinning: "5-7,13-15" - compute_hugepages_size: 2M - compute_hugepages_count: 8192 - compute_hugepages_mount: /mnt/hugepages_2M - compute_kernel_isolcpu: 2,3,5,6,7,10,11,13,14,15 - compute_dpdk_driver: uio - compute_ovs_pmd_cpu_mask: "0xc04" - compute_ovs_dpdk_socket_mem: "2048,2048" - compute_ovs_dpdk_lcore_mask: "0x8" - compute_ovs_memory_channels: "2" diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/message_queue.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/message_queue.yml deleted file mode 100644 index ad9336faa..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/message_queue.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_message_queue - - cluster.baremetal-mcp-pike-ovs-dpdk-ha diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/proxy.yml deleted file mode 100644 index de960d976..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/proxy.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_triport - - cluster.baremetal-mcp-pike-common-ha.openstack_proxy - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/telemetry.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/telemetry.yml deleted file mode 100644 index 680efa871..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/telemetry.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_telemetry - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/maas.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/maas.yml deleted file mode 100644 index 4bb3d74f7..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/maas.yml +++ /dev/null @@ -1,11 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.infra.maas - - cluster.baremetal-mcp-pike-ovs-ha.infra diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/compute.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/compute.yml deleted file mode 100644 index 5914f50be..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/compute.yml +++ /dev/null @@ -1,17 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_compute - - cluster.baremetal-mcp-pike-ovs-ha.openstack.compute_pdf - - cluster.baremetal-mcp-pike-ovs-ha.infra -parameters: - nova: - compute: - libvirt_service: libvirtd - libvirt_bin: /etc/default/libvirtd diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/compute_pdf.yml.j2 deleted file mode 100644 index 7acb4b4c6..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/compute_pdf.yml.j2 +++ /dev/null @@ -1,79 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{# NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} -{%- if conf.net_config is defined and conf.idf is defined -%} - {#- NOTE: Currently, we assume all cluster nodes use the same mapping -#} - - {#- Determine interface index for each network (plumbing vars) -#} - {%- set idx_admin = conf['net_config']['admin']['interface'] -%} - {%- set idx_mgmt = conf['net_config']['mgmt']['interface'] -%} - {%- set idx_private = conf['net_config']['private']['interface'] -%} - {%- set idx_public = conf['net_config']['public']['interface'] -%} - - {#- Physical interface OS name for each network (e.g. em1, enp1s0f1) -#} - {%- set node = conf['idf']['fuel']['network']['node'][0] -%} - {%- set nic_admin = node['interfaces'][idx_admin] -%} - {%- set nic_mgmt = node['interfaces'][idx_mgmt] -%} - {%- set nic_private = node['interfaces'][idx_private] -%} - {%- set nic_public = node['interfaces'][idx_public] -%} - - {#- PCI addresses (only for DPDK on private) -#} - {%- set bus_private = node['busaddr'][idx_private] -%} - - {#- VLAN for each network (only untagged 'admin' is supported by MaaS config!) -#} - {%- set vlan_admin = conf['net_config']['admin']['vlan'] -%} - {%- set vlan_mgmt = conf['net_config']['mgmt']['vlan'] -%} - {%- set vlan_private = conf['net_config']['private']['vlan'] -%} - {%- set vlan_public = conf['net_config']['public']['vlan'] -%} -{%- else -%} - {%- set nic_admin = 'enp6s0' -%} - {%- set nic_mgmt = 'enp6s0' -%} - {%- set nic_private = None -%} - {%- set nic_public = None -%} - {%- set vlan_admin = 'native' -%} - {%- set vlan_mgmt = '300' -%} - {%- set vlan_private = '1000' -%} -{%- endif -%} - -{#- Filter-out NIC duplicates by constructing a dict (used NICs only) -#} -{%- set nics = { nic_private: True } -%} - -{%- set vlans = { vlan_private: nic_private } -%} ---- -parameters: - linux: - network: - interface: -{%- for nic in nics %} - {{ nic }}: - enabled: true - type: eth - proto: manual - name: {{ nic }} -{%- endfor %} - -{%- for vlan in vlans %} - {%- if vlan and vlan != 'native' %} - {{ vlans[vlan] }}.{{ vlan }}: - enabled: true - proto: manual - type: vlan - name: {{ vlans[vlan] }}.{{ vlan }} - use_interfaces: - - {{ vlans[vlan] }} - {%- endif %} -{%- endfor %} - - br-mesh: - enabled: true - type: bridge - address: ${_param:tenant_address} - netmask: 255.255.255.0 - mtu: 1500 - use_interfaces: - - {{ nic_private }}{% if vlan_private and vlan_private != 'native' %}.{{ vlan_private }}{% endif %} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/database.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/database.yml deleted file mode 100644 index 85f5ebcab..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/database.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_database - - cluster.baremetal-mcp-pike-ovs-ha diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/init.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/init.yml deleted file mode 100644 index f1c8b93a4..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/init.yml +++ /dev/null @@ -1,18 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_init -parameters: - _param: - neutron_tenant_network_types: "flat,vxlan" - nova_cpu_pinning: "1,2,3,4,5,7,8,9,10,11" - compute_hugepages_size: 1G - compute_hugepages_count: 16 - compute_hugepages_mount: /mnt/hugepages_1G - compute_kernel_isolcpu: ${_param:nova_cpu_pinning} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/message_queue.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/message_queue.yml deleted file mode 100644 index 745fd6fd8..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/message_queue.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_message_queue - - cluster.baremetal-mcp-pike-ovs-ha diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/proxy.yml deleted file mode 100644 index 5c91f605f..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/proxy.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_triport - - cluster.baremetal-mcp-pike-common-ha.openstack_proxy - - cluster.baremetal-mcp-pike-ovs-ha.infra diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/telemetry.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/telemetry.yml deleted file mode 100644 index c6b111939..000000000 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/telemetry.yml +++ /dev/null @@ -1,12 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_telemetry - - cluster.baremetal-mcp-pike-ovs-ha.infra diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/glusterfs_repo.yml b/mcp/reclass/classes/cluster/mcp-common-ha/glusterfs_repo.yml new file mode 100644 index 000000000..3ec73bec0 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/glusterfs_repo.yml @@ -0,0 +1,24 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.linux.system.repo.keystorage.glusterfs +parameters: + _param: + glusterfs_version: "3.13" + linux: + system: + repo: + mcp_glusterfs: + # yamllint disable-line rule:line-length + source: "deb http://ppa.launchpad.net/gluster/glusterfs-${_param:glusterfs_version}/ubuntu ${_param:linux_system_codename} main" + key: ${_param:linux_system_repo_mcp_glusterfs_key} + pin: + - package: '*' + pin: release o=LP-PPA-gluster-glusterfs-${_param:glusterfs_version} + priority: 1100 diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 new file mode 100644 index 000000000..0ecc2e364 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/config.yml.j2 @@ -0,0 +1,130 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - system.reclass.storage.system.physical_control_cluster + - system.reclass.storage.system.openstack_control_cluster + - system.reclass.storage.system.openstack_proxy_cluster + - system.reclass.storage.system.openstack_database_cluster + - system.reclass.storage.system.openstack_message_queue_cluster + - system.reclass.storage.system.openstack_telemetry_cluster + # - system.reclass.storage.system.stacklight_log_cluster + # - system.reclass.storage.system.stacklight_monitor_cluster + # - system.reclass.storage.system.stacklight_telemetry_cluster + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf + - cluster.all-mcp-arch-common.infra.config_pdf +parameters: + _param: + salt_master_host: ${_param:infra_config_deploy_address} + salt: + master: + accept_policy: open_mode + file_recv: true + worker_threads: 8 + command_timeout: 20 + reclass: + storage: + node: + # NOTE: compute nodes definitions are defined in <all-mcp-arch-common/infra> + infra_kvm_node01: + params: + keepalived_vip_priority: 100 + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_infra_kvm_node01_pxe_admin_address} + infra_kvm_node02: +{%- if not conf.MCP_VCP %} + classes: + - cluster.mcp-common-ha.infra.kvm_novcp +{%- endif %} + params: + keepalived_vip_priority: 101 + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_infra_kvm_node02_pxe_admin_address} + infra_kvm_node03: + params: + keepalived_vip_priority: 102 + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_infra_kvm_node03_pxe_admin_address} + openstack_telemetry_node01: + params: + linux_system_codename: bionic + # create resources only from 1 controller + # to prevent race conditions + ceilometer_create_gnocchi_resources: true + redis_cluster_role: 'master' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node01_pxe_admin_address} + openstack_telemetry_node02: + params: + linux_system_codename: bionic + redis_cluster_role: 'slave' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node02_pxe_admin_address} + openstack_telemetry_node03: + params: + linux_system_codename: bionic + redis_cluster_role: 'slave' + pxe_admin_address: ${_param:opnfv_openstack_telemetry_node03_pxe_admin_address} + openstack_message_queue_node01: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node01_pxe_admin_address} + openstack_message_queue_node02: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node02_pxe_admin_address} + openstack_message_queue_node03: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_message_queue_node03_pxe_admin_address} + openstack_proxy_node01: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address} + openstack_proxy_node02: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address} + # stacklight_log_node01: + # classes: + # - system.elasticsearch.client.single + # stacklight_monitor_node01: + # classes: + # - system.grafana.client.single + # - system.kibana.client.single + openstack_control_node01: + classes: + - cluster.mcp-common-ha.openstack_control_init + params: + linux_system_codename: bionic + # NOTE: When VCP is present, external_address is not used + external_address: ${_param:openstack_proxy_node01_address} + pxe_admin_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address} + openstack_control_node02: + params: + linux_system_codename: bionic + external_address: 0.0.0.0 + pxe_admin_address: ${_param:opnfv_openstack_control_node02_pxe_admin_address} + openstack_control_node03: + params: + linux_system_codename: bionic + external_address: ${_param:openstack_proxy_node02_address} + pxe_admin_address: ${_param:opnfv_openstack_control_node03_pxe_admin_address} + openstack_database_node01: + classes: + - cluster.mcp-common-ha.openstack_database_init + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_database_node01_pxe_admin_address} + openstack_database_node02: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_database_node02_pxe_admin_address} + openstack_database_node03: + params: + linux_system_codename: bionic + pxe_admin_address: ${_param:opnfv_openstack_database_node03_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 index f2a6b4e68..2f4686767 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/init.yml.j2 @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,42 +7,42 @@ ############################################################################## --- classes: - - system.linux.system.single - cluster.all-mcp-arch-common - # - cluster.baremetal-mcp-pike-common-ha.stacklight - # - cluster.baremetal-mcp-pike-common-ha.stacklight.client + # - cluster.mcp-common-ha.stacklight + # - cluster.mcp-common-ha.stacklight.client parameters: _param: - apt_mk_version: nightly - mcp_repo_version: 1.1 - salt_version: 2016.11 + salt_version: 2017.7 cluster_domain: ${_param:cluster_name}.local # stacklight_environment: ${_param:cluster_domain} reclass_data_revision: master - reclass_config_master: ${_param:opnfv_infra_config_pxe_address} + reclass_config_master: ${_param:opnfv_infra_config_pxe_admin_address} cluster_public_host: ${_param:openstack_proxy_address} infra_config_hostname: cfg01 - infra_maas_database_password: opnfv_secret # infra service addresses infra_config_address: ${_param:opnfv_infra_config_address} - infra_config_deploy_address: ${_param:opnfv_salt_master_ip} + infra_config_deploy_address: {{ conf.SALT_MASTER }} infra_maas_node01_address: ${_param:opnfv_infra_maas_node01_address} infra_maas_node01_deploy_address: ${_param:opnfv_infra_maas_node01_deploy_address} infra_kvm_address: ${_param:opnfv_infra_kvm_address} +{%- if conf.MCP_VCP %} infra_kvm_node01_address: ${_param:opnfv_infra_kvm_node01_address} infra_kvm_node02_address: ${_param:opnfv_infra_kvm_node02_address} infra_kvm_node03_address: ${_param:opnfv_infra_kvm_node03_address} +{%- else %} + # For NOVCP, we override kvm addresses to overlap with ctl + infra_kvm_node01_address: ${_param:openstack_control_node01_address} + infra_kvm_node02_address: ${_param:openstack_control_node02_address} + infra_kvm_node03_address: ${_param:openstack_control_node03_address} +{%- endif %} infra_maas_node01_hostname: mas01 infra_kvm_node01_hostname: kvm01 infra_kvm_node02_hostname: kvm02 infra_kvm_node03_hostname: kvm03 - ntp_strata_host1: 1.pool.ntp.org - ntp_strata_host2: 0.pool.ntp.org - # Interface definitions reclass: storage: @@ -57,15 +57,19 @@ parameters: openstack_proxy_node01: params: control_address: ${_param:openstack_proxy_node01_control_address} + pxe_admin_address: ${_param:opnfv_openstack_proxy_node01_pxe_admin_address} openstack_proxy_node02: params: control_address: ${_param:openstack_proxy_node02_control_address} + pxe_admin_address: ${_param:opnfv_openstack_proxy_node02_pxe_admin_address} linux: system: apt: config: prefer_ipv4: Acquire::ForceIPv4: true + allow_downgrades: + APT::Get::allow-downgrades: true user: ubuntu: enabled: true diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/kvm.yml b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 index dcd78a2cf..37bc42225 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/infra/kvm.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 @@ -1,13 +1,13 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- classes: - - system.linux.system.repo.glusterfs - service.keepalived.cluster.single - system.glusterfs.server.volume.glance - system.glusterfs.server.volume.keystone @@ -21,12 +21,14 @@ classes: # - system.salt.control.cluster.stacklight_server_cluster # - system.salt.control.cluster.stacklight_log_cluster # - system.salt.control.cluster.stacklight_telemetry_cluster - - cluster.baremetal-mcp-pike-common-ha.infra.kvm_pdf - - cluster.baremetal-mcp-pike-common-ha.include.proxy + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-ha.glusterfs_repo + - cluster.mcp-common-ha.infra.kvm_pdf + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf parameters: _param: - linux_system_codename: xenial - glusterfs_version: '3.13' + linux_system_codename: bionic cluster_vip_address: ${_param:infra_kvm_address} cluster_node01_address: ${_param:infra_kvm_node01_address} cluster_node02_address: ${_param:infra_kvm_node02_address} @@ -34,9 +36,17 @@ parameters: keepalived_vip_interface: br-ctl keepalived_vip_virtual_router_id: 69 linux: - network: - remove_iface_files: - - '/etc/network/interfaces.d/50-cloud-init.cfg' + system: + kernel: + boot_options: + - spectre_v2=off + - nopti + - kpti=off + - nospec_store_bypass_disable + - noibrs + - noibpb + sysctl: + net.ipv4.ip_forward: 0 libvirt: server: service: libvirtd @@ -44,6 +54,7 @@ parameters: unix_sock_group: libvirt salt: control: + virt_service: libvirtd size: # RAM 4096,8192,16384,32768,65536 # Default production sizing openstack.control: @@ -89,34 +100,44 @@ parameters: cluster: internal: node: - mdb01: - image: ${_param:salt_control_xenial_image} + mdb01: &salt_control_bionic_image_common_attr + image: ${_param:salt_control_bionic_image} +{%- if conf.nodes[nm.ctl01.idx].node.arch == 'aarch64' %} + seed: qemu-nbd + ~cloud_init: ~ + machine: virt + cpu_mode: host-passthrough + loader: + readonly: 'yes' + type: pflash + path: /usr/share/AAVMF/AAVMF_CODE.fd +{%- endif %} mdb02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr mdb03: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr ctl01: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr ctl02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr ctl03: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr dbs01: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr dbs02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr dbs03: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr msg01: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr msg02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr msg03: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr prx01: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr prx02: - image: ${_param:salt_control_xenial_image} + <<: *salt_control_bionic_image_common_attr provider: kvm03.${_param:cluster_domain} virt: nic: diff --git a/mcp/reclass/nodes/cfg01.baremetal-mcp-pike-ovs-dpdk-ha.local.yml b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 index df38d09b8..8959a7856 100644 --- a/mcp/reclass/nodes/cfg01.baremetal-mcp-pike-ovs-dpdk-ha.local.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_novcp.yml.j2 @@ -1,18 +1,19 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{#- This class should only be inherited in NOVCP scenarios for kvm02 #} +{%- import 'net_map.j2' as nm with context %} --- -classes: - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra.config parameters: - _param: - linux_system_codename: xenial - reclass_data_revision: master linux: - system: - name: cfg01 - domain: baremetal-mcp-pike-ovs-dpdk-ha.local + network: + interface: + br-mgmt: + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 new file mode 100644 index 000000000..484e53299 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm_pdf.yml.j2 @@ -0,0 +1,56 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.ctl01.nic_admin: True, nm.ctl01.nic_mgmt: True, nm.ctl01.nic_public: True } %} +{%- set vlans = { nm.vlan_admin: nm.ctl01.nic_admin, nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %} +--- +parameters: + linux: + network: + interface: + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-mgmt: + enabled: true + proto: static + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} +{%- if conf.MCP_VCP %} +{#- For NOVCP scenarios, kvm02 gateway will be added via kvm_novcp class #} + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} +{%- endif %} + type: bridge + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_admin, nm.vlan_admin) }} + noifupdown: true + br-ctl: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} + noifupdown: true +{#- For NOVCP scenarios, kvm{01,03} external gateway will be added via triport class #} + br-ex: + enabled: true + proto: manual + netmask: ${_param:opnfv_net_public_mask} + type: bridge + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + noifupdown: true diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml index 60a01a885..af87d9c2f 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_compute.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,22 +7,24 @@ ############################################################################## --- classes: - - system.linux.system.repo.glusterfs - - system.linux.storage.loopback - system.glusterfs.client.cluster - system.nova.compute.cluster - system.nova.compute.nfv.hugepages - - system.nova.compute.nfv.cpu_pinning - system.neutron.gateway.cluster - system.cinder.volume.single - system.cinder.volume.backend.lvm - system.ceilometer.agent.cluster - - cluster.baremetal-mcp-pike-common-ha.openstack_compute_pdf - - cluster.baremetal-mcp-pike-common-ha.include.proxy + - system.ceilometer.agent.polling.default + - service.barbican.client.cluster + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-ha.glusterfs_repo + - cluster.mcp-common-ha.openstack_compute_pdf + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf parameters: _param: cluster_vip_address: ${_param:openstack_control_address} - cluster_local_address: ${_param:control_address} + cluster_local_address: ${_param:single_address} cluster_node01_hostname: ${_param:openstack_control_node01_hostname} cluster_node01_address: ${_param:openstack_control_node01_address} cluster_node02_hostname: ${_param:openstack_control_node02_hostname} @@ -30,12 +32,9 @@ parameters: cluster_node03_hostname: ${_param:openstack_control_node03_hostname} cluster_node03_address: ${_param:openstack_control_node03_address} nova_vncproxy_url: https://${_param:cluster_public_host}:6080 - interface_mtu: 1500 keepalived_vip_interface: br-ctl keepalived_vip_virtual_router_id: 69 - loopback_device_size: 20 - linux_system_codename: xenial - glusterfs_version: '3.13' + linux_system_codename: bionic glusterfs: client: volumes: @@ -44,15 +43,59 @@ parameters: server: ${_param:glusterfs_service_host} # yamllint disable-line rule:line-length opts: "defaults,backup-volfile-servers=${_param:cluster_node01_address}:${_param:cluster_node02_address}:${_param:cluster_node03_address}" + cinder: + volume: + my_ip: ${_param:single_address} + backend: + lvm-driver: + # Align system.cinder.volume.backend.lvm and MaaS data + volume_group: ${linux:storage:lvm:cinder-vg:name} + database: + connection_recycle_time: ${_param:db_connection_recycle_time} + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - cinder-volume + openiscsi_services: + - tgt + - iscsid linux: - network: - remove_iface_files: - - '/etc/network/interfaces.d/50-cloud-init.cfg' + storage: + lvm: + # Align with both system.cinder.volume.backend.lvm and MaaS data + cinder-vg: + name: vgroot system: kernel: sysctl: vm.dirty_ratio: 10 vm.dirty_background_ratio: 5 + boot_options: + - spectre_v2=off + - nopti + - kpti=off + - nospec_store_bypass_disable + - noibrs + - noibpb neutron: gateway: vlan_aware_vms: true + root_helper_daemon: false + dhcp_lease_duration: 3600 + report_interval: 120 + nova: + compute: + libvirt_service: libvirtd + libvirt_bin: /etc/default/libvirtd + disk_cachemodes: file=directsync,block=none + preallocate_images: space + heal_instance_info_cache_interval: 300 + barbican: + enabled: ${_param:barbican_integration_enabled} + image: + verify_glance_signatures: false + pkgs: + - nova-compute + - python3-novaclient + - pm-utils + - sysfsutils diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 new file mode 100644 index 000000000..0b1c5bbf2 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 @@ -0,0 +1,82 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.cmp001.nic_mgmt: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.cmp001.nic_mgmt } %} +--- +parameters: + _param: + # Should later be determined via PDF/IDF, AArch64 has ESP on /dev/sda1 +{%- if nm.cmp001.idx < conf.nodes | length %} +{%- if conf.nodes[nm.cmp001.idx].node.type == 'virtual' %} + ~cinder_lvm_devices: ['/dev/vdb'] +{%- elif conf.nodes[nm.cmp001.idx].node.arch == 'aarch64' or + conf.nodes[nm.cmp001.idx].disks.0.disk_capacity | storage_size_num | float > 2000000000000 %} + ~cinder_lvm_devices: ['/dev/sda2'] +{%- else %} + ~cinder_lvm_devices: ['/dev/sda1'] +{%- endif %} +{%- endif %} + linux: + network: + bridge: openvswitch + interface: + # PXE/admin is always untagged on computes + pxe_admin_int: + enabled: true + name: ${_param:pxe_admin_interface} + proto: static + type: eth + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + mtu: ${_param:interface_mtu} + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.cmp001.nic_admin in nics %} + {%- do nics.pop(nm.cmp001.nic_admin) %} +{%- endif %} +{%- if ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) in nics %} + {%- do nics.pop(nm.cmp001.nic_public) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-ctl: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_mgmt, nm.vlan_mgmt) }} + br-floating: + enabled: true + type: ovs_bridge + mtu: ${_param:interface_mtu} + proto: static + address: ${_param:external_address} + netmask: ${_param:opnfv_net_public_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + noifupdown: true + {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}: + enabled: true + proto: manual + ovs_port_type: OVSPort + type: ovs_port + ovs_bridge: br-floating + bridge: br-floating + mtu: ${_param:interface_mtu} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 new file mode 100644 index 000000000..b3ab9e2c7 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 @@ -0,0 +1,244 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.ceilometer.client + - system.memcached.server.single + - system.keystone.server.cluster + - system.keystone.server.wsgi + - system.glance.control.cluster + - system.nova.control.cluster + - system.cinder.control.cluster + - system.cinder.control.backend.lvm + - system.heat.server.cluster + - system.designate.server.cluster + - system.designate.server.backend.bind + - system.barbican.server.cluster + - system.apache.server.site.barbican + - service.barbican.server.plugin.simple_crypto + - system.apache.server.single + - system.bind.server.single + - system.haproxy.proxy.listen.openstack.placement + - system.glusterfs.client.cluster + - system.glusterfs.client.volume.glance + - system.glusterfs.client.volume.keystone + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-ha.glusterfs_repo +{%- if not conf.MCP_VCP %} + # sync from kvm + - service.keepalived.cluster.single + - system.glusterfs.server.volume.glance + - system.glusterfs.server.volume.keystone + - system.glusterfs.server.cluster + # NOTE(armband): Disabled for novcp + # - system.salt.control.virt + # - system.salt.control.cluster.openstack_control_cluster + # - system.salt.control.cluster.openstack_proxy_cluster + # - system.salt.control.cluster.openstack_database_cluster + # - system.salt.control.cluster.openstack_message_queue_cluster + # - system.salt.control.cluster.openstack_telemetry_cluster + # - system.salt.control.cluster.stacklight_server_cluster + # - system.salt.control.cluster.stacklight_log_cluster + # - system.salt.control.cluster.stacklight_telemetry_cluster + - cluster.mcp-common-ha.infra.kvm_pdf + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf +{%- endif %} +parameters: + _param: +{%- if not conf.MCP_VCP %} + linux_system_codename: bionic # sync from kvm + # For NOVCP, we switch keepalived VIPs, to keep cluster_vip_address in ctl + single_nic: br-ctl # for keepalive_vip_interface interpolation + control_nic: ~ # Dummy value to keep reclass 1.5.2 happy + keepalived_openstack_web_public_vip_address: ${_param:openstack_proxy_address} + keepalived_openstack_web_public_vip_interface: br-ex +{%- endif %} + keepalived_vip_interface: ${_param:single_nic} + keepalived_vip_virtual_router_id: 50 + cluster_vip_address: ${_param:openstack_control_address} + cluster_local_address: ${_param:single_address} + cluster_node01_hostname: ${_param:openstack_control_node01_hostname} + cluster_node01_address: ${_param:openstack_control_node01_address} + cluster_node02_hostname: ${_param:openstack_control_node02_hostname} + cluster_node02_address: ${_param:openstack_control_node02_address} + cluster_node03_hostname: ${_param:openstack_control_node03_hostname} + cluster_node03_address: ${_param:openstack_control_node03_address} + nova_vncproxy_url: https://${_param:cluster_public_host}:6080 + barbican_integration_enabled: 'false' + fernet_rotation_driver: 'shared_filesystem' + credential_rotation_driver: 'shared_filesystem' + common_conn_recycle_time: &db_conn_recycle_time + database: + connection_recycle_time: ${_param:db_connection_recycle_time} + nova: + controller: + <<: *db_conn_recycle_time + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - nova-api + - nova-conductor + - nova-consoleauth + - nova-scheduler + - nova-novncproxy + - python3-novaclient + cinder: + controller: + pkgs: + - cinder-api + - cinder-scheduler + <<: *db_conn_recycle_time + neutron: + server: + <<: *db_conn_recycle_time + vlan_aware_vms: true + root_helper_daemon: false + agent_down_time: 300 + global_physnet_mtu: ${_param:interface_mtu} + backend: + external_mtu: ${_param:interface_mtu} + pkgs: + - neutron-server + keystone: + server: + <<: *db_conn_recycle_time + cacert: /etc/ssl/certs/mcp_os_cacert + openrc_extra: + volume_device_name: sdc + pkgs: + - keystone + - python3-memcache + - python3-openstackclient + glance: + server: + <<: *db_conn_recycle_time + identity: + barbican_endpoint: ${barbican:server:host_href} + pkgs: + - glance + services: + - glance-api +{%- if conf.MCP_VCP %} + heat: + server: + <<: *db_conn_recycle_time + metadata: + host: ${_param:openstack_proxy_control_address} + port: 8000 + protocol: http + waitcondition: + host: ${_param:openstack_proxy_control_address} + port: 8000 + protocol: http + watch: + host: ${_param:openstack_proxy_control_address} + port: 8003 + protocol: http + apache: + server: + mod_wsgi: libapache2-mod-wsgi-py3 +{%- else %} + libvirt: + server: + service: libvirtd + config_sys: /etc/default/libvirtd + unix_sock_group: libvirt + linux: + network: + # Add public IPs here as overrides, no need to fork another kvm_pdf.j2 + interface: + br-ex: + address: ${_param:external_address} + proto: static + apache: + server: + bind: + listen_default_ports: false + mod_wsgi: libapache2-mod-wsgi-py3 + # sync from common-ha kvm role + glusterfs: + server: + service: glusterd + volumes: + nova_instances: + storage: /srv/glusterfs/nova_instances + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/nova_instances + - ${_param:cluster_node02_address}:/srv/glusterfs/nova_instances + - ${_param:cluster_node03_address}:/srv/glusterfs/nova_instances + options: + cluster.readdir-optimize: 'True' + nfs.disable: 'True' + network.remote-dio: 'True' + cluster.favorite-child-policy: mtime + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING +{%- endif %} + haproxy: + proxy: + listen: + heat_cloudwatch_api: + enabled: false + barbican: + server: + ks_notifications_enable: true + store: + software: + crypto_plugin: simple_crypto + store_plugin: store_crypto + global_default: true + database: + connection_recycle_time: ${_param:db_connection_recycle_time} + host: ${_param:openstack_database_address} + bind: + server: + control: + mgmt: + enabled: true + bind: + address: ${_param:single_address} + port: 953 + allow: + - ${_param:openstack_control_node01_address} + - ${_param:openstack_control_node02_address} + - ${_param:openstack_control_node03_address} + keys: + - designate + designate: + _support: + sphinx: + enabled: False # Workaround broken meta/sphinx.yml in salt-formula-designate + server: + pools: + default: + description: 'test pool' + targets: + default: + description: 'test target1' + default1: + type: ${_param:designate_pool_target_type} + description: 'test target2' + masters: ${_param:designate_pool_target_masters} + options: + host: ${_param:openstack_control_node02_address} + port: 53 + rndc_host: ${_param:openstack_control_node02_address} + rndc_port: 953 + rndc_key_file: /etc/designate/rndc.key + default2: + type: ${_param:designate_pool_target_type} + description: 'test target3' + masters: ${_param:designate_pool_target_masters} + options: + host: ${_param:openstack_control_node03_address} + port: 53 + rndc_host: ${_param:openstack_control_node03_address} + rndc_port: 953 + rndc_key_file: /etc/designate/rndc.key diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml new file mode 100644 index 000000000..aaa5e65f0 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml @@ -0,0 +1,45 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.keystone.client.single + - system.keystone.client.service.aodh + - system.keystone.client.service.nova21 + - system.keystone.client.service.nova-placement + - system.keystone.client.service.cinder3 + - system.keystone.client.service.designate + - system.keystone.client.service.ceilometer + - system.keystone.client.service.gnocchi + - system.keystone.client.service.panko + - system.keystone.client.service.barbican + - system.keystone.client.v3.service.keystone +parameters: + _param: + ceilometer_endpoint_status: absent + keystone: + client: + enabled: true + resources: + v3: + enabled: true + services: + ceilometer: + status: absent + # required only for Rally validation + cinder: + type: volume + description: OpenStack Volume Service + server: + identity: + admin: + api_version: 3 + admin_identity: + admin: + api_version: '' + user_domain_name: 'Default' + project_domain_name: 'Default' diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_database.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml index 17c4e1cf6..9ed3f70cd 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_database.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,18 +7,20 @@ ############################################################################## --- classes: - - system.linux.system.repo.mcp.openstack - system.galera.server.cluster - system.galera.server.database.aodh - - system.galera.server.database.ceilometer - system.galera.server.database.cinder - system.galera.server.database.designate - system.galera.server.database.glance + - system.galera.server.database.gnocchi - system.galera.server.database.grafana - system.galera.server.database.heat - system.galera.server.database.keystone - system.galera.server.database.nova - system.galera.server.database.neutron + - system.galera.server.database.panko + - system.galera.server.database.barbican + - cluster.all-mcp-arch-common.backports parameters: _param: keepalived_vip_interface: ${_param:single_nic} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_database_init.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database_init.yml index 731fe6ed6..b7d09cfff 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_database_init.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database_init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_init.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 index 8f4edefea..a55485ea0 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_init.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 @@ -1,61 +1,68 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- parameters: _param: - - openstack_version: pike - # openstack service addresses +{%- if conf.MCP_VCP %} openstack_proxy_control_address: ${_param:opnfv_openstack_proxy_control_address} openstack_proxy_node01_control_address: ${_param:opnfv_openstack_proxy_node01_control_address} openstack_proxy_node02_control_address: ${_param:opnfv_openstack_proxy_node02_control_address} +{%- else %} + openstack_proxy_control_address: ${_param:opnfv_openstack_control_address} + openstack_proxy_node01_control_address: ${_param:opnfv_openstack_control_node01_address} + openstack_proxy_node02_control_address: ${_param:opnfv_openstack_control_node03_address} +{%- endif %} + openstack_proxy_address: ${_param:opnfv_openstack_proxy_address} openstack_proxy_node01_address: ${_param:opnfv_openstack_proxy_node01_address} openstack_proxy_node02_address: ${_param:opnfv_openstack_proxy_node02_address} + openstack_control_address: ${_param:opnfv_openstack_control_address} openstack_control_node01_address: ${_param:opnfv_openstack_control_node01_address} openstack_control_node02_address: ${_param:opnfv_openstack_control_node02_address} openstack_control_node03_address: ${_param:opnfv_openstack_control_node03_address} + +{%- if conf.MCP_VCP %} openstack_database_address: ${_param:opnfv_openstack_database_address} openstack_database_node01_address: ${_param:opnfv_openstack_database_node01_address} openstack_database_node02_address: ${_param:opnfv_openstack_database_node02_address} openstack_database_node03_address: ${_param:opnfv_openstack_database_node03_address} + openstack_message_queue_address: ${_param:opnfv_openstack_message_queue_address} openstack_message_queue_node01_address: ${_param:opnfv_openstack_message_queue_node01_address} openstack_message_queue_node02_address: ${_param:opnfv_openstack_message_queue_node02_address} openstack_message_queue_node03_address: ${_param:opnfv_openstack_message_queue_node03_address} - - openstack_telemetry_hostname: mdb - openstack_telemetry_node01_hostname: mdb01 - openstack_telemetry_node02_hostname: mdb02 - openstack_telemetry_node03_hostname: mdb03 - openstack_telemetry_address: ${_param:opnfv_openstack_telemetry_address} openstack_telemetry_node01_address: ${_param:opnfv_openstack_telemetry_node01_address} openstack_telemetry_node02_address: ${_param:opnfv_openstack_telemetry_node02_address} openstack_telemetry_node03_address: ${_param:opnfv_openstack_telemetry_node03_address} +{%- else %} + openstack_database_address: ${_param:openstack_control_address} + openstack_database_node01_address: ${_param:openstack_control_node01_address} + openstack_database_node02_address: ${_param:openstack_control_node02_address} + openstack_database_node03_address: ${_param:openstack_control_node03_address} - # OpenStack Compute - openstack_compute_node01_single_address: ${_param:opnfv_openstack_compute_node01_single_address} - openstack_compute_node02_single_address: ${_param:opnfv_openstack_compute_node02_single_address} - openstack_compute_node03_single_address: ${_param:opnfv_openstack_compute_node03_single_address} - openstack_compute_node01_control_address: ${_param:opnfv_openstack_compute_node01_control_address} - openstack_compute_node02_control_address: ${_param:opnfv_openstack_compute_node02_control_address} - openstack_compute_node03_control_address: ${_param:opnfv_openstack_compute_node03_control_address} - openstack_compute_node01_tenant_address: ${_param:opnfv_openstack_compute_node01_tenant_address} - openstack_compute_node02_tenant_address: ${_param:opnfv_openstack_compute_node02_tenant_address} - openstack_compute_node03_tenant_address: ${_param:opnfv_openstack_compute_node03_tenant_address} - openstack_compute_node01_external_address: ${_param:opnfv_openstack_compute_node01_external_address} - openstack_compute_node02_external_address: ${_param:opnfv_openstack_compute_node02_external_address} + openstack_message_queue_address: ${_param:openstack_control_address} + openstack_message_queue_node01_address: ${_param:openstack_control_node01_address} + openstack_message_queue_node02_address: ${_param:openstack_control_node02_address} + openstack_message_queue_node03_address: ${_param:openstack_control_node03_address} + + openstack_telemetry_address: ${_param:openstack_control_address} + openstack_telemetry_node01_address: ${_param:openstack_control_node01_address} + openstack_telemetry_node02_address: ${_param:openstack_control_node02_address} + openstack_telemetry_node03_address: ${_param:openstack_control_node03_address} +{%- endif %} # openstack service hostnames +{%- if conf.MCP_VCP %} openstack_proxy_hostname: prx openstack_proxy_node01_hostname: prx01 openstack_proxy_node02_hostname: prx02 @@ -71,6 +78,31 @@ parameters: openstack_message_queue_node01_hostname: msg01 openstack_message_queue_node02_hostname: msg02 openstack_message_queue_node03_hostname: msg03 + openstack_telemetry_hostname: mdb + openstack_telemetry_node01_hostname: mdb01 + openstack_telemetry_node02_hostname: mdb02 + openstack_telemetry_node03_hostname: mdb03 +{%- else %} + openstack_proxy_hostname: ${_param:openstack_control_hostname} + openstack_proxy_node01_hostname: ${_param:openstack_control_node01_hostname} + openstack_proxy_node02_hostname: ${_param:openstack_control_node03_hostname} + openstack_control_hostname: kvm + openstack_control_node01_hostname: kvm01 + openstack_control_node02_hostname: kvm02 + openstack_control_node03_hostname: kvm03 + openstack_database_hostname: ${_param:openstack_control_hostname} + openstack_database_node01_hostname: ${_param:openstack_control_node01_hostname} + openstack_database_node02_hostname: ${_param:openstack_control_node02_hostname} + openstack_database_node03_hostname: ${_param:openstack_control_node03_hostname} + openstack_message_queue_hostname: ${_param:openstack_control_hostname} + openstack_message_queue_node01_hostname: ${_param:openstack_control_node01_hostname} + openstack_message_queue_node02_hostname: ${_param:openstack_control_node02_hostname} + openstack_message_queue_node03_hostname: ${_param:openstack_control_node03_hostname} + openstack_telemetry_hostname: ${_param:openstack_control_hostname} + openstack_telemetry_node01_hostname: ${_param:openstack_control_node01_hostname} + openstack_telemetry_node02_hostname: ${_param:openstack_control_node02_hostname} + openstack_telemetry_node03_hostname: ${_param:openstack_control_node03_hostname} +{%- endif %} # openstack compute openstack_compute_node01_hostname: cmp001 @@ -78,9 +110,9 @@ parameters: openstack_region: RegionOne admin_email: root@localhost + db_connection_recycle_time: 300 # Neutron osv/nodvr neutron_control_dvr: 'False' - neutron_l3_ha: 'True' neutron_global_physnet_mtu: 1500 neutron_external_mtu: 1500 neutron_gateway_dvr: 'False' @@ -89,67 +121,46 @@ parameters: neutron_compute_agent_mode: legacy neutron_compute_external_access: 'True' galera_server_cluster_name: openstack_cluster - galera_server_maintenance_password: opnfv_secret - galera_server_admin_password: opnfv_secret - rabbitmq_secret_key: opnfv_secret - rabbitmq_admin_password: opnfv_secret - rabbitmq_openstack_password: opnfv_secret glance_version: ${_param:openstack_version} glance_service_host: ${_param:openstack_control_address} keystone_version: ${_param:openstack_version} keystone_service_host: ${_param:openstack_control_address} heat_version: ${_param:openstack_version} heat_service_host: ${_param:openstack_control_address} - heat_domain_admin_password: opnfv_secret cinder_version: ${_param:openstack_version} cinder_service_host: ${_param:openstack_control_address} ceilometer_version: ${_param:openstack_version} ceilometer_service_host: ${_param:openstack_telemetry_address} - ceilometer_influxdb_password: opnfv_secret nova_version: ${_param:openstack_version} nova_service_host: ${_param:openstack_control_address} neutron_version: ${_param:openstack_version} neutron_service_host: ${_param:openstack_control_address} +{%- if conf.MCP_VCP %} glusterfs_service_host: ${_param:infra_kvm_address} +{%- else %} + glusterfs_service_host: ${_param:openstack_control_address} +{%- endif %} mysql_admin_user: root - mysql_admin_password: opnfv_secret - mysql_cinder_password: opnfv_secret - mysql_ceilometer_password: opnfv_secret - mysql_glance_password: opnfv_secret - mysql_grafana_password: opnfv_secret - mysql_heat_password: opnfv_secret - mysql_keystone_password: opnfv_secret - mysql_neutron_password: opnfv_secret - mysql_nova_password: opnfv_secret - mysql_aodh_password: opnfv_secret - mysql_designate_password: opnfv_secret aodh_version: ${_param:openstack_version} - keystone_aodh_password: opnfv_secret - keystone_service_token: opnfv_secret - keystone_admin_password: opnfv_secret - keystone_ceilometer_password: opnfv_secret - keystone_cinder_password: opnfv_secret - keystone_glance_password: opnfv_secret - keystone_heat_password: opnfv_secret - keystone_keystone_password: opnfv_secret - keystone_neutron_password: opnfv_secret - keystone_nova_password: opnfv_secret - keystone_designate_password: opnfv_secret - ceilometer_secret_key: opnfv_secret + barbican_version: ${_param:openstack_version} + barbican_service_host: ${_param:openstack_control_address} + apache_barbican_api_address: ${_param:single_address} + barbican_integration_enabled: true horizon_version: ${_param:openstack_version} - horizon_secret_key: opaesee8Que2yahJoh9fo0eefo1Aeyo6ahyei8zeiboh3aeth5loth7ieNa5xi5e horizon_identity_host: ${_param:openstack_control_address} horizon_identity_encryption: none horizon_identity_version: 3 - mongodb_server_replica_set: ceilometer - mongodb_ceilometer_password: opnfv_secret - mongodb_admin_password: opnfv_secret - mongodb_shared_key: eoTh1AwahlahqueingeejooLughah4tei9feing0eeVaephooDi2li1TaeV1ooth - metadata_password: opnfv_secret - openstack_telemetry_keepalived_password: opnfv_secret + apache_mods_status_enabled: false + nginx_server_site_nginx_proxy_openstack_web_enabled: true aodh_service_host: ${_param:openstack_telemetry_address} + gnocchi_version: 4.3 + gnocchi_service_host: ${_param:openstack_telemetry_address} + panko_version: ${_param:openstack_version} + panko_service_host: ${_param:openstack_telemetry_address} + ceilometer_agent_default_polling_interval: 180 + ceilometer_agent_default_polling_meters: + - "*" designate_service_host: ${_param:openstack_control_address} - designate_bind9_rndc_key: 4pc+X4PDqb2q+5o72dISm72LM1Ds9X2EYZjqg+nmsS7FhdTwzFFY8l/iEDmHxnyjkA33EQC8H+z0fLLBunoitw== designate_domain_id: 5186883b-91fb-4891-bd49-e6769234a8fc designate_pool_ns_records: - hostname: 'ns1.example.org.' @@ -187,19 +198,34 @@ parameters: # billometer_identity_token: ${_param:keystone_service_token} linux: system: +{%- if 'aarch64' in nm.cluster.arch %} repo: - uca: - source: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/${_param:openstack_version} main" - architectures: amd64 - key_id: EC4926EA - key_server: keyserver.ubuntu.com + armband_3: # Should be in sync with the repo config generated via curtin/MaaS + source: "deb http://linux.enea.com/mcp-repos/${_param:armband_repo_version}/xenial ${_param:armband_repo_version}-armband main" + key: ${_param:armband_key} + pinning: + 15: + enabled: true + pin: 'release a=${_param:armband_repo_version}-armband' + priority: 15 + package: '*' + 1200: + enabled: true + pin: 'release a=${_param:armband_repo_version}-armband' + priority: 1200 + package: 'qemu-efi' +{%- endif %} kernel: sysctl: net.ipv4.tcp_congestion_control: yeah net.ipv4.tcp_slow_start_after_idle: 0 net.ipv4.tcp_fin_timeout: 30 + package: + python-tornado: + version: latest network: host: +{%- if conf.MCP_VCP %} prx: address: ${_param:openstack_proxy_control_address} names: @@ -295,13 +321,35 @@ parameters: names: - ${_param:openstack_telemetry_node03_hostname} - ${_param:openstack_telemetry_node03_hostname}.${_param:cluster_domain} - cmp001: - address: ${_param:openstack_compute_node01_control_address} +{%- else %} + kvm: + address: ${_param:openstack_control_address} + names: + - ${_param:openstack_control_hostname} + - ${_param:openstack_control_hostname}.${_param:cluster_domain} + kvm01: + address: ${_param:openstack_control_node01_address} + names: + - ${_param:openstack_control_node01_hostname} + - ${_param:openstack_control_node01_hostname}.${_param:cluster_domain} + kvm02: + address: ${_param:openstack_control_node02_address} + names: + - ${_param:openstack_control_node02_hostname} + - ${_param:openstack_control_node02_hostname}.${_param:cluster_domain} + kvm03: + address: ${_param:openstack_control_node03_address} names: - - ${_param:openstack_compute_node01_hostname} - - ${_param:openstack_compute_node01_hostname}.${_param:cluster_domain} - cmp002: - address: ${_param:openstack_compute_node02_control_address} + - ${_param:openstack_control_node03_hostname} + - ${_param:openstack_control_node03_hostname}.${_param:cluster_domain} +{%- endif %} +{#- For compute nodes, expand values in-place, bypassing reclass param expansion #} +{%- for cmp in range(1, nm.cmp_nodes + 1) %} + {%- set h = 'cmp%03d' | format(cmp) %} + {%- set mgmt = nm.net_mgmt_hosts | length + nm.start_ip[nm.net_mgmt] + loop.index %} + {{ h }}: + address: {{ nm.net_mgmt | ipnet_hostaddr(mgmt) }} names: - - ${_param:openstack_compute_node02_hostname} - - ${_param:openstack_compute_node02_hostname}.${_param:cluster_domain} + - {{ h }} + - {{ h }}.${_param:cluster_domain} +{%- endfor %} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_interface_vcp_triport.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 index 146e54575..3b302aca8 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_interface_vcp_triport.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_biport.yml.j2 @@ -1,42 +1,41 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- +{%- if conf.MCP_VCP %} classes: - - cluster.baremetal-mcp-pike-common-ha.include.proxy + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf parameters: _param: - dhcp_nic: ${_param:opnfv_vcp_vm_primary_interface} + pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface} single_nic: ${_param:opnfv_vcp_vm_secondary_interface} - control_nic: ${_param:opnfv_vcp_vm_tertiary_interface} linux: network: interface: - dhcp_int: + pxe_admin: enabled: true type: eth - proto: dhcp - name: ${_param:dhcp_nic} - single_int: + proto: static + name: ${_param:pxe_admin_interface} + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} + noifupdown: true + mtu: ${_param:interface_mtu} + single: enabled: true type: eth proto: static name: ${_param:single_nic} address: ${_param:single_address} - netmask: 255.255.255.0 - route: - public: - address: 0.0.0.0 - netmask: 0.0.0.0 - gateway: ${_param:opnfv_net_public_gw} - control_int: - enabled: true - type: eth - proto: static - name: ${_param:control_nic} - address: ${_param:control_address} - netmask: 255.255.255.0 + netmask: ${_param:opnfv_net_public_mask} + mtu: ${_param:interface_mtu} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 new file mode 100644 index 000000000..8815de99b --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_interface_vcp_triport.yml.j2 @@ -0,0 +1,60 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +--- +{%- if conf.MCP_VCP %} +classes: + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf +parameters: + _param: + pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface} + single_nic: ${_param:opnfv_vcp_vm_secondary_interface} + control_nic: ${_param:opnfv_vcp_vm_tertiary_interface} + linux: + network: + interface: + pxe_admin: + enabled: true + type: eth + proto: static + name: ${_param:pxe_admin_interface} + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + noifupdown: true + mtu: ${_param:interface_mtu} + single_int: + enabled: true + type: eth + proto: static + name: ${_param:single_nic} + address: ${_param:single_address} + netmask: ${_param:opnfv_net_public_mask} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + mtu: ${_param:interface_mtu} + control_int: + enabled: true + type: eth + proto: static + name: ${_param:control_nic} + address: ${_param:control_address} + netmask: ${_param:opnfv_net_mgmt_mask} + mtu: ${_param:interface_mtu} +{%- else %} +{#- For NOVCP scenarios, base config is in kvm_pdf, only add/override gw #} +parameters: + linux: + network: + interface: + br-ex: + proto: static + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_message_queue.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_message_queue.yml index 13f8e5a13..1871c2efa 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/openstack_message_queue.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_message_queue.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,9 +7,9 @@ ############################################################################## --- classes: - - system.linux.system.repo.mcp.openstack - system.rabbitmq.server.cluster - system.rabbitmq.server.vhost.openstack + - cluster.all-mcp-arch-common.backports parameters: _param: keepalived_vip_interface: ${_param:single_nic} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 new file mode 100644 index 000000000..31bfeddb4 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 @@ -0,0 +1,100 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.nginx.server.single + - system.nginx.server.proxy.openstack_api + - system.nginx.server.proxy.openstack_vnc + - system.nginx.server.proxy.openstack_web + - system.nginx.server.proxy.openstack.aodh + - system.nginx.server.proxy.openstack.barbican + - system.apache.server.single + - system.horizon.server.single + - system.salt.minion.cert.proxy + - system.sphinx.server.doc.reclass + - service.keepalived.cluster.single + - system.keepalived.cluster.instance.openstack_web_public_vip + - cluster.all-mcp-arch-common.backports +parameters: + _param: + cluster_vip_address: ${_param:openstack_proxy_address} + keepalived_openstack_web_public_vip_address: ${_param:cluster_vip_address} + keepalived_openstack_web_public_vip_interface: ${_param:single_nic} + keepalived_openstack_web_public_vip_password: ${_param:opnfv_main_password} + keepalived_vip_address: ${_param:openstack_proxy_control_address} + keepalived_vip_interface: ${_param:control_nic} + keepalived_vip_virtual_router_id: 240 + nginx_proxy_ssl: + enabled: true + authority: ${_param:salt_minion_ca_authority} + engine: salt + mode: secure + salt_minion_ca_host: cfg01.${_param:cluster_domain} + linux: + system: + package: + libapache2-mod-wsgi: + version: latest +{%- if not conf.MCP_VCP %} + nginx: + server: + # NOTE(armband): Define host.address for all proxies for uniformity + site: + nginx_proxy_novnc: &nginx_openstack_proxy_address + host: + address: ${_param:openstack_proxy_address} + nginx_proxy_openstack_api_aodh: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_cinder: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_glance: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_heat: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_heat_cfn: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_heat_cloudwatch: + <<: *nginx_openstack_proxy_address + enabled: false + nginx_proxy_openstack_api_keystone: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_keystone_private: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_neutron: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_api_nova: + <<: *nginx_openstack_proxy_address + nginx_proxy_openstack_web: + <<: *nginx_openstack_proxy_address + nginx_ssl_redirect_openstack_web: + <<: *nginx_openstack_proxy_address + nginx_static_reclass_doc: + <<: *nginx_openstack_proxy_address +{%- else %} + nginx: + server: + site: + nginx_proxy_openstack_api_heat_cloudwatch: + enabled: false +{%- endif %} + salt: + minion: + cert: + proxy: + alternative_names: "IP:${_param:openstack_proxy_address}" + key_usage: 'digitalSignature, keyEncipherment' + keepalived: + cluster: + vrrp_scripts: + check_pidof: + args: 'nginx' + apache: + server: + mod_wsgi: libapache2-mod-wsgi-py3 + bind: + listen_default_ports: false diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 new file mode 100644 index 000000000..776e520d2 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 @@ -0,0 +1,101 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - service.redis.server.single + - system.ceilometer.server.cluster + - system.ceilometer.server.coordination.redis + - system.ceilometer.server.backend.default + - system.aodh.server.cluster + - system.aodh.server.coordination.redis + - system.memcached.server.single + - system.apache.server.single + - system.apache.server.site.gnocchi + - system.apache.server.site.panko + - system.gnocchi.server.cluster + - system.gnocchi.common.storage.incoming.redis + - system.gnocchi.common.storage.redis + - system.gnocchi.common.coordination.redis + - system.panko.server.cluster + - cluster.all-mcp-arch-common.backports +parameters: + _param: + keepalived_openstack_telemetry_vip_interface: ${_param:single_nic} + keepalived_vip_virtual_router_id: 230 + cluster_vip_address: ${_param:openstack_telemetry_address} + cluster_local_address: ${_param:single_address} + cluster_node01_hostname: ${_param:openstack_telemetry_node01_hostname} + cluster_node01_address: ${_param:openstack_telemetry_node01_address} + cluster_node02_hostname: ${_param:openstack_telemetry_node02_hostname} + cluster_node02_address: ${_param:openstack_telemetry_node02_address} + cluster_node03_hostname: ${_param:openstack_telemetry_node03_hostname} + cluster_node03_address: ${_param:openstack_telemetry_node03_address} + redis_sentinel_node01_address: ${_param:openstack_telemetry_node01_address} + redis_sentinel_node02_address: ${_param:openstack_telemetry_node02_address} + redis_sentinel_node03_address: ${_param:openstack_telemetry_node03_address} + # yamllint disable-line rule:line-length + openstack_telemetry_redis_url: redis://${_param:redis_sentinel_node01_address}:26379?sentinel=master_1&sentinel_fallback=${_param:redis_sentinel_node02_address}:26379&sentinel_fallback=${_param:redis_sentinel_node03_address}:26379 + gnocchi_coordination_url: ${_param:openstack_telemetry_redis_url} + gnocchi_storage_incoming_redis_url: ${_param:openstack_telemetry_redis_url} + linux: + system: + sysfs: + transparent_hugepages: + kernel/mm/transparent_hugepage/enabled: never + redis: + server: + version: 5.0 + appendfsync: 'no' + bind: + address: ${_param:single_address} + cluster: + enabled: true + mode: sentinel + password: ${_param:opnfv_main_password} + role: ${_param:redis_cluster_role} + quorum: 2 + master: + host: ${_param:cluster_node01_address} + port: 6379 + sentinel: + address: ${_param:single_address} + gnocchi: + common: + database: + host: ${_param:openstack_database_address} + server: + pkgs: + - gnocchi-api + - gnocchi-metricd + - python-memcache + apache: + server: + mod_wsgi: libapache2-mod-wsgi-py3 + ~modules: + - rewrite +{%- if conf.MCP_VCP %} {#- wsgi module will be enabled by a different class inherited later #} + - wsgi +{%- endif %} + site: + gnocchi: + wsgi: + threads: 1 + panko: + server: &db_conn_recycle_time + database: + connection_recycle_time: ${_param:db_connection_recycle_time} + aodh: + server: + <<: *db_conn_recycle_time + coordination_backend: + url: ${_param:openstack_telemetry_redis_url} + ceilometer: + server: + ~database: ~ + coordination_backend: + url: ${_param:openstack_telemetry_redis_url} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/haproxy_openstack_api.yml b/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml index 649b75c8c..dd3bc4761 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/haproxy_openstack_api.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,7 +8,7 @@ --- parameters: _param: - haproxy_check: check inter 15s fastinter 2s downinter 4s rise 3 fall 3 + haproxy_check: check inter 30m fastinter 2s downinter 4s rise 3 fall 3 haproxy: proxy: listen: @@ -45,28 +45,6 @@ parameters: host: ${_param:cluster_node01_address} port: 9191 params: ${_param:haproxy_check} - glare: - type: general-service - service_name: glare - binds: - - address: ${_param:cluster_vip_address} - port: 9494 - servers: - - name: ctl01 - host: ${_param:cluster_node01_address} - port: 9494 - params: ${_param:haproxy_check} - heat_cloudwatch_api: - type: openstack-service - service_name: heat - binds: - - address: ${_param:cluster_vip_address} - port: 8003 - servers: - - name: ctl01 - host: ${_param:cluster_node01_address} - port: 8003 - params: ${_param:haproxy_check} heat_api: type: openstack-service service_name: heat @@ -123,34 +101,15 @@ parameters: port: 9696 params: ${_param:haproxy_check} nova_placement_api: - mode: http + type: openstack-service binds: - address: ${_param:cluster_vip_address} port: 8778 - options: - - httpclose - - httplog - health-check: - http: - options: - - expect status 401 servers: - name: ctl01 host: ${_param:cluster_node01_address} port: 8778 params: ${_param:haproxy_check} - nova_ec2_api: - type: general-service - service_name: nova - check: false - binds: - - address: ${_param:cluster_vip_address} - port: 8773 - servers: - - name: ctl01 - host: ${_param:cluster_node01_address} - port: 8773 - params: ${_param:haproxy_check} nova_api: type: openstack-service service_name: nova @@ -172,25 +131,36 @@ parameters: host: ${_param:cluster_node01_address} port: 8775 params: ${_param:haproxy_check} - ceilometer_api: - type: general-service - check: false + aodh-api: + type: openstack-service + service_name: aodh binds: - address: ${_param:cluster_vip_address} - port: 8777 + port: 8042 servers: - - name: ${_param:cluster_node01_hostname} + - name: ctl01 host: ${_param:cluster_node01_address} - port: 8777 + port: 8042 params: ${_param:haproxy_check} - aodh-api: + barbican_api: type: openstack-service - service_name: aodh + service_name: barbican binds: - address: ${_param:cluster_vip_address} - port: 8042 + port: 9311 servers: - name: ctl01 host: ${_param:cluster_node01_address} - port: 8042 + port: 9311 + params: ${_param:haproxy_check} + barbican_admin_api: + type: openstack-service + service_name: barbican + binds: + - address: ${_param:cluster_vip_address} + port: 9312 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9312 params: ${_param:haproxy_check} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/infra/config.yml.j2 new file mode 100644 index 000000000..90e6ffc8d --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-noha/infra/config.yml.j2 @@ -0,0 +1,36 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - cluster.all-mcp-arch-common.infra.config_pdf +parameters: + _param: + openstack_control_node01_hostname: ctl01 + pxe_admin_address: ${_param:reclass_config_master} + single_address: ${_param:opnfv_infra_config_address} + salt_master_host: 127.0.0.1 + salt_minion_ca_host: ${linux:network:fqdn} + salt: + master: + file_recv: true + worker_threads: 4 + command_timeout: 20 + reclass: + storage: + node: + openstack_control_node01: + name: ${_param:openstack_control_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.control + params: + linux_system_codename: bionic + salt_master_host: ${_param:reclass_config_master} + single_address: ${_param:openstack_control_node01_address} + pxe_admin_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/infra/init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/infra/init.yml.j2 new file mode 100644 index 000000000..d3e07e106 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-noha/infra/init.yml.j2 @@ -0,0 +1,48 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - cluster.all-mcp-arch-common +parameters: + _param: + # infra service addresses + infra_config_address: ${_param:opnfv_infra_config_address} + infra_config_deploy_address: {{ conf.SALT_MASTER }} + cluster_domain: ${_param:cluster_name}.local + reclass_config_master: ${_param:opnfv_infra_config_pxe_admin_address} + infra_maas_node01_hostname: mas01 + infra_maas_node01_address: ${_param:opnfv_infra_maas_node01_address} + infra_maas_node01_deploy_address: ${_param:opnfv_infra_maas_node01_deploy_address} + linux: + system: + apt: + config: + prefer_ipv4: + Acquire::ForceIPv4: true + allow_downgrades: + APT::Get::allow-downgrades: true + network: + host: + cfg01: + address: ${_param:opnfv_infra_config_address} + names: + - cfg01 + - cfg01.${_param:cluster_domain} + cfg: + address: ${_param:opnfv_infra_config_address} + names: + - cfg + - cfg.${_param:cluster_domain} +{%- if nm.cluster.has_baremetal_nodes %} + mas01: + address: ${_param:infra_maas_node01_address} + names: + - ${_param:infra_maas_node01_hostname} + - ${_param:infra_maas_node01_hostname}.${_param:cluster_domain} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/init_options.yml b/mcp/reclass/classes/cluster/mcp-common-noha/init_options.yml index 9540b9436..4b5a4dec8 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/init_options.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/init_options.yml @@ -1,26 +1,24 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- +classes: + - cluster.all-mcp-arch-common parameters: _param: - # infra service addresses - infra_config_address: 172.16.10.100 # openstack service addresses - openstack_control_address: 172.16.10.101 - openstack_control_node01_address: 172.16.10.101 - openstack_control_node02_address: 172.16.10.102 - openstack_control_node03_address: 172.16.10.103 + openstack_control_address: ${_param:opnfv_openstack_control_node01_address} + openstack_control_node01_address: ${_param:opnfv_openstack_control_node01_address} + openstack_control_node02_address: ${_param:opnfv_openstack_control_node02_address} + openstack_control_node03_address: ${_param:opnfv_openstack_control_node03_address} openstack_database_address: ${_param:openstack_control_address} openstack_message_queue_address: ${_param:openstack_control_address} openstack_message_queue_node01_address: ${_param:openstack_control_node01_address} openstack_message_queue_node02_address: ${_param:openstack_control_node02_address} openstack_message_queue_node03_address: ${_param:openstack_control_node03_address} - openstack_gateway_address: 172.16.10.110 + openstack_gateway_address: ${_param:opnfv_openstack_gateway_node01_address} control_address: ${_param:openstack_control_address} - ntp_strata_host1: 1.se.pool.ntp.org - ntp_strata_host2: 0.se.pool.ntp.org diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml index da933dc27..edaf5190a 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_compute.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,7 +7,6 @@ ############################################################################## --- classes: - - system.linux.storage.loopback - service.nfs.client - system.nova.compute.single - service.cinder.volume.single @@ -15,28 +14,40 @@ classes: - system.ceilometer.agent.cluster - system.ceilometer.client.nova_compute - system.ceilometer.client.cinder_volume + - system.ceilometer.agent.polling.default + - service.barbican.client.single + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-noha.openstack_compute_pdf parameters: - _param: - primary_interface: ${_param:opnfv_fn_vm_secondary_interface} - tenant_interface: ${_param:opnfv_fn_vm_tertiary_interface} - external_interface: ${_param:opnfv_fn_vm_quaternary_interface} - interface_mtu: 9000 - linux_system_codename: xenial - loopback_device_size: 20 nova: compute: libvirt_service: libvirtd libvirt_bin: /etc/default/libvirtd + disk_cachemodes: file=directsync,block=none vncproxy_url: http://${_param:cluster_vip_address}:6080 + heal_instance_info_cache_interval: 300 + bind: + vnc_address: ${_param:single_address} network: region: ${_param:openstack_region} user: neutron tenant: service password: ${_param:keystone_neutron_password} + barbican: + enabled: ${_param:barbican_integration_enabled} + image: + verify_glance_signatures: false + pkgs: + - nova-compute + - python3-novaclient + - pm-utils + - sysfsutils neutron: compute: notification: true vlan_aware_vms: true + root_helper_daemon: false + report_interval: 120 agent_mode: ${_param:neutron_compute_agent_mode} message_queue: host: ${_param:openstack_control_address} @@ -44,6 +55,11 @@ parameters: host: ${_param:openstack_control_address} cinder: volume: + backend: + lvm-driver: + # Align system.cinder.volume.backend.lvm and MaaS data + volume_group: ${linux:storage:lvm:cinder-vg:name} + my_ip: ${_param:single_address} database: host: ${_param:cluster_local_address} identity: @@ -52,6 +68,13 @@ parameters: host: ${_param:cluster_local_address} message_queue: host: ${_param:cluster_local_address} + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - cinder-volume + openiscsi_services: + - tgt + - iscsid nfs: client: mount: @@ -60,36 +83,13 @@ parameters: fstype: nfs device: ${_param:openstack_control_address}:/srv/nova/instances linux: + storage: + lvm: + # Align with both system.cinder.volume.backend.lvm and MaaS data + cinder-vg: + name: vgroot system: kernel: sysctl: vm.dirty_ratio: 10 vm.dirty_background_ratio: 5 - network: - bridge: openvswitch - interface: - dhcp_int: - enabled: true - name: ${_param:opnfv_fn_vm_primary_interface} - proto: dhcp - type: eth - mtu: ${_param:interface_mtu} - primary_interface: - enabled: true - name: ${_param:primary_interface} - proto: manual - type: eth - tenant_interface: - enabled: true - name: ${_param:tenant_interface} - mtu: ${_param:interface_mtu} - proto: manual - type: eth - br-mgmt: - enabled: true - type: bridge - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 - use_interfaces: - - ${_param:primary_interface} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute_pdf.yml.j2 new file mode 100644 index 000000000..b63555339 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute_pdf.yml.j2 @@ -0,0 +1,76 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.cmp001.nic_mgmt: True, nm.cmp001.nic_private: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.cmp001.nic_mgmt } %} +{%- if '-ovs-' not in conf.MCP_DEPLOY_SCENARIO and '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +{%- do vlans.update({ vlan_private_start: nm.cmp001.nic_private }) %} +{%- endif %} +--- +parameters: + _param: + # Should later be determined via PDF/IDF, AArch64 has ESP on /dev/sda1 +{%- if nm.cmp001.idx < conf.nodes | length %} +{%- if conf.nodes[nm.cmp001.idx].node.type == 'virtual' %} + ~cinder_lvm_devices: ['/dev/vdb'] +{%- elif conf.nodes[nm.cmp001.idx].node.arch == 'aarch64' or + conf.nodes[nm.cmp001.idx].disks.0.disk_capacity | storage_size_num | float > 2000000000000 %} + ~cinder_lvm_devices: ['/dev/sda2'] +{%- else %} + ~cinder_lvm_devices: ['/dev/sda1'] +{%- endif %} +{%- endif %} + linux: + network: +{%- if '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} + ovs_nowait: true + bridge: openvswitch +{%- else %} + dpdk: + enabled: true + driver: "${_param:compute_dpdk_driver}" + vpp: + enabled: true + decimal_interface_names: true + # Reuse ovs-dpdk socket mem configuration from IDF + dpdk_socket_mem: ${_param:compute_ovs_dpdk_socket_mem} + main_core: ${linux:system:kernel:isolcpu} + gid: 'neutron' +{%- endif %} + interface: + pxe_admin_int: + enabled: true + name: ${_param:pxe_admin_interface} + proto: static + type: eth + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + mtu: ${_param:interface_mtu} + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.cmp001.nic_admin in nics %} + {%- do nics.pop(nm.cmp001.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-mgmt: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_mgmt, nm.vlan_mgmt) }} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 new file mode 100644 index 000000000..e383edd16 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml.j2 @@ -0,0 +1,247 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.linux.system.lowmem + - service.nfs.server + - system.ceilometer.client + - system.ceilometer.client.neutron + - system.memcached.server.single + - system.rabbitmq.server.single + - system.rabbitmq.server.vhost.openstack + - system.keystone.server.wsgi + - system.keystone.server.single + - system.keystone.client.single + - system.keystone.client.v3.service.keystone + - system.keystone.client.service.nova21 + - system.keystone.client.service.nova-placement + - system.keystone.client.service.cinder3 + - system.keystone.client.service.ceilometer + - system.keystone.client.service.aodh + - system.keystone.client.service.gnocchi + - system.keystone.client.service.panko + - system.keystone.client.service.barbican + - system.glance.control.single + - system.nova.control.single + - system.cinder.control.single + - system.cinder.control.backend.lvm + - system.heat.server.single + - service.mysql.server.single + - system.galera.server.database.cinder + - system.galera.server.database.glance + - system.galera.server.database.neutron + - system.galera.server.database.heat + - system.galera.server.database.keystone + - system.galera.server.database.nova + - system.galera.server.database.aodh + - system.galera.server.database.gnocchi + - system.galera.server.database.panko + - system.galera.server.database.barbican + - system.barbican.server.single + - service.barbican.server.plugin.simple_crypto + - service.redis.server.single + - service.ceilometer.server.single + - system.ceilometer.server.backend.default + - system.aodh.server.single + - system.gnocchi.server.single + - service.panko.server.single + - system.apache.server.site.aodh + - system.apache.server.site.gnocchi + - system.apache.server.site.panko + - system.apache.server.site.barbican + - system.apache.server.single + - system.horizon.server.single + - system.nginx.server.single + - system.nginx.server.proxy.openstack_web + - service.haproxy.proxy.single +{%- if '-sfc-' in conf.MCP_DEPLOY_SCENARIO %} + - system.keystone.client.service.tacker + - system.galera.server.database.tacker + - service.tacker.server.single +{%- endif %} + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-noha.haproxy_openstack_api + - cluster.mcp-common-noha.openstack_control_pdf +parameters: + _param: + ceilometer_create_gnocchi_resources: 'True' + ceilometer_endpoint_status: absent + barbican_integration_enabled: 'false' + linux: + system: + package: + python-msgpack: + version: latest + sysfs: + transparent_hugepages: + kernel/mm/transparent_hugepage/enabled: never + keystone: + server: + admin_email: ${_param:admin_email} + openrc_extra: + volume_device_name: sdc + pkgs: + - keystone + - python3-memcache + - python3-openstackclient + client: + enabled: true + resources: + v3: + enabled: true + services: + ceilometer: + status: absent + # required only for Rally validation + cinder: + type: volume + description: OpenStack Volume Service + server: + identity: + admin: + api_version: 3 + admin_identity: + admin: + api_version: '' + user_domain_name: 'Default' + project_domain_name: 'Default' + glance: + server: + storage: + engine: file + images: [] + workers: 1 + barbican: + enabled: ${_param:barbican_integration_enabled} + identity: + barbican_endpoint: ${barbican:server:host_href} + pkgs: + - glance + services: + - glance-api + cinder: + controller: + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - cinder-api + - cinder-scheduler + nova: + controller: + metadata: + password: ${_param:metadata_password} + bind: + private_address: ${_param:cluster_local_address} + public_address: ${_param:cluster_vip_address} + novncproxy_port: 6080 + vncproxy_url: http://${_param:cluster_vip_address}:6080 + workers: 1 + barbican: + enabled: ${_param:barbican_integration_enabled} + pkgs: + - nova-api + - nova-conductor + - nova-consoleauth + - nova-scheduler + - nova-novncproxy + - python3-novaclient + horizon: + server: + # yamllint disable-line rule:truthy + secure: False + heat: + server: + bind: + api_cfn: + address: ${_param:single_address} + api_cloudwatch: + address: ${_param:single_address} + mysql: + server: + version: '5.7' + bind: + address: ${_param:cluster_local_address} + key_buffer: 8 + max_allowed_packet: 128 + max_connections: 2048 + thread_stack: 512 + thread_cache_size: 12 + query_cache_limit: 2 + query_cache_size: 0 + ceilometer: + server: + ~database: ~ + redis: + server: + version: 5.0 + appendfsync: 'no' + bind: + address: ${_param:single_address} + gnocchi: + common: + storage: + driver: redis + redis_url: redis://${_param:single_address}:6379 + incoming: + driver: redis + redis_url: redis://${_param:single_address}:6379 + nfs: + server: + share: + nova_instances: + path: /srv/nova/instances + host: + nova: + host: ${_param:single_address}/${_param:opnfv_net_mgmt_mask} + params: + - rw + - no_root_squash + - async + neutron: + server: + vlan_aware_vms: true + root_helper_daemon: false + agent_down_time: 300 + global_physnet_mtu: ${_param:interface_mtu} + backend: + external_mtu: ${_param:interface_mtu} +{%- if '-bgpvpn-' in conf.MCP_DEPLOY_SCENARIO %} + bgp_vpn: + enabled: True + driver: opendaylight_v2 +{%- endif %} + apache: + server: + bind: + listen_default_ports: false + site: + gnocchi: &wsgi_threads + wsgi: + threads: 1 + barbican: + <<: *wsgi_threads + barbican_admin: + <<: *wsgi_threads + mod_wsgi: libapache2-mod-wsgi-py3 + barbican: + server: + ks_notifications_enable: true + store: + software: + crypto_plugin: simple_crypto + store_plugin: store_crypto + global_default: true + rabbitmq: + server: + env_variables: + hostname: localhost + nginx: + server: + site: + nginx_ssl_redirect_openstack_web: + enabled: false diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control_pdf.yml.j2 new file mode 100644 index 000000000..06df3b845 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control_pdf.yml.j2 @@ -0,0 +1,56 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.ctl01.nic_mgmt: True, nm.ctl01.nic_public: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %} +--- +parameters: + linux: + network: + interface: + pxe_admin_int: + enabled: true + name: {{ nm.ctl01.nic_admin }} + proto: static + type: eth + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + mtu: ${_param:interface_mtu} + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.ctl01.nic_admin in nics %} + {%- do nics.pop(nm.ctl01.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-ctl: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + noifupdown: true + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} + br-ext: + enabled: true + type: bridge + proto: static + address: ${_param:cluster_public_host} + netmask: ${_param:opnfv_net_public_mask} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + noifupdown: true diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway.yml index 2cbb8cae9..e59263c99 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/control.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,12 +7,14 @@ ############################################################################## --- classes: - - system.neutron.control.opendaylight.cluster - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_control - - cluster.baremetal-mcp-pike-odl-ha.infra + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-noha.openstack_gateway_pdf parameters: neutron: - server: - backend: - router: ${_param:opendaylight_router} + gateway: + notification: true + agent_mode: ${_param:neutron_gateway_agent_mode} + vlan_aware_vms: true + root_helper_daemon: false + dhcp_lease_duration: 3600 + report_interval: 120 diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 new file mode 100644 index 000000000..00d8fbd8c --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 @@ -0,0 +1,92 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.ctl01.nic_mgmt: True, nm.ctl01.nic_private: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.ctl01.nic_mgmt } %} +{%- if '-fdio-' in conf.MCP_DEPLOY_SCENARIO %} +{%- do nics.update({ nm.ctl01.nic_public: True }) %} +{%- do vlans.update({ nm.vlan_public: nm.ctl01.nic_public }) %} +{%- elif '-ovs-' not in conf.MCP_DEPLOY_SCENARIO %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +{%- do vlans.update({ vlan_private_start: nm.ctl01.nic_private }) %} +{%- endif %} +parameters: + linux: + network: +{%- if '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} +{%- set floating_br_type = 'ovs_bridge' %} + bridge: openvswitch +{%- else %} +{%- set floating_br_type = 'bridge' %} + vpp: + enabled: true + decimal_interface_names: true + # Reuse ovs-dpdk socket mem configuration from IDF + dpdk_socket_mem: ${_param:compute_ovs_dpdk_socket_mem} + main_core: ${linux:system:kernel:isolcpu} + gid: 'neutron' + commands: | + create tap host-if-name vpp_ext_tap host-bridge br-floating rx-ring-size 1024 tx-ring-size 1024 + set interface state ${_param:external_vpp_tap} up + dpdk: + enabled: true + driver: "${_param:compute_dpdk_driver}" +{%- endif %} + interface: + pxe_admin_int: + enabled: true + name: {{ nm.ctl01.nic_admin }} + proto: static + type: eth + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + mtu: ${_param:interface_mtu} + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.ctl01.nic_admin in nics %} + {%- do nics.pop(nm.ctl01.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + +{%- if '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} + {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }}: + enabled: true + mtu: ${_param:interface_mtu} + proto: manual + ovs_port_type: OVSPort + type: ovs_port + ovs_bridge: br-floating + bridge: br-floating +{%- endif %} + br-floating: + enabled: true + type: {{ floating_br_type }} + proto: static + address: ${_param:external_address} + netmask: ${_param:opnfv_net_public_mask} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + noifupdown: true + br-mgmt: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + mtu: ${_param:interface_mtu} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_init.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2 index 89b06fb7e..3f3ff0ab8 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_init.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2 @@ -1,20 +1,18 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- parameters: _param: - openstack_version: pike - apt_mk_version: nightly - mcp_repo_version: 1.1 openstack_region: RegionOne admin_email: root@localhost cluster_public_protocol: http - cluster_public_host: 10.16.0.101 + cluster_public_host: ${_param:opnfv_openstack_control_node01_external_address} neutron_public_protocol: http neutron_control_dvr: 'False' neutron_l3_ha: 'False' @@ -26,86 +24,86 @@ parameters: neutron_compute_agent_mode: legacy neutron_compute_external_access: 'False' galera_server_cluster_name: openstack_cluster - galera_server_maintenance_password: opnfv_secret - galera_server_admin_password: opnfv_secret cluster_vip_address: ${_param:cluster_public_host} cluster_local_address: ${_param:openstack_control_address} cluster_node01_hostname: ctl01 - cluster_node01_address: 172.16.10.101 + cluster_node01_address: ${_param:opnfv_openstack_control_node01_address} cluster_node02_hostname: ctl02 - cluster_node02_address: 172.16.10.102 + cluster_node02_address: ${_param:opnfv_openstack_control_node02_address} cluster_node03_hostname: ctl03 - cluster_node03_address: 172.16.10.103 - rabbitmq_secret_key: opnfv_secret - rabbitmq_admin_password: opnfv_secret - rabbitmq_openstack_password: opnfv_secret - rabbitmq_cold_password: opnfv_secret + cluster_node03_address: ${_param:opnfv_openstack_control_node03_address} glance_version: ${_param:openstack_version} glance_service_host: ${_param:cluster_local_address} keystone_version: ${_param:openstack_version} keystone_service_host: ${_param:cluster_local_address} heat_version: ${_param:openstack_version} heat_service_host: ${_param:cluster_local_address} - heat_domain_admin_password: opnfv_secret ceilometer_version: ${_param:openstack_version} ceilometer_service_host: ${_param:cluster_local_address} ceilometer_database_host: ${_param:cluster_local_address} cinder_version: ${_param:openstack_version} cinder_service_host: ${_param:cluster_local_address} - ceilometer_graphite_publisher_host: 172.16.10.107 - ceilometer_graphite_publisher_port: 2013 nova_version: ${_param:openstack_version} nova_service_host: ${_param:cluster_local_address} nova_vncproxy_url: http://${_param:cluster_vip_address}:8060 neutron_version: ${_param:openstack_version} neutron_service_host: ${_param:cluster_local_address} mysql_admin_user: root - mysql_admin_password: opnfv_secret - mysql_cinder_password: opnfv_secret - mysql_ceilometer_password: opnfv_secret - mysql_glance_password: opnfv_secret - mysql_grafana_password: opnfv_secret - mysql_heat_password: opnfv_secret - mysql_keystone_password: opnfv_secret - mysql_neutron_password: opnfv_secret - mysql_nova_password: opnfv_secret - mysql_aodh_password: opnfv_secret - keystone_service_token: opnfv_secret - keystone_admin_password: opnfv_secret - keystone_ceilometer_password: opnfv_secret - keystone_cinder_password: opnfv_secret - keystone_glance_password: opnfv_secret - keystone_heat_password: opnfv_secret - keystone_keystone_password: opnfv_secret - keystone_neutron_password: opnfv_secret - keystone_nova_password: opnfv_secret - ceilometer_secret_key: opnfv_secret - metadata_password: opnfv_secret horizon_version: ${_param:openstack_version} horizon_secret_key: opaesee8Que2yahJoh9fo0eefo1Aeyo6ahyei8zeiboh3aeth5loth7ieNa5xi5e horizon_identity_host: ${_param:cluster_vip_address} horizon_identity_encryption: none horizon_identity_version: 3 - mongodb_server_replica_set: ceilometer - mongodb_ceilometer_password: opnfv_secret - mongodb_admin_password: opnfv_secret - mongodb_shared_key: eoTh1AwahlahqueingeejooLughah4tei9feing0eeVaephooDi2li1TaeV1ooth + horizon_public_protocol: http + horizon_public_port: 80 + apache_mods_status_enabled: false + nginx_server_site_nginx_proxy_openstack_web_enabled: true + nginx_proxy_ssl: + enabled: false + + barbican_version: ${_param:openstack_version} + barbican_service_host: ${_param:cluster_local_address} + apache_barbican_api_address: ${_param:single_address} + barbican_simple_crypto_kek: "YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY=" + barbican_integration_enabled: true + +{%- if '-sfc-' in conf.MCP_DEPLOY_SCENARIO %} + tacker_service_host: ${_param:cluster_local_address} +{%- endif %} + aodh_version: ${_param:openstack_version} - keystone_aodh_password: opnfv_secret aodh_service_host: ${_param:cluster_local_address} + gnocchi_version: 4.3 + gnocchi_service_host: ${_param:cluster_local_address} + panko_version: ${_param:openstack_version} + panko_service_host: ${_param:cluster_local_address} + ceilometer_agent_default_polling_interval: 180 + ceilometer_agent_default_polling_meters: + - "*" linux: system: - repo: - uca: - source: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/${_param:openstack_version} main" - architectures: amd64 - key_id: EC4926EA - key_server: keyserver.ubuntu.com kernel: sysctl: net.ipv4.tcp_congestion_control: yeah net.ipv4.tcp_slow_start_after_idle: 0 net.ipv4.tcp_fin_timeout: 30 +{%- if 'aarch64' in nm.cluster.arch %} + repo: + armband_3: # Should be in sync with the repo config generated via curtin/MaaS + source: "deb http://linux.enea.com/mcp-repos/${_param:armband_repo_version}/xenial ${_param:armband_repo_version}-armband main" + key: ${_param:armband_key} + pinning: + 15: + enabled: true + pin: 'release a=${_param:armband_repo_version}-armband' + priority: 15 + package: '*' + 1200: + enabled: true + pin: 'release a=${_param:armband_repo_version}-armband' + priority: 1200 + package: 'qemu-efi' +{%- endif %} network: host: ctl: @@ -123,13 +121,13 @@ parameters: names: - gtw01 - gtw01.${_param:cluster_domain} - cmp01: - address: 172.16.10.105 - names: - - cmp01 - - cmp01.${_param:cluster_domain} - cmp02: - address: 172.16.10.106 +{#- For compute nodes, expand values in-place, bypassing reclass param expansion #} +{%- for cmp in range(1, nm.cmp_nodes + 1) %} + {%- set h = 'cmp%03d' | format(cmp) %} + {%- set mgmt = nm.net_mgmt_hosts | length + nm.start_ip[nm.net_mgmt] + loop.index %} + {{ h }}: + address: {{ nm.net_mgmt | ipnet_hostaddr(mgmt) }} names: - - cmp02 - - cmp02.${_param:cluster_domain} + - {{ h }} + - {{ h }}.${_param:cluster_domain} +{%- endfor %} diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/config.yml new file mode 100644 index 000000000..1bf5f0014 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/config.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.infra.config + - cluster.mcp-fdio-ha.infra + - cluster.all-mcp-arch-common.infra.config_pdf diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/init.yml new file mode 100644 index 000000000..3ab122e13 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/init.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.infra + - cluster.mcp-fdio-ha.openstack +parameters: + _param: + cluster_name: mcp-fdio-ha diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/init.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/init_vcp.yml.j2 index f09ee5db1..8ab411876 100644 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/init.yml +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/init_vcp.yml.j2 @@ -1,11 +1,12 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- +{%- if conf.MCP_VCP %} classes: - - cluster.all-mcp-arch-common.arch - - cluster.all-mcp-arch-common.opnfv + - cluster.mcp-fdio-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/kvm.yml.j2 new file mode 100644 index 000000000..dbbea5235 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/kvm.yml.j2 @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- if conf.MCP_VCP %} +# NOTE(armband): we don't want to pull in salt.control for novcp +classes: + - cluster.mcp-common-ha.infra.kvm + - cluster.mcp-fdio-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/kvm.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/maas.yml index b4c2a67ac..55c737f3f 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/kvm.yml +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/infra/maas.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,5 +7,5 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-common-ha.infra.kvm - - cluster.baremetal-mcp-pike-ovs-ha.infra + - cluster.mcp-fdio-ha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/init.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/init.yml index 12a3ea211..daeecfcc7 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/init.yml +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,5 +8,5 @@ --- classes: - cluster.all-mcp-arch-common - - cluster.baremetal-mcp-pike-ovs-ha.infra - - cluster.baremetal-mcp-pike-ovs-ha.openstack + - cluster.mcp-fdio-ha.infra + - cluster.mcp-fdio-ha.openstack diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/compute.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/compute.yml new file mode 100644 index 000000000..ffc3b5309 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/compute.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_compute + - cluster.mcp-fdio-ha.openstack.compute_pdf + - cluster.mcp-fdio-ha.infra diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/compute_pdf.yml.j2 new file mode 100644 index 000000000..f3844ad8c --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/compute_pdf.yml.j2 @@ -0,0 +1,36 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.cmp001.nic_private: True } %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +{%- set vlans = { vlan_private_start: nm.cmp001.nic_private } %} +--- +parameters: + linux: + network: + interface: + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.cmp001.nic_admin in nics %} + {%- do nics.pop(nm.cmp001.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-mesh: + enabled: true + type: bridge + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + mtu: 1500 + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/control.yml index 43bec6bcc..a9bb44907 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/openstack/control.yml +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/control.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,6 +8,6 @@ --- classes: - system.neutron.control.openvswitch.cluster - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_control - - cluster.baremetal-mcp-pike-ovs-ha.infra + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_control + - cluster.mcp-fdio-ha.infra diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/database.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/database.yml new file mode 100644 index 000000000..7ba9e5660 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/database.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_database + - cluster.mcp-fdio-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/init.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/init.yml new file mode 100644 index 000000000..8aa203d0c --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/init.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_init + - cluster.all-mcp-arch-common.fdio_repo +parameters: + _param: + neutron_tenant_network_types: "flat,vxlan" diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/message_queue.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/message_queue.yml new file mode 100644 index 000000000..175215502 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/message_queue.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_message_queue + - cluster.mcp-fdio-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/proxy.yml new file mode 100644 index 000000000..bafbbaa6a --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/proxy.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_triport + - cluster.mcp-common-ha.openstack_proxy + - cluster.mcp-fdio-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/telemetry.yml b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/telemetry.yml new file mode 100644 index 000000000..9cb8fcd5e --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-ha/openstack/telemetry.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_telemetry + - cluster.mcp-fdio-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-fdio-noha/infra/config.yml.j2 new file mode 100644 index 000000000..0c5eef8c2 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/infra/config.yml.j2 @@ -0,0 +1,58 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Until SDF is implemented, hardcode gtw01 node index in IDF as ctl01 +1 #} +{%- set gi = nm.ctl01.idx + 1 %} +--- +classes: + - system.reclass.storage.system.openstack_gateway_single + - cluster.mcp-common-noha.infra.config + - cluster.mcp-fdio-noha + - cluster.all-mcp-arch-common.infra.config_pdf +parameters: + reclass: + storage: + node: + openstack_gateway_node01: + params: + tenant_address: ${_param:opnfv_openstack_gateway_node01_tenant_address} + external_address: ${_param:opnfv_openstack_gateway_node01_external_address} + pxe_admin_address: ${_param:opnfv_openstack_gateway_node01_pxe_admin_address} +{%- if '-fdio-' in conf.MCP_DEPLOY_SCENARIO %} +{%- set private_speed = conf.nodes[gi].interfaces[nm.idx_private].speed %} +{%- set private_pci = conf.idf.fuel.network.node[gi].busaddr[nm.idx_private] %} + # We reuse compute-specific configuration from IDF, so we don't have + # to rework everything in both Pharos and Fuel + # However, OVS-related configuration is unused and only DPDK is relevant + {%- if conf.idf.fuel.reclass is defined %} + {%- if conf.idf.fuel.reclass.node[gi].compute_params.dpdk is defined %} + {#- Can't dump json here due to dpdk0_* below, explicitly create yaml #} + {%- set _dpdk = conf.idf.fuel.reclass.node[gi].compute_params.dpdk %} + {%- set private_drv = _dpdk.dpdk0_driver %} + {%- for _i in _dpdk %} + {{ _i }}: '"{{ _dpdk[_i] }}"' + {%- endfor %} + {%- endif %} + {%- else %} + compute_hugepages_size: 2M + compute_hugepages_count: 13312 + compute_hugepages_mount: /mnt/hugepages_2M + compute_kernel_isolcpu: 3,8,9,10,11 + compute_dpdk_driver: uio + compute_ovs_pmd_cpu_mask: '"0x708"' + compute_ovs_dpdk_socket_mem: '"4096,4096"' + compute_ovs_dpdk_lcore_mask: '"0x800"' + compute_ovs_memory_channels: '"2"' + dpdk0_driver: igb_uio + dpdk0_n_rxq: 2 + {%- endif %} + dpdk0_name: {{ conf.idf.fuel.network.node[gi].interfaces[nm.idx_private] }} + dpdk0_pci: '"{{ conf.idf.fuel.network.node[gi].busaddr[nm.idx_private] }}"' + dpdk0_vpp: {{ ma.vpp_interface_str(private_speed, private_pci, private_drv or '') }} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/infra/init.yml index 0f21b9161..b1d890dfb 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/infra/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,8 +7,8 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-common-noha.infra + - cluster.mcp-common-noha.infra parameters: _param: - cluster_name: virtual-mcp-pike-ovs-noha + cluster_name: mcp-fdio-noha diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/infra/maas.yml new file mode 100644 index 000000000..e64e9a137 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-fdio-noha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/init.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/init.yml new file mode 100644 index 000000000..6e4f952fd --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/init.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.init_options + - cluster.mcp-fdio-noha.infra + - cluster.mcp-fdio-noha.openstack diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 new file mode 100644 index 000000000..14b8a268b --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 @@ -0,0 +1,68 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - service.neutron.compute.single + - system.nova.compute.nfv.hugepages + - cluster.mcp-common-noha.openstack_compute + - cluster.mcp-fdio-noha +parameters: + nova: + compute: + # yamllint disable-line rule:truthy + vif_plugging_is_fatal: False + vif_plugging_timeout: 10 + neutron: + compute: + backend: + router: 'vpp-router' + tenant_network_types: "${_param:neutron_tenant_network_types}" + ~mechanism: + vpp: + driver: vpp + etcd_port: ${_param:node_port} + etcd_host: ${_param:node_address} + l3_hosts: ${_param:openstack_gateway_node01_hostname} + physnets: + physnet1: + vpp_interface: ${_param:external_vpp_tap} + physnet2: + vpp_interface: ${_param:dpdk0_vpp} + linux: + system: + kernel: + isolcpu: 1 # NOTE: Hardcoded for now + boot_options: + - spectre_v2=off + - nopti + - kpti=off + - nospec_store_bypass_disable + - noibrs + - noibpb + - intel_iommu=on + - iommu=pt + - nohz_full=${linux:system:kernel:isolcpu} + - rcu_nocbs=${linux:system:kernel:isolcpu} + - iommu.passthrough=1 + network: + interface: + dpdk0: + name: ${_param:dpdk0_name} + pci: ${_param:dpdk0_pci} + driver: ${_param:dpdk0_driver} + enabled: true + type: dpdk_vpp_port + mtu: ${_param:interface_mtu} + {{ nm.cmp001.nic_private }}: + type: dpdk # Not a meaningful type, just match 'dpdk' for filtering + pxe_admin_int: + # For scenarios without public network on cmp, set admin gw + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/control.yml new file mode 100644 index 000000000..afce77f4b --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/control.yml @@ -0,0 +1,76 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.openstack_control + - cluster.mcp-fdio-noha + - system.neutron.control.single + - service.etcd.server.single + - system.galera.server.database.neutron +# NOTE: All this configuration should later be moved to reclass.system as +# neutron.control.vpp.single +parameters: + _param: + # yamllint disable rule:truthy + neutron_control_dvr: True + neutron_l3_ha: False + neutron_enable_qos: False + neutron_enable_vlan_aware_vms: False + neutron_enable_bgp_vpn: False + # yamllint enable rule:truthy + neutron_global_physnet_mtu: 1500 + neutron_external_mtu: 1500 + neutron_bgp_vpn_driver: bagpipe + internal_protocol: 'http' + neutron_firewall_driver: 'iptables_hybrid' + openstack_node_role: primary + nova: + controller: + # yamllint disable-line rule:truthy + vif_plugging_is_fatal: False + vif_plugging_timeout: 10 + neutron: + server: + role: ${_param:openstack_node_role} + global_physnet_mtu: ${_param:neutron_global_physnet_mtu} + l3_ha: ${_param:neutron_l3_ha} + dvr: ${_param:neutron_control_dvr} + qos: ${_param:neutron_enable_qos} + vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms} + firewall_driver: ${_param:neutron_firewall_driver} + bgp_vpn: + enabled: ${_param:neutron_enable_bgp_vpn} + driver: ${_param:neutron_bgp_vpn_driver} + backend: + engine: ml2 + router: 'vpp-router' + tenant_network_types: "${_param:neutron_tenant_network_types}" + external_mtu: ${_param:neutron_external_mtu} + mechanism: + vpp: + driver: vpp + etcd_port: ${_param:node_port} + etcd_host: ${_param:node_address} + l3_hosts: ${_param:openstack_gateway_node01_hostname} + physnets: + physnet1: + vpp_interface: ${_param:external_vpp_tap} + physnet2: + # NOTE: Not a meaningful interface name, just avoid a filter-out + vpp_interface: 'dummy' + vlan_range: '${_param:opnfv_net_tenant_vlan}' + compute: + region: ${_param:openstack_region} + database: + host: ${_param:openstack_database_address} + identity: + region: ${_param:openstack_region} + protocol: ${_param:internal_protocol} + message_queue: + members: + - host: ${_param:single_address} diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml new file mode 100644 index 000000000..c330b677c --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml @@ -0,0 +1,68 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.openstack_gateway + - service.neutron.gateway.single + - cluster.mcp-fdio-noha +parameters: + _param: + compute_hugepages_size: 1G + compute_hugepages_mount: /mnt/hugepages_1G + neutron: + gateway: + agents: + l3: + interface_driver: neutron.agent.linux.interface.BridgeInterfaceDriver + dhcp: + interface_driver: neutron.agent.linux.interface.BridgeInterfaceDriver + backend: + router: 'vpp-router' + tenant_network_types: "${_param:neutron_tenant_network_types}" + ~mechanism: + vpp: + driver: vpp + etcd_port: ${_param:node_port} + etcd_host: ${_param:node_address} + l3_hosts: ${_param:openstack_gateway_node01_hostname} + physnets: + physnet1: + vpp_interface: ${_param:external_vpp_tap} + physnet2: + vpp_interface: ${_param:dpdk0_vpp} + linux: + system: + kernel: + hugepages: + large: + default: true + size: ${_param:compute_hugepages_size} + count: ${_param:compute_hugepages_count} + mount_point: ${_param:compute_hugepages_mount} + isolcpu: 1 # NOTE: Hardcoded for now + boot_options: + - spectre_v2=off + - nopti + - kpti=off + - nospec_store_bypass_disable + - noibrs + - noibpb + - intel_iommu=on + - iommu=pt + - nohz_full=${linux:system:kernel:isolcpu} + - rcu_nocbs=${linux:system:kernel:isolcpu} + - iommu.passthrough=1 + network: + interface: + dpdk0: + name: ${_param:dpdk0_name} + pci: ${_param:dpdk0_pci} + driver: ${_param:dpdk0_driver} + enabled: true + type: dpdk_vpp_port + mtu: ${_param:interface_mtu} diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/init.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/init.yml new file mode 100644 index 000000000..858da65a7 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/init.yml @@ -0,0 +1,30 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.openstack_init + - cluster.all-mcp-arch-common.fdio_repo +parameters: + _param: + openstack_gateway_node01_hostname: 'gtw01' + neutron_tenant_network_types: "vlan" + etcd_initial_token: ${_param:opnfv_main_password} + node_address: ${_param:cluster_node01_address} + node_hostname: ${_param:cluster_node01_hostname} + node_port: 4001 + external_vpp_tap: 'tap0' + linux: + system: + file: + /etc/systemd/network/99-default.link: + contents: | + # Workaround tap/bridge MAC generation issue + # https://github.com/systemd/systemd/issues/3374 + [Link] + NamePolicy=kernel database onboard slot path + MACAddressPolicy=none diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/iec.yml.j2 b/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/iec.yml.j2 new file mode 100644 index 000000000..ccd378b73 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/iec.yml.j2 @@ -0,0 +1,117 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- if '-vcp-' in conf.MCP_DEPLOY_SCENARIO %} +{%- set nics = {} %} +{%- set vlans = {} %} +{%- else %} +{%- set nics = { nm.ctl01.nic_mgmt: True, nm.ctl01.nic_public: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %} +{%- endif %} +--- +classes: + - cluster.mcp-iec-noha + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf +parameters: + _param: +{%- if '-vcp-' in conf.MCP_DEPLOY_SCENARIO %} + pxe_admin_interface: ${_param:opnfv_vcp_vm_primary_interface} + external_nic: ${_param:opnfv_vcp_vm_secondary_interface} + single_nic: ${_param:opnfv_vcp_vm_tertiary_interface} +{%- else %} + pxe_admin_interface: {{ nm.ctl01.nic_admin }} + external_nic: {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + single_nic: {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} +{%- endif %} + linux: +{%- if 'centos' not in conf.MCP_OS %} +{%- set proto_manual = 'manual' %} +{%- else %} +{%- set proto_manual = 'none' %} + system: + file: + /etc/gshadow: + group: root + /etc/shadow: + group: root + /etc/udev/rules.d/70-persistent-net.rules: + contents: '' +{%- if conf.nodes[nm.ctl01.idx].node.arch == 'aarch64' %} + /etc/modprobe.d/vfat.conf: + contents: '' + /boot/efi/EFI/centos/grub.cfg: + source: /boot/grub2/grub.cfg +{%- endif %} + kernel: + boot_options: + - net.ifnames=1 + - biosdevname=1 + modules: + - br_netfilter + at: + enabled: False + cron: + enabled: False +{%- endif %} + network: + interface: + pxe_admin_int: + enabled: true + name: ${_param:pxe_admin_interface} + type: eth + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + mtu: ${_param:interface_mtu} + noifupdown: true + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.ctl01.nic_admin in nics %} + {%- do nics.pop(nm.ctl01.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics, proto_manual) }} + +{{ ma.linux_network_interfaces_vlan(vlans, proto_manual) }} + +{%- if '-vcp-' in conf.MCP_DEPLOY_SCENARIO %} + single: + enabled: true + type: eth + proto: {{ proto_manual }} + name: ${_param:single_nic} + mtu: ${_param:interface_mtu} + external: + enabled: true + type: eth + proto: {{ proto_manual }} + name: ${_param:external_nic} + mtu: ${_param:interface_mtu} +{%- endif %} + br-ctl: + enabled: true + type: bridge + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + noifupdown: true + use_interfaces: + - ${_param:single_nic} + mtu: ${_param:interface_mtu} + br-ex: + enabled: true + type: bridge + address: ${_param:external_address} + netmask: ${_param:opnfv_net_public_mask} + noifupdown: true + use_interfaces: + - ${_param:external_nic} + mtu: ${_param:interface_mtu} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/init.yml b/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/init.yml new file mode 100644 index 000000000..18bdf215a --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/akraino/init.yml @@ -0,0 +1,32 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +parameters: + _param: + # NOTE(armband): reuse Openstack definitions + akraino_iec_node01_address: ${_param:opnfv_openstack_control_node01_address} + akraino_iec_node02_address: ${_param:opnfv_openstack_control_node02_address} + akraino_iec_node03_address: ${_param:opnfv_openstack_control_node03_address} + linux: + network: + host: + iec01: + address: ${_param:akraino_iec_node01_address} + names: + - iec01 + - iec01.${_param:cluster_domain} + iec02: + address: ${_param:akraino_iec_node02_address} + names: + - iec02 + - iec02.${_param:cluster_domain} + iec03: + address: ${_param:akraino_iec_node03_address} + names: + - iec03 + - iec03.${_param:cluster_domain} diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/config.yml.j2 new file mode 100644 index 000000000..9a1c9b8d1 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/config.yml.j2 @@ -0,0 +1,57 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - cluster.mcp-common-noha.infra.config + - cluster.mcp-iec-noha + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf + - cluster.all-mcp-arch-common.infra.config_pdf +parameters: + reclass: + storage: + ~node: +{%- if nm.cluster.has_baremetal_nodes %} +{#- Since we overwrite the ~node key, we need to re-add maas node explicitly #} + infra_maas_node01: + name: ${_param:infra_maas_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.maas + params: + salt_master_host: ${_param:infra_config_deploy_address} + linux_system_codename: ${_param:infra_maas_system_codename} + single_address: ${_param:infra_maas_node01_deploy_address} +{%- endif %} +{%- if '-vcp-' in conf.MCP_DEPLOY_SCENARIO %} +{%- for i in range(1, 4) %} + infra_kvm_node0{{ i }}: + name: ${_param:infra_kvm_node0{{ i }}_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:opnfv_infra_kvm_node0{{ i }}_address} + pxe_admin_address: ${_param:opnfv_infra_kvm_node0{{ i }}_pxe_admin_address} +{%- endfor %} +{%- endif %} +{%- for i in range(1, 4) %} + akraino_iec_node0{{ i }}: + name: ${_param:akraino_iec_node0{{ i }}_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.akraino.iec + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:opnfv_openstack_control_node0{{ i }}_address} + external_address: ${_param:opnfv_openstack_control_node0{{ i }}_external_address} + pxe_admin_address: ${_param:opnfv_openstack_control_node0{{ i }}_pxe_admin_address} +{%- endfor %} diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/infra/init.yml.j2 b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/init.yml.j2 new file mode 100644 index 000000000..1b68b6c44 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/init.yml.j2 @@ -0,0 +1,31 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.infra +parameters: + _param: + cluster_name: mcp-iec-noha + infra_kvm_node01_hostname: kvm01 + infra_kvm_node02_hostname: kvm02 + infra_kvm_node03_hostname: kvm03 + akraino_iec_node01_hostname: iec01 + akraino_iec_node02_hostname: iec02 + akraino_iec_node03_hostname: iec03 +{%- if '-vcp-' in conf.MCP_DEPLOY_SCENARIO %} + linux: + network: + host: +{%- for i in range(1, 4) %} + kvm0{{ i }}: + address: ${_param:opnfv_infra_kvm_node0{{ i }}_address} + names: + - ${_param:infra_kvm_node0{{ i }}_hostname} + - ${_param:infra_kvm_node0{{ i }}_hostname}.${_param:cluster_domain} +{%- endfor %} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2 new file mode 100644 index 000000000..34372c69c --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2 @@ -0,0 +1,112 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{#- NOTE: br-{mgmt,ctl} are cross-referenced, careful when changing names #} +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.ctl01.nic_admin: True, nm.ctl01.nic_mgmt: True, nm.ctl01.nic_public: True } %} +{%- set vlans = { nm.vlan_admin: nm.ctl01.nic_admin, nm.vlan_mgmt: nm.ctl01.nic_mgmt, nm.vlan_public: nm.ctl01.nic_public } %} +--- +classes: + - system.salt.control.virt + - cluster.all-mcp-arch-common.opnfv.maas_proxy + - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf + - cluster.mcp-iec-noha.infra +parameters: + _param: + linux_system_codename: bionic + linux: + network: + interface: + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-mgmt: + enabled: true + proto: static + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} + type: bridge + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_admin, nm.vlan_admin) }} + noifupdown: true + br-ctl: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} + noifupdown: true + br-ex: + enabled: true + proto: manual + netmask: ${_param:opnfv_net_public_mask} + type: bridge + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + noifupdown: true + system: + kernel: + boot_options: + - spectre_v2=off + - nopti + - kpti=off + sysctl: + net.ipv4.ip_forward: 0 + libvirt: + server: + service: libvirtd + config_sys: /etc/default/libvirtd + unix_sock_group: libvirt + salt: + control: + size: + akraino.iec: + cpu: 8 + ram: 12288 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: +{%- for i in range(1, 4) %} + iec0{{ i }}: + name: ${_param:akraino_iec_node0{{ i }}_hostname} + provider: ${_param:infra_kvm_node0{{ i }}_hostname}.${_param:cluster_domain} + size: akraino.iec + image: ${_param:salt_control_bionic_image} +{%- if conf.nodes[nm.ctl01.idx].node.arch == 'aarch64' %} + machine: virt + cpu_mode: host-passthrough + loader: + readonly: 'yes' + type: pflash + path: /usr/share/AAVMF/AAVMF_CODE.fd +{%- endif %} +{%- endfor %} + virt: + nic: + default: + eth2: + bridge: br-mgmt + model: virtio + eth1: + bridge: br-ex + model: virtio + eth0: + bridge: br-ctl + model: virtio diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/maas.yml new file mode 100644 index 000000000..393eb73a4 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-iec-noha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/kvm.yml b/mcp/reclass/classes/cluster/mcp-iec-noha/init.yml index bb2087d70..e0224ebac 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/kvm.yml +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,5 +7,6 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-common-ha.infra.kvm - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra + - cluster.mcp-common-noha.init_options + - cluster.mcp-iec-noha.infra + - cluster.mcp-iec-noha.akraino diff --git a/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/infra/config.yml.j2 new file mode 100644 index 000000000..e3cd67bdf --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/infra/config.yml.j2 @@ -0,0 +1,79 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - system.reclass.storage.salt + - system.reclass.storage.system.kubernetes_control_single +{%- if nm.cluster.has_baremetal_nodes %} + - system.reclass.storage.system.infra_maas_single +{%- endif %} + - system.salt.master.api + - system.salt.master.single + - system.salt.minion.ca.salt_master + - system.salt.minion.cert.k8s_server_single + - cluster.mcp-k8s-calico-noha +parameters: + _param: + salt_master_environment_repository: 'https://github.com/salt-formulas' + salt_master_environment_revision: master + reclass_data_repository: local + salt_master_base_environment: prd + salt_master_host: 127.0.0.1 + salt_minion_ca_host: ${linux:network:fqdn} + # yamllint disable-line rule:line-length + salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1" + kubernetes_control_node01_deploy_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address} + kubernetes_control_system_codename: bionic + linux: + system: + user: + salt: + home: /home/salt + salt: + master: + accept_policy: open_mode + file_recv: true + worker_threads: 4 + command_timeout: 20 + minion: + mine: + module: + x509.get_pem_entries: ['/etc/pki/all_cas/*'] + reclass: + storage: + data_source: + engine: local + node: + kubernetes_control_node01: + params: + pxe_admin_interface: {{ nm.ctl01.nic_admin }} + pxe_admin_address: ${_param:opnfv_openstack_control_node01_pxe_admin_address} + # We support per-node (not only per-role) compute configuration via IDF +{%- for cmp in range(1, nm.cmp_nodes + 1) %} + {%- set n = '%02d' | format(cmp) %} + {%- set i = nm.cmp001.idx + cmp - 1 %} + + {%- set admin = nm.net_admin_hosts | length + nm.start_ip[nm.net_admin] + loop.index %} + {%- set mgmt = nm.net_mgmt_hosts | length + nm.start_ip[nm.net_mgmt] + loop.index %} + {%- set pub = nm.net_public_hosts | length + nm.start_ip[nm.net_public] + loop.index %} + {%- set pri = nm.net_private_hosts | length + nm.start_ip[nm.net_private] + loop.index %} + kubernetes_compute_node{{ n }}: + name: cmp{{ '%03d' | format(cmp) }} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.kubernetes.compute + params: + pxe_admin_address: {{ nm.net_admin | ipnet_hostaddr(admin) }} + pxe_admin_interface: {{ conf.idf.fuel.network.node[i].interfaces[nm.idx_admin] }} + single_address: {{ nm.net_mgmt | ipnet_hostaddr(mgmt) }} + tenant_address: {{ nm.net_private | ipnet_hostaddr(pri) }} + external_address: {{ nm.net_public | ipnet_hostaddr(pub) }} + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:kubernetes_control_system_codename} +{%- endfor %} diff --git a/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/infra/init.yml new file mode 100644 index 000000000..b01eeeda1 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/infra/init.yml @@ -0,0 +1,13 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.infra +parameters: + _param: + cluster_name: mcp-k8s-calico-noha diff --git a/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/init.yml b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/init.yml new file mode 100644 index 000000000..f464dca54 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/init.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.init_options + - cluster.mcp-k8s-calico-noha.kubernetes + - cluster.mcp-k8s-calico-noha.infra diff --git a/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/common.yml.j2 b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/common.yml.j2 new file mode 100644 index 000000000..bd6e48fce --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/common.yml.j2 @@ -0,0 +1,75 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - system.kubernetes.pool.single + - system.salt.minion.cert.k8s_client_single + - system.salt.minion.cert.etcd_client_single + - cluster.all-mcp-arch-common.backports + - cluster.mcp-common-noha.openstack_compute_pdf +parameters: + _param: + kubernetes_containerd_package: containerd + kubernetes: + common: + hyperkube: + source: ${_param:kubernetes_hyperkube_source} + source_hash: ${_param:kubernetes_hyperkube_source_hash} + pause_image: ${_param:kubernetes_pause_image} + pool: + proxy: + daemon_opts: + cluster-cidr: ${_param:calico_private_network}/${_param:calico_private_netmask} + kubelet: + address: ${_param:single_address} + fail_on_swap: ${_param:kubelet_fail_on_swap} + network: + calico: + enabled: true + no_default_pools: false + image: ${_param:kubernetes_calico_image} + calicoctl_image: ${_param:kubernetes_calico_calicoctl_image} + cni_image: ${_param:kubernetes_calico_cni_image} + kube_controllers_image: ${_param:kubernetes_calico_kube_controllers_image} + birdcl_source: ${_param:kubernetes_calico_birdcl_source} + birdcl_source_hash: ${_param:kubernetes_calico_birdcl_source_hash} + calicoctl_source: ${_param:kubernetes_calico_calicoctl_source} + calicoctl_source_hash: ${_param:kubernetes_calico_calicoctl_source_hash} + cni_ipam_source: ${_param:kubernetes_calico_cni_ipam_source} + cni_ipam_source_hash: ${_param:kubernetes_calico_cni_ipam_source_hash} + cni_source: ${_param:kubernetes_calico_cni_source} + cni_source_hash: ${_param:kubernetes_calico_cni_source_hash} + etcd: + ssl: + enabled: true + policy: + enabled: ${_param:kubernetes_calico_policy_enabled} + linux: + system: + kernel: + sysctl: + # The default operating system limits on mmap counts is likely to be too low, + # which may result in out of memory exceptions. + vm.max_map_count: 262144 + network: + interface: + br-mgmt: + post_up_cmds: + - ip r rep 10.254.0.0/16 via ${_param:single_address} + pxe_admin_int: + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} + storage: + enabled: true + swap: + img: + enabled: false + engine: file + device: /swap.img diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/compute.yml index f58e632c7..f2ab4e9e8 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/maas.yml +++ b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/compute.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,5 +7,6 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-common-ha.infra.maas - - cluster.baremetal-mcp-pike-odl-ha.infra + - system.linux.network.hosts + - cluster.mcp-k8s-calico-noha.kubernetes.common + - cluster.mcp-k8s-calico-noha diff --git a/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/control.yml b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/control.yml new file mode 100644 index 000000000..25c17dc65 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/control.yml @@ -0,0 +1,99 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - service.etcd.server.single + - service.kubernetes.control.cluster + - system.salt.minion.cert.etcd_server_single + - system.kubernetes.master.single + - system.kubernetes.master.auth.rbac + - system.kubernetes.control.roles.cluster-admin + - cluster.mcp-k8s-calico-noha.kubernetes.common + - cluster.mcp-k8s-calico-noha +parameters: + _param: + docker_image_etcd: quay.io/coreos/etcd:v3.3.12 + kubernetes_etcd_repo: https://github.com/etcd-io/etcd/releases/download + kubernetes_etcd_source: ${_param:kubernetes_etcd_repo}/v3.3.12/etcd-v3.3.12-linux-amd64.tar.gz + kubernetes_etcd_source_hash: md5=079af00546443b686df31e7ec605135e + etcd: + server: + image: ${_param:docker_image_etcd} + source: + engine: archive + etcd_source: ${_param:kubernetes_etcd_source} + etcd_source_hash: ${_param:kubernetes_etcd_source_hash} + setup: + calico: + key: /calico/ipam/v2/assignment/ipv4/block/${_param:calico_private_network}-${_param:calico_private_netmask} + value: '{"masquerade":true,"cidr":"${_param:calico_private_network}/${_param:calico_private_netmask}"}' + ssl: + enabled: true + kubernetes: + common: + addons: + virtlet: + enabled: ${_param:kubernetes_virtlet_enabled} + namespace: ${_param:kubernetes_addon_namespace} + image: ${_param:kubernetes_virtlet_image} + criproxy_version: ${_param:kubernetes_criproxy_version} + criproxy_source: ${_param:kubernetes_criproxy_checksum} + hosts: + - ${_param:kubernetes_compute01_hostname} + dashboard: + enabled: ${_param:kubernetes_dashboard} + image: ${_param:kubernetes_dashboard_image} + helm: + enabled: ${_param:kubernetes_helm_enabled} + netchecker: + enabled: ${_param:kubernetes_netchecker_enabled} + agent_probeurls: ${_param:kubernetes_netchecker_agent_probeurls} + externaldns: + enabled: ${_param:kubernetes_externaldns_enabled} + image: ${_param:kubernetes_externaldns_image} + provider: ${_param:kubernetes_externaldns_provider} + metallb: + enabled: ${_param:kubernetes_metallb_enabled} + addresses: + - ${_param:kubernetes_metallb_addresses_pool} + ingress-nginx: + enabled: ${_param:kubernetes_ingressnginx_enabled} + metrics-server: + enabled: ${_param:kubernetes_metrics_server_enabled} + master: + apiserver: + insecure_address: 0.0.0.0 + kubelet: + address: ${_param:single_address} + fail_on_swap: ${_param:kubelet_fail_on_swap} + etcd: + ssl: + enabled: true + network: + calico: + enabled: true + image: ${_param:kubernetes_calico_image} + calicoctl_image: ${_param:kubernetes_calico_calicoctl_image} + cni_image: ${_param:kubernetes_calico_cni_image} + kube_controllers_image: ${_param:kubernetes_calico_kube_controllers_image} + birdcl_source: ${_param:kubernetes_calico_birdcl_source} + birdcl_source_hash: ${_param:kubernetes_calico_birdcl_source_hash} + calicoctl_source: ${_param:kubernetes_calico_calicoctl_source} + calicoctl_source_hash: ${_param:kubernetes_calico_calicoctl_source_hash} + cni_ipam_source: ${_param:kubernetes_calico_cni_ipam_source} + cni_ipam_source_hash: ${_param:kubernetes_calico_cni_ipam_source_hash} + cni_source: ${_param:kubernetes_calico_cni_source} + cni_source_hash: ${_param:kubernetes_calico_cni_source_hash} + etcd: + ssl: + enabled: true + policy: + enabled: ${_param:kubernetes_calico_policy_enabled} + namespace: + netchecker: + enabled: true diff --git a/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/init.yml.j2 b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/init.yml.j2 new file mode 100644 index 000000000..ef8785aa4 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-k8s-calico-noha/kubernetes/init.yml.j2 @@ -0,0 +1,108 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + + # kubelet + kubelet_fail_on_swap: true + + # kubernetes settings + kubernetes_admin_user: admin + kubernetes_admin_password: sbPfel23ZigJF3Bm + kubernetes_admin_token: PpP6Mm3pAoPVqcKOKUu0x1dh7b1959Fi + kubernetes_kubelet_token: JJ2PKHxjiU6EYvIt18BqwdSK1HvWh8pt + kubernetes_kube-proxy_token: jT0hJk9L6cIw5UpYDNhsRwcj3Z2n62B6 + kubernetes_scheduler_token: VgkUHfrW07zNxrb0ucFyX7NBnSJN9Xp6 + kubernetes_controller-manager_token: uXrdZ1YKF6qlYm3sHje2iEXMGAGDWOIU + kubernetes_dns_token: 0S1I4iJeFjq5fopPwwCwTp3xFpEZfeUl + etcd_initial_token: IN7KaRMSo3xkGxkjAAPtkRkAgqN4ZNRq + kubernetes_netchecker_agent_probeurls: "http://ipinfo.io" + + # addresses and hostnames + kubernetes_internal_api_address: 10.254.0.1 + kubernetes_internal_dns_address: 10.254.0.10 + kubernetes_control_hostname: ctl + kubernetes_control_node01_hostname: ctl01 + kubernetes_compute01_hostname: cmp001 + kubernetes_compute02_hostname: cmp002 + kubernetes_control_node01_address: ${_param:openstack_control_address} + kubernetes_control_address: ${_param:kubernetes_control_node01_address} + master_address: ${_param:kubernetes_control_node01_address} + cluster_local_address: ${_param:single_address} + + # cert + control_address: ${_param:kubernetes_control_node01_address} + + # etcd stuff + node_hostname: ${_param:kubernetes_control_node01_hostname} + node_address: ${_param:kubernetes_control_node01_address} + node_port: 4001 + + # calico + calico_private_network: 192.168.0.0 + calico_private_netmask: 16 + + # coredns + kubernetes_externaldns_provider: coredns + kubernetes_metallb_addresses_pool: 172.16.10.70-172.16.10.95 + + # switches of addons + kubernetes_kubedns_enabled: false + kubernetes_externaldns_enabled: false + kubernetes_coredns_enabled: true + kubernetes_dashboard: false + kubernetes_virtlet_enabled: false + kubernetes_flannel_enabled: false + kubernetes_genie_enabled: false + kubernetes_calico_enabled: true + kubernetes_opencontrail_enabled: false + kubernetes_contrail_network_controller_enabled: false + kubernetes_metallb_enabled: false + kubernetes_ingressnginx_enabled: false + kubernetes_rbd_enabled: false + kubernetes_helm_enabled: false + kubernetes_netchecker_enabled: true + kubernetes_calico_policy_enabled: false + kubernetes_metrics_server_enabled: false + + kubernetes_ingressnginx_controller_replicas: 1 + kubernetes_virtlet_use_apparmor: false + + kubernetes_addon_namespace: kube-system + + + # Cloud providers parameters + kubernetes_cloudprovider_enabled: false + kubernetes_cloudprovider_type: 'openstack' + + linux: + system: + kernel: + sysctl: + net.ipv4.tcp_congestion_control: yeah + net.ipv4.tcp_slow_start_after_idle: 0 + net.ipv4.tcp_fin_timeout: 30 + network: + host: + ctl01: + address: ${_param:kubernetes_control_node01_address} + names: + - ctl01 + - ctl01.${_param:cluster_domain} +{%- for cmp in range(1, nm.cmp_nodes + 1) %} + {%- set h = 'cmp%03d' | format(cmp) %} + {%- set mgmt = nm.net_mgmt_hosts | length + nm.start_ip[nm.net_mgmt] + loop.index %} + {{ h }}: + address: {{ nm.net_mgmt | ipnet_hostaddr(mgmt) }} + names: + - {{ h }} + - {{ h }}.${_param:cluster_domain} +{%- endfor %} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/infra/config.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/config.yml.j2 new file mode 100644 index 000000000..950c49355 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/config.yml.j2 @@ -0,0 +1,32 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.infra.config + - cluster.mcp-odl-ha.infra +parameters: + _param: + opendaylight_server_node01_hostname: odl01 + opendaylight_server_node02_hostname: odl02 + opendaylight_server_node03_hostname: odl03 + reclass: + storage: + node: +{%- for i in range(1, 4) %} + opendaylight_control_node0{{ i }}: + name: ${_param:opendaylight_server_node0{{ i }}_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.opendaylight.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:opendaylight_server_node0{{ i }}_address} + pxe_admin_address: ${_param:opnfv_opendaylight_server_node0{{ i }}_pxe_admin_address} + keepalived_vip_priority: 10{{ i }} +{%- endfor %} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/init.yml new file mode 100644 index 000000000..67d8c5654 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/init.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.infra + - cluster.mcp-odl-ha.openstack +parameters: + _param: + cluster_name: mcp-odl-ha diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/infra/init_vcp.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/init_vcp.yml.j2 new file mode 100644 index 000000000..42cf4083e --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/init_vcp.yml.j2 @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- if conf.MCP_VCP %} +classes: + - cluster.mcp-odl-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/kvm.yml.j2 new file mode 100644 index 000000000..9ff091941 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/kvm.yml.j2 @@ -0,0 +1,43 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +{%- if conf.MCP_VCP %} +# NOTE(armband): we don't want to pull in salt.control for novcp +classes: + - cluster.mcp-common-ha.infra.kvm + - cluster.mcp-odl-ha.infra +parameters: + salt: + control: + size: # RAM 4096,8192,16384,32768,65536 + # Default production sizing + opendaylight.server: + cpu: 4 + ram: 8192 + disk_profile: small + net_profile: default + cluster: + internal: + node: + {%- for i in range(1, 4) %} + odl0{{ i }}: + name: ${_param:opendaylight_server_node0{{ i }}_hostname} + provider: ${_param:infra_kvm_node0{{ i }}_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_bionic_image} + size: opendaylight.server + {%- if conf.nodes[nm.ctl01.idx].node.arch == 'aarch64' %} + machine: virt + cpu_mode: host-passthrough + loader: + readonly: 'yes' + type: pflash + path: /usr/share/AAVMF/AAVMF_CODE.fd + {%- endif %} + {%- endfor %} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/maas.yml.j2 new file mode 100644 index 000000000..3a87ab558 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/infra/maas.yml.j2 @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +--- +classes: + - cluster.mcp-odl-ha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/init.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/init.yml index e0d15e607..4e740d700 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/init.yml +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,5 +8,5 @@ --- classes: - cluster.all-mcp-arch-common - - cluster.baremetal-mcp-pike-odl-ha.infra - - cluster.baremetal-mcp-pike-odl-ha.openstack + - cluster.mcp-odl-ha.infra + - cluster.mcp-odl-ha.openstack diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/opendaylight/control.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/opendaylight/control.yml.j2 index f4404a69b..23d1072d7 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/opendaylight/control.yml +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/opendaylight/control.yml.j2 @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,35 +7,27 @@ ############################################################################## --- classes: - - system.linux.system.repo.mcp.openstack - - system.linux.system.repo.mcp.extra - - system.opendaylight.server.single - - cluster.virtual-mcp-pike-odl-noha + - service.opendaylight.server.cluster + - cluster.mcp-common-ha.openstack_interface_vcp_biport +{%- if conf.MCP_VCP %} + - cluster.mcp-odl-ha +{%- endif %} parameters: _param: - linux_system_codename: xenial - linux: - network: - interface: - single_int: - enabled: true - name: ${_param:opnfv_fn_vm_secondary_interface} - type: eth - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 + linux_system_codename: bionic opendaylight: server: odl_bind_ip: ${_param:single_address} - odl_rest_port: 8282 - java_min_mem: 3g - java_max_mem: 3g + odl_rest_port: ${_param:opendaylight_rest_port} + java_min_mem: 6g + java_max_mem: 6g router_enabled: true + netvirt_natservice: + nat_mode: conntrack karaf_features: odl_default: - odl-restconf-all - odl-aaa-authn - - odl-dlux-all - - odl-mdsal-apidocs netvirt: - odl-netvirt-openstack + seed_nodes_list: {%- for i in range(1, 4) %} ${_param:opendaylight_server_node0{{ i }}_address}{%- endfor %} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/compute.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/compute.yml new file mode 100644 index 000000000..3a49a69be --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/compute.yml @@ -0,0 +1,34 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - service.neutron.gateway.opendaylight.single + - cluster.mcp-common-ha.openstack_compute + - cluster.mcp-odl-ha.openstack.compute_pdf + - cluster.mcp-odl-ha.infra +parameters: + neutron: + gateway: + agent_mode: ${_param:neutron_gateway_agent_mode} + backend: + ovsdb_connection: tcp:127.0.0.1:6640 + opendaylight: + ovsdb_server_iface: ptcp:6640:127.0.0.1 + linux: + system: + file: + /var/tmp/odl_hostconfig.patch: + contents: | + 420c420 + < if datapath_types.find(datapath_type) >= 0) + --- + > if datapath_type in datapath_types) + 460c460 + < return subprocess.check_output(command_line).strip() # nosec + --- + > return subprocess.check_output(command_line).strip().decode() # nosec diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/compute_pdf.yml.j2 new file mode 100644 index 000000000..f3844ad8c --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/compute_pdf.yml.j2 @@ -0,0 +1,36 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.cmp001.nic_private: True } %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +{%- set vlans = { vlan_private_start: nm.cmp001.nic_private } %} +--- +parameters: + linux: + network: + interface: + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.cmp001.nic_admin in nics %} + {%- do nics.pop(nm.cmp001.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-mesh: + enabled: true + type: bridge + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + mtu: 1500 + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/control.yml new file mode 100644 index 000000000..fe5a29714 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/control.yml @@ -0,0 +1,27 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.neutron.control.opendaylight.cluster + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_control + - cluster.mcp-odl-ha.infra +parameters: + keystone: + server: + openrc_extra: + # For HA, all public services are available through nginx on prx + sdn_controller_ip: ${_param:cluster_public_host} + sdn_controller_user: admin # Hardcoded to default ODL values for now + sdn_controller_password: ${_param:opendaylight_password} + sdn_controller_webport: ${_param:opendaylight_rest_port} + sdn_controller_restconfport: ${_param:opendaylight_rest_port} + neutron: + server: + backend: + password: ${_param:opendaylight_password} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/database.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/database.yml new file mode 100644 index 000000000..c14f3853e --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/database.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_database + - cluster.mcp-odl-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/init.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/init.yml.j2 new file mode 100644 index 000000000..1dd02bb8a --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/init.yml.j2 @@ -0,0 +1,39 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_init +parameters: + _param: + neutron_tenant_network_types: "flat,vxlan" + + # opendaylight options + opendaylight_service_host: ${_param:opnfv_opendaylight_server_address} + opendaylight_rest_port: 8282 +{%- if conf.MCP_VCP %} + opendaylight_server_node01_hostname: odl01 + opendaylight_server_node02_hostname: odl02 + opendaylight_server_node03_hostname: odl03 + opendaylight_server_node01_address: ${_param:opnfv_opendaylight_server_node01_address} + opendaylight_server_node02_address: ${_param:opnfv_opendaylight_server_node02_address} + opendaylight_server_node03_address: ${_param:opnfv_opendaylight_server_node03_address} + linux: + network: + host: + {%- for i in range(1, 4) %} + odl0{{ i }}: + address: ${_param:opendaylight_server_node0{{ i }}_address} + names: + - ${_param:opendaylight_server_node0{{ i }}_hostname} + - ${_param:opendaylight_server_node0{{ i }}_hostname}.${_param:cluster_domain} + {%- endfor %} +{%- else %} + opendaylight_control_hostname: ${_param:openstack_control_node02_hostname} + opendaylight_server_node01_hostname: ${_param:opendaylight_control_hostname} + opendaylight_server_node01_address: ${_param:opnfv_openstack_control_node02_address} +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/message_queue.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/message_queue.yml new file mode 100644 index 000000000..c44cb22b2 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/message_queue.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_message_queue + - cluster.mcp-odl-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/proxy.yml index 023ffd484..ef67f3b15 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/openstack/proxy.yml +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/proxy.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,25 +7,13 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_triport - - cluster.baremetal-mcp-pike-common-ha.openstack_proxy - - cluster.baremetal-mcp-pike-odl-ha.infra + - cluster.mcp-common-ha.openstack_interface_vcp_triport + - cluster.mcp-common-ha.openstack_proxy + - cluster.mcp-odl-ha.infra.init_vcp parameters: nginx: server: site: - nginx_proxy_opendaylight_web: - enabled: true - type: nginx_proxy - name: opendaylight_web - check: false - proxy: - host: ${_param:opendaylight_service_host} - port: 8181 - protocol: http - host: - name: ${_param:nginx_proxy_openstack_api_host} - port: 8181 nginx_proxy_opendaylight_rest: enabled: true type: nginx_proxy @@ -33,8 +21,8 @@ parameters: check: false proxy: host: ${_param:opendaylight_service_host} - port: 8282 + port: ${_param:opendaylight_rest_port} protocol: http host: name: ${_param:nginx_proxy_openstack_api_host} - port: 8282 + port: ${_param:opendaylight_rest_port} diff --git a/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/telemetry.yml b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/telemetry.yml new file mode 100644 index 000000000..52469b09a --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-ha/openstack/telemetry.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_telemetry + - cluster.mcp-odl-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-odl-noha/infra/config.yml.j2 index 8e38ff81d..9b84a84b7 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/infra/config.yml +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/infra/config.yml.j2 @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -9,8 +9,9 @@ classes: - system.reclass.storage.system.opendaylight_control_single - system.reclass.storage.system.openstack_gateway_single - - cluster.virtual-mcp-pike-common-noha.infra.config - - cluster.virtual-mcp-pike-odl-noha + - cluster.mcp-common-noha.infra.config + - cluster.mcp-odl-noha + - cluster.all-mcp-arch-common.infra.config_pdf parameters: reclass: storage: @@ -19,9 +20,11 @@ parameters: classes: - cluster.${_param:cluster_name}.opendaylight.control params: - linux_system_codename: xenial + linux_system_codename: bionic single_address: ${_param:opendaylight_service_host} + pxe_admin_address: ${_param:opnfv_opendaylight_server_node01_pxe_admin_address} openstack_gateway_node01: params: - tenant_address: 10.1.0.110 - external_address: 10.16.0.110 + tenant_address: ${_param:opnfv_openstack_gateway_node01_tenant_address} + external_address: ${_param:opnfv_openstack_gateway_node01_external_address} + pxe_admin_address: ${_param:opnfv_openstack_gateway_node01_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-odl-noha/infra/init.yml index 5a79adddf..a80228ccd 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/infra/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,8 +7,8 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-common-noha.infra + - cluster.mcp-common-noha.infra parameters: _param: - cluster_name: virtual-mcp-pike-ovn-noha + cluster_name: mcp-odl-noha diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-odl-noha/infra/maas.yml new file mode 100644 index 000000000..b91ba2c33 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-odl-noha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/init.yml b/mcp/reclass/classes/cluster/mcp-odl-noha/init.yml new file mode 100644 index 000000000..64b2a16f9 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/init.yml @@ -0,0 +1,16 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.init_options + - cluster.mcp-odl-noha.infra + - cluster.mcp-odl-noha.openstack + +parameters: + _param: + opendaylight_service_host: ${_param:opnfv_opendaylight_server_node01_address} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/opendaylight/control.yml b/mcp/reclass/classes/cluster/mcp-odl-noha/opendaylight/control.yml.j2 index 50eb342e5..c3d0d187d 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/opendaylight/control.yml +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/opendaylight/control.yml.j2 @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,24 +7,27 @@ ############################################################################## --- classes: - - system.opendaylight.server.single - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-odl-ha + - service.opendaylight.server.single + - service.quagga.server.single + - cluster.all-mcp-arch-common.backports + - cluster.mcp-odl-noha + - cluster.mcp-odl-noha.opendaylight.control_pdf parameters: - _param: - linux_system_codename: xenial opendaylight: server: odl_bind_ip: ${_param:single_address} - odl_rest_port: 8282 + odl_rest_port: ${_param:opendaylight_rest_port} java_min_mem: 4g java_max_mem: 4g router_enabled: true + netvirt_natservice: + nat_mode: conntrack karaf_features: odl_default: - odl-restconf-all - odl-aaa-authn - - odl-dlux-all - - odl-mdsal-apidocs netvirt: - odl-netvirt-openstack +{%- if '-sfc-' in conf.MCP_DEPLOY_SCENARIO %} + - odl-netvirt-sfc +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/opendaylight/control_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-noha/opendaylight/control_pdf.yml.j2 new file mode 100644 index 000000000..b21131dfe --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/opendaylight/control_pdf.yml.j2 @@ -0,0 +1,63 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.ctl01.nic_mgmt: True } %} +{%- set vlans = { nm.vlan_mgmt: nm.ctl01.nic_mgmt } %} +{%- if '-bgpvpn-' in conf.MCP_DEPLOY_SCENARIO %} + {%- do nics.update({nm.ctl01.nic_public: True}) %} + {%- do vlans.update({nm.vlan_public: nm.ctl01.nic_public}) %} +{%- endif %} +--- +parameters: + linux: + network: + interface: + pxe_admin_int: + enabled: true + name: {{ nm.ctl01.nic_admin }} + proto: static + type: eth + address: ${_param:pxe_admin_address} + netmask: ${_param:opnfv_net_admin_mask} + mtu: ${_param:interface_mtu} + noifupdown: true + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} +{%- if '-bgpvpn-' in conf.MCP_DEPLOY_SCENARIO %} + br-ext: + enabled: true + type: bridge + proto: static + address: ${_param:opnfv_opendaylight_server_external_address} + netmask: ${_param:opnfv_net_public_mask} + mtu: ${_param:interface_mtu} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} + noifupdown: true +{%- endif %} + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.ctl01.nic_admin in nics %} + {%- do nics.pop(nm.ctl01.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-ctl: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: ${_param:opnfv_net_mgmt_mask} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_mgmt, nm.vlan_mgmt) }} diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2 new file mode 100644 index 000000000..44ebb86b1 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2 @@ -0,0 +1,125 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +--- +classes: + - service.neutron.compute.single + - service.neutron.compute.opendaylight.single +{%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO %} + - system.nova.compute.nfv.hugepages + - system.neutron.compute.nfv.dpdk +{%- endif %} + - cluster.mcp-common-noha.openstack_compute + - cluster.mcp-odl-noha +parameters: + nova: + compute: + vif_plugging_is_fatal: false + vif_plugging_timeout: 60 + neutron: + compute: + opendaylight: + ovsdb_server_iface: ptcp:6640:127.0.0.1 + linux: + network: + ovs_nowait: false + interface: +{%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO %} + dpdk0: + name: ${_param:dpdk0_name} + pci: ${_param:dpdk0_pci} + driver: ${_param:dpdk0_driver} + enabled: true + bridge: br-prv + type: dpdk_ovs_port + n_rxq: ${_param:dpdk0_n_rxq} + mtu: ${_param:interface_mtu} + br-prv: + enabled: true + type: dpdk_ovs_bridge + proto: static + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + {{ nm.cmp001.nic_private }}: + type: dpdk # Not a meaningful type, just match 'dpdk' for filtering + +{%- set nics = { nm.cmp001.nic_public: True } %} +{%- set vlans = { nm.vlan_public: nm.cmp001.nic_public } %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-floating: + enabled: true + type: ovs_bridge + datapath_type: netdev + use_interfaces: + - float-to-ex + float-to-ex: + enabled: true + type: ovs_port + mtu: ${_param:interface_mtu} + bridge: br-floating + ovs_bridge: br-floating + noifupdown: true + br-ex: + enabled: true + type: bridge + address: ${_param:external_address} + netmask: ${_param:opnfv_net_public_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} + use_ovs_ports: + - float-to-ex + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + noifupdown: true +{%- else %} + br-mesh: + enabled: true + type: bridge + proto: static + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }} + {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}: + enabled: true + mtu: ${_param:interface_mtu} + proto: manual + ovs_port_type: OVSPort + type: ovs_port + ovs_bridge: br-floating + bridge: br-floating + br-floating: + enabled: true + type: ovs_bridge + proto: static + address: ${_param:external_address} + netmask: ${_param:opnfv_net_public_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + noifupdown: true +{%- endif %} + system: + file: + /var/tmp/odl_hostconfig.patch: + contents: | + 420c420 + < if datapath_types.find(datapath_type) >= 0) + --- + > if datapath_type in datapath_types) + 460c460 + < return subprocess.check_output(command_line).strip() # nosec + --- + > return subprocess.check_output(command_line).strip().decode() # nosec diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/control.yml index ede9d4c5d..4b0beb5be 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/control.yml +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/control.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,35 +8,33 @@ --- classes: - system.neutron.control.opendaylight.single - - cluster.virtual-mcp-pike-common-noha.openstack_control - - cluster.virtual-mcp-pike-odl-noha + - cluster.mcp-common-noha.openstack_control + - cluster.mcp-odl-noha parameters: - neutron: - server: - backend: - router: ${_param:opendaylight_router} haproxy: proxy: listen: - opendaylight-web: - type: general-service - service_name: opendaylight - binds: - - address: ${_param:cluster_vip_address} - port: 8181 - servers: - - name: odl01 - host: ${_param:opendaylight_service_host} - port: 8181 - params: ${_param:haproxy_check} opendaylight-rest: type: general-service service_name: opendaylight binds: - address: ${_param:cluster_vip_address} - port: 8282 + port: ${_param:opendaylight_rest_port} servers: - name: odl01 host: ${_param:opendaylight_service_host} - port: 8282 + port: ${_param:opendaylight_rest_port} params: ${_param:haproxy_check} + keystone: + server: + openrc_extra: + # For noHA, all public services are available through haproxy on ctl + sdn_controller_ip: ${_param:cluster_vip_address} + sdn_controller_user: admin # Hardcoded to default ODL values for now + sdn_controller_password: ${_param:opendaylight_password} + sdn_controller_webport: ${_param:opendaylight_rest_port} + sdn_controller_restconfport: ${_param:opendaylight_rest_port} + neutron: + server: + backend: + password: ${_param:opendaylight_password} diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2 new file mode 100644 index 000000000..946cdda03 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2 @@ -0,0 +1,57 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +--- +classes: + - cluster.mcp-common-noha.openstack_gateway + - service.neutron.gateway.opendaylight.single + - cluster.mcp-odl-noha +parameters: + linux: + network: + interface: +{%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO %} + {{ nm.ctl01.nic_private }}: + ovs_port_type: OVSPort + type: ovs_port + bridge: br-prv + ovs_bridge: br-prv + br-prv: + enabled: true + type: ovs_bridge + mtu: ${_param:interface_mtu} + proto: static + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + use_interfaces: + - {{ nm.ctl01.nic_private }} +{%- else %} + br-mesh: + enabled: true + type: bridge + mtu: ${_param:interface_mtu} + proto: static + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + use_interfaces: + - {{ ma.interface_str(nm.ctl01.nic_private, vlan_private_start) }} +{%- endif %} + system: + file: + /var/tmp/odl_hostconfig.patch: + contents: | + 420c420 + < if datapath_types.find(datapath_type) >= 0) + --- + > if datapath_type in datapath_types) + 460c460 + < return subprocess.check_output(command_line).strip() # nosec + --- + > return subprocess.check_output(command_line).strip().decode() # nosec diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/init.yml b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/init.yml index cbf4e692e..87c41b048 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/init.yml +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,16 +7,17 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-common-noha.openstack_init + - cluster.mcp-common-noha.openstack_init parameters: _param: neutron_tenant_network_types: "flat,vxlan" opendaylight_router: odl-router_v2 + opendaylight_rest_port: 8282 linux: network: host: odl01: - address: 172.16.10.111 + address: ${_param:opnfv_opendaylight_server_node01_address} names: - odl01 - odl01.${_param:cluster_domain} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/config.yml index 1a55d7807..6cfca4f78 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/config.yml +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/config.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,5 +7,6 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-common-ha.infra.config - - cluster.baremetal-mcp-pike-ovs-ha.infra + - cluster.mcp-common-ha.infra.config + - cluster.mcp-ovn-ha.infra + - cluster.all-mcp-arch-common.infra.config_pdf diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/init.yml new file mode 100644 index 000000000..198e460de --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/init.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.infra + - cluster.mcp-ovn-ha.openstack +parameters: + _param: + cluster_name: mcp-ovn-ha diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/init_vcp.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/init_vcp.yml.j2 new file mode 100644 index 000000000..d62335703 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/init_vcp.yml.j2 @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- if conf.MCP_VCP %} +classes: + - cluster.mcp-ovn-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/kvm.yml.j2 new file mode 100644 index 000000000..1e6ed8554 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/kvm.yml.j2 @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- if conf.MCP_VCP %} +# NOTE(armband): we don't want to pull in salt.control for novcp +classes: + - cluster.mcp-common-ha.infra.kvm + - cluster.mcp-ovn-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/maas.yml new file mode 100644 index 000000000..5007749d1 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovn-ha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/init.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/init.yml index ab450e045..a8cb4d8f8 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,5 +8,5 @@ --- classes: - cluster.all-mcp-arch-common - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.openstack + - cluster.mcp-ovn-ha.infra + - cluster.mcp-ovn-ha.openstack diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/compute.yml index 014c57ffa..9af431b9a 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-odl-ha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/compute.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,8 +7,11 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-common-ha.infra - - cluster.baremetal-mcp-pike-odl-ha.openstack + - service.neutron.compute.ovn.single + - cluster.mcp-common-ha.openstack_compute + - cluster.mcp-ovn-ha.openstack.compute_pdf + - cluster.mcp-ovn-ha.infra parameters: - _param: - cluster_name: baremetal-mcp-pike-odl-ha + neutron: + gateway: + ~message_queue: ~ diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/compute_pdf.yml.j2 new file mode 100644 index 000000000..f3844ad8c --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/compute_pdf.yml.j2 @@ -0,0 +1,36 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.cmp001.nic_private: True } %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +{%- set vlans = { vlan_private_start: nm.cmp001.nic_private } %} +--- +parameters: + linux: + network: + interface: + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.cmp001.nic_admin in nics %} + {%- do nics.pop(nm.cmp001.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-mesh: + enabled: true + type: bridge + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + mtu: 1500 + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }} diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/control.yml new file mode 100644 index 000000000..94ca6ebb8 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/control.yml @@ -0,0 +1,53 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.neutron.control.cluster + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_control + - cluster.mcp-ovn-ha.infra +parameters: + _param: + neutron_control_dvr: "False" + neutron_l3_ha: "False" + neutron_global_physnet_mtu: 1500 + neutron_external_mtu: 1500 + neutron_enable_qos: "False" + neutron_enable_vlan_aware_vms: "False" + neutron: + server: + global_physnet_mtu: ${_param:neutron_global_physnet_mtu} + l3_ha: ${_param:neutron_l3_ha} + dvr: ${_param:neutron_control_dvr} + qos: ${_param:neutron_enable_qos} + vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms} + backend: + engine: ovn + tenant_network_types: "${_param:neutron_tenant_network_types}" + external_mtu: ${_param:neutron_external_mtu} + mechanism: + ovn: + driver: ovn + ovn: + metadata_enabled: true + compute: + region: ${_param:openstack_region} + database: + host: ${_param:opnfv_openstack_database_address} + identity: + region: ${_param:openstack_region} + message_queue: + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + ovn_ctl_opts: + db-nb-create-insecure-remote: 'yes' + db-sb-create-insecure-remote: 'yes' + db-nb-addr: ${_param:cluster_vip_address} + db-sb-addr: ${_param:cluster_vip_address} diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/database.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/database.yml new file mode 100644 index 000000000..f0e96daa6 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/database.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_database + - cluster.mcp-ovn-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/init.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/init.yml new file mode 100644 index 000000000..737af52e3 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/init.yml @@ -0,0 +1,13 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_init +parameters: + _param: + neutron_tenant_network_types: "geneve,flat" diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/message_queue.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/message_queue.yml new file mode 100644 index 000000000..9b2f5c1c0 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/message_queue.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_message_queue + - cluster.mcp-ovn-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/proxy.yml new file mode 100644 index 000000000..3979af548 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/proxy.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_triport + - cluster.mcp-common-ha.openstack_proxy + - cluster.mcp-ovn-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/telemetry.yml b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/telemetry.yml new file mode 100644 index 000000000..aee142c43 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-ha/openstack/telemetry.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_telemetry + - cluster.mcp-ovn-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-ovn-noha/infra/config.yml index 4d0a77241..05f289b3a 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/infra/config.yml +++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/infra/config.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,5 +7,5 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-common-noha.infra.config - - cluster.virtual-mcp-pike-ovn-noha + - cluster.mcp-common-noha.infra.config + - cluster.mcp-ovn-noha diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-ovn-noha/infra/init.yml index 2cf01eeec..229ebb5e5 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/infra/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,8 +7,8 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-common-noha.infra + - cluster.mcp-common-noha.infra parameters: _param: - cluster_name: virtual-mcp-pike-odl-noha + cluster_name: mcp-ovn-noha diff --git a/mcp/reclass/classes/cluster/mcp-ovn-noha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-ovn-noha/infra/maas.yml new file mode 100644 index 000000000..359ef36bb --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovn-noha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/mcp-ovn-noha/init.yml b/mcp/reclass/classes/cluster/mcp-ovn-noha/init.yml new file mode 100644 index 000000000..82f4632bd --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/init.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.init_options + - cluster.mcp-ovn-noha.infra + - cluster.mcp-ovn-noha.openstack diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/openstack/compute.yml b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2 index a08c65217..ec6a1e7d3 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/openstack/compute.yml +++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2 @@ -1,49 +1,51 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} --- classes: - service.neutron.compute.ovn.single - - cluster.virtual-mcp-pike-common-noha.openstack_compute - - cluster.virtual-mcp-pike-ovn-noha + - cluster.mcp-common-noha.openstack_compute + - cluster.mcp-ovn-noha parameters: + neutron: + compute: + controller_vip: ${_param:cluster_local_address} + ~message_queue: ~ linux: network: interface: - external_interface: + {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}: enabled: true - name: ${_param:external_interface} mtu: ${_param:interface_mtu} proto: manual - type: eth + ovs_port_type: OVSPort + type: ovs_port + ovs_bridge: br-floating + bridge: br-floating br-mesh: enabled: true type: bridge proto: static address: ${_param:tenant_address} - netmask: 255.255.255.0 + netmask: ${_param:opnfv_net_private_mask} use_interfaces: - - ${_param:tenant_interface} + - {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }} br-floating: enabled: true type: ovs_bridge mtu: ${_param:interface_mtu} - float-to-ex: - enabled: true - type: ovs_port - mtu: ${_param:interface_mtu} - bridge: br-floating - br-ex: - enabled: true - type: bridge - mtu: ${_param:interface_mtu} + proto: static address: ${_param:external_address} - netmask: 255.255.255.0 + netmask: ${_param:opnfv_net_public_mask} use_interfaces: - - ${_param:external_interface} - use_ovs_ports: - - float-to-ex + - {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} + gateway: ${_param:opnfv_net_public_gw} + name_servers: {{ nm.dns_public }} + noifupdown: true diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/control.yml index 59c000746..f99a460bd 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/openstack/control.yml +++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/control.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,5 +8,11 @@ --- classes: - system.neutron.control.ovn.single - - cluster.virtual-mcp-pike-common-noha.openstack_control - - cluster.virtual-mcp-pike-ovn-noha + - cluster.mcp-common-noha.openstack_control + - cluster.mcp-ovn-noha +parameters: + neutron: + server: + backend: + ovn: + metadata_enabled: true diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/openstack/init.yml b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/init.yml index 8ae660706..cba6b7741 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/openstack/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,4 +7,4 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-common-noha.openstack_init + - cluster.mcp-common-noha.openstack_init diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/config.yml new file mode 100644 index 000000000..8c175712a --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/config.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.infra.config + - cluster.mcp-ovs-dpdk-ha.infra + - cluster.all-mcp-arch-common.infra.config_pdf diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/init.yml index e3dd53629..b3745b524 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,11 +7,11 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-common-ha.infra - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.openstack + - cluster.mcp-common-ha.infra + - cluster.mcp-ovs-dpdk-ha.openstack parameters: _param: - cluster_name: baremetal-mcp-pike-ovs-dpdk-ha + cluster_name: mcp-ovs-dpdk-ha linux: system: service: diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/init_vcp.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/init_vcp.yml.j2 new file mode 100644 index 000000000..f1636affe --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/init_vcp.yml.j2 @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- if conf.MCP_VCP %} +classes: + - cluster.mcp-ovs-dpdk-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/kvm.yml.j2 new file mode 100644 index 000000000..54c3a94a9 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/kvm.yml.j2 @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- if conf.MCP_VCP %} +# NOTE(armband): we don't want to pull in salt.control for novcp +classes: + - cluster.mcp-common-ha.infra.kvm + - cluster.mcp-ovs-dpdk-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/maas.yml new file mode 100644 index 000000000..2187ba78f --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovs-dpdk-ha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/init.yml index 28dcdcd5b..e32a7cfea 100644 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/opnfv/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,5 +7,6 @@ ############################################################################## --- classes: - - cluster.all-mcp-arch-common.opnfv.runtime - - cluster.all-mcp-arch-common.opnfv.pod_config + - cluster.all-mcp-arch-common + - cluster.mcp-ovs-dpdk-ha.infra + - cluster.mcp-ovs-dpdk-ha.openstack diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/compute.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/compute.yml new file mode 100644 index 000000000..52e63dfd6 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/compute.yml @@ -0,0 +1,24 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_compute + - cluster.mcp-ovs-dpdk-ha.infra + - cluster.mcp-ovs-dpdk-ha.openstack.compute_pdf + - system.neutron.compute.nfv.dpdk +parameters: + neutron: + gateway: + dpdk: 'True' + vhost_socket_dir: ${_param:compute_ovs_vhost_socket_dir} + backend: + tenant_vlan_range: ${_param:neutron_tenant_vlan_range} + linux: + system: + kernel: + isolcpu: ${_param:compute_kernel_isolcpu} diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/compute.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/compute_pdf.yml.j2 index cfe92020d..cf9a0b302 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/compute.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/compute_pdf.yml.j2 @@ -1,42 +1,27 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- -classes: - - cluster.baremetal-mcp-pike-common-ha.openstack_compute - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra - - system.neutron.compute.nfv.dpdk parameters: - neutron: - gateway: - dpdk: 'True' - vhost_socket_dir: ${_param:compute_ovs_vhost_socket_dir} - backend: - tenant_vlan_range: ${_param:neutron_tenant_vlan_range} - nova: - compute: - libvirt_service: libvirtd - libvirt_bin: /etc/default/libvirtd linux: network: - dpdk_pkgs: - - dpdk - - dpdk-dev - - dpdk-igb-uio-dkms - - dpdk-rte-kni-dkms + ovs_nowait: true interface: dpdk0: name: ${_param:dpdk0_name} pci: ${_param:dpdk0_pci} - driver: igb_uio + driver: ${_param:dpdk0_driver} enabled: true bridge: br-prv type: dpdk_ovs_port - n_rxq: 2 + n_rxq: ${_param:dpdk0_n_rxq} br-prv: enabled: true type: dpdk_ovs_bridge + br-floating: + datapath_type: netdev diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/control.yml index 82db9be87..fdcec3541 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-dpdk-ha/openstack/control.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/control.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,9 +8,9 @@ --- classes: - system.neutron.control.openvswitch.cluster - - cluster.baremetal-mcp-pike-common-ha.openstack_interface_vcp_biport - - cluster.baremetal-mcp-pike-common-ha.openstack_control - - cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_control + - cluster.mcp-ovs-dpdk-ha.infra parameters: neutron: server: diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/database.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/database.yml new file mode 100644 index 000000000..0402a6fb4 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/database.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_database + - cluster.mcp-ovs-dpdk-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/init.yml index 2f62c0165..23921fa9d 100644 --- a/mcp/reclass/classes/cluster/baremetal-mcp-pike-ovs-ha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,8 +7,8 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-common-ha.infra - - cluster.baremetal-mcp-pike-ovs-ha.openstack + - cluster.mcp-common-ha.openstack_init parameters: _param: - cluster_name: baremetal-mcp-pike-ovs-ha + neutron_tenant_network_types: "flat,vlan" + neutron_tenant_vlan_range: ${_param:opnfv_net_tenant_vlan} diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/message_queue.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/message_queue.yml new file mode 100644 index 000000000..67107953f --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/message_queue.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_message_queue + - cluster.mcp-ovs-dpdk-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/proxy.yml new file mode 100644 index 000000000..7da362666 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/proxy.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_triport + - cluster.mcp-common-ha.openstack_proxy + - cluster.mcp-ovs-dpdk-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/telemetry.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/telemetry.yml new file mode 100644 index 000000000..1c5406ea6 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-ha/openstack/telemetry.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_telemetry + - cluster.mcp-ovs-dpdk-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/infra/config.yml index e80c442ef..721eba56c 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/infra/config.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/infra/config.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,21 +8,15 @@ --- classes: - system.reclass.storage.system.openstack_gateway_single - - cluster.virtual-mcp-pike-common-noha.infra.config - - cluster.virtual-mcp-pike-ovs-dpdk-noha + - cluster.mcp-common-noha.infra.config + - cluster.mcp-ovs-dpdk-noha + - cluster.all-mcp-arch-common.infra.config_pdf parameters: reclass: storage: node: - openstack_compute_node01: - params: - dpdk0_name: ${_param:opnfv_fn_vm_tertiary_interface} - dpdk0_pci: '"0000:00:05.0"' - openstack_compute_node02: - params: - dpdk0_name: ${_param:opnfv_fn_vm_tertiary_interface} - dpdk0_pci: '"0000:00:05.0"' openstack_gateway_node01: params: - tenant_address: 10.1.0.110 - external_address: 10.16.0.110 + tenant_address: ${_param:opnfv_openstack_gateway_node01_tenant_address} + external_address: ${_param:opnfv_openstack_gateway_node01_external_address} + pxe_admin_address: ${_param:opnfv_openstack_gateway_node01_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/infra/init.yml index 50676fc2c..f27c310ac 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/infra/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/infra/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,8 +7,8 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-common-noha.infra + - cluster.mcp-common-noha.infra parameters: _param: - cluster_name: virtual-mcp-pike-ovs-dpdk-noha + cluster_name: mcp-ovs-dpdk-noha diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/infra/maas.yml new file mode 100644 index 000000000..49d214304 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovs-dpdk-noha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/init.yml new file mode 100644 index 000000000..35c3e7655 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/init.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.init_options + - cluster.mcp-ovs-dpdk-noha.infra + - cluster.mcp-ovs-dpdk-noha.openstack diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/compute.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/compute.yml.j2 index 819fa5efa..25fc82624 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/compute.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/compute.yml.j2 @@ -1,17 +1,18 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- classes: - system.nova.compute.nfv.hugepages - system.neutron.compute.nfv.dpdk - service.neutron.compute.single - - cluster.virtual-mcp-pike-common-noha.openstack_compute - - cluster.virtual-mcp-pike-ovs-dpdk-noha + - cluster.mcp-common-noha.openstack_compute + - cluster.mcp-ovs-dpdk-noha parameters: neutron: compute: @@ -19,20 +20,23 @@ parameters: tenant_network_types: ${_param:neutron_tenant_network_types} linux: network: - dpdk_pkgs: - - dpdk - - dpdk-dev - - dpdk-igb-uio-dkms - - dpdk-rte-kni-dkms interface: + pxe_admin_int: + # For scenarios without public network on cmp, set admin gw + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} dpdk0: name: ${_param:dpdk0_name} pci: ${_param:dpdk0_pci} - driver: igb_uio + driver: ${_param:dpdk0_driver} enabled: true bridge: br-prv type: dpdk_ovs_port - n_rxq: 2 + n_rxq: ${_param:dpdk0_n_rxq} + mtu: ${_param:interface_mtu} br-prv: enabled: true type: dpdk_ovs_bridge + {{ nm.cmp001.nic_private }}: + type: dpdk # Not a meaningful type, just match 'dpdk' for filtering diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/control.yml index 4dbaae829..bbd4d7cc2 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/control.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/control.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,10 +8,10 @@ --- classes: - system.neutron.control.openvswitch.single - - cluster.virtual-mcp-pike-common-noha.openstack_control - - cluster.virtual-mcp-pike-ovs-dpdk-noha + - cluster.mcp-common-noha.openstack_control + - cluster.mcp-ovs-dpdk-noha parameters: neutron: server: backend: - tenant_vlan_range: 1000:1999 + tenant_vlan_range: ${_param:opnfv_net_tenant_vlan} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/gateway.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2 index ec943a857..c45b75569 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/gateway.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2 @@ -1,15 +1,16 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} --- classes: - - cluster.virtual-mcp-pike-common-noha.openstack_gateway + - cluster.mcp-common-noha.openstack_gateway - service.neutron.gateway.single - - cluster.virtual-mcp-pike-ovs-dpdk-noha + - cluster.mcp-ovs-dpdk-noha parameters: neutron: gateway: @@ -18,9 +19,14 @@ parameters: linux: network: interface: - tenant_interface: + {{ nm.ctl01.nic_private }}: + ovs_port_type: OVSPort + type: ovs_port + bridge: br-prv ovs_bridge: br-prv br-prv: enabled: true type: ovs_bridge mtu: ${_param:interface_mtu} + use_interfaces: + - {{ nm.ctl01.nic_private }} diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/init.yml new file mode 100644 index 000000000..835d15a41 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/init.yml @@ -0,0 +1,13 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.openstack_init +parameters: + _param: + neutron_tenant_network_types: "flat,vlan" diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/config.yml new file mode 100644 index 000000000..8e5551d48 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/config.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.infra.config + - cluster.mcp-ovs-ha.infra + - cluster.all-mcp-arch-common.infra.config_pdf diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/init.yml new file mode 100644 index 000000000..b423ac134 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/init.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.infra + - cluster.mcp-ovs-ha.openstack +parameters: + _param: + cluster_name: mcp-ovs-ha diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/init_vcp.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/init_vcp.yml.j2 new file mode 100644 index 000000000..239c9a725 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/init_vcp.yml.j2 @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- if conf.MCP_VCP %} +classes: + - cluster.mcp-ovs-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/kvm.yml.j2 new file mode 100644 index 000000000..238c0cbab --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/kvm.yml.j2 @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +{%- if conf.MCP_VCP %} +# NOTE(armband): we don't want to pull in salt.control for novcp +classes: + - cluster.mcp-common-ha.infra.kvm + - cluster.mcp-ovs-ha.infra +{%- endif %} diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/maas.yml new file mode 100644 index 000000000..154675f79 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovs-ha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/init.yml new file mode 100644 index 000000000..73f4ea6dd --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/init.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.all-mcp-arch-common + - cluster.mcp-ovs-ha.infra + - cluster.mcp-ovs-ha.openstack diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/compute.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/compute.yml new file mode 100644 index 000000000..2507f2bae --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/compute.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_compute + - cluster.mcp-ovs-ha.openstack.compute_pdf + - cluster.mcp-ovs-ha.infra diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/compute_pdf.yml.j2 new file mode 100644 index 000000000..f3844ad8c --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/compute_pdf.yml.j2 @@ -0,0 +1,36 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- Filter-out NIC duplicates by constructing a dict (used NICs only) #} +{%- set nics = { nm.cmp001.nic_private: True } %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +{%- set vlans = { vlan_private_start: nm.cmp001.nic_private } %} +--- +parameters: + linux: + network: + interface: + +{#- prevent duplicates for tagged mgmt on the same physical interface as PXE/admin #} +{%- if nm.cmp001.nic_admin in nics %} + {%- do nics.pop(nm.cmp001.nic_admin) %} +{%- endif %} + +{{ ma.linux_network_interfaces_nic(nics) }} + +{{ ma.linux_network_interfaces_vlan(vlans) }} + + br-mesh: + enabled: true + type: bridge + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + mtu: 1500 + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/control.yml index 4e03c4b7e..47257e0ff 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/control.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/control.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,6 +7,7 @@ ############################################################################## --- classes: - - system.neutron.control.openvswitch.single - - cluster.virtual-mcp-pike-common-noha.openstack_control - - cluster.virtual-mcp-pike-ovs-noha + - system.neutron.control.openvswitch.cluster + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_control + - cluster.mcp-ovs-ha.infra diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/database.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/database.yml new file mode 100644 index 000000000..c0002d9c1 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/database.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_database + - cluster.mcp-ovs-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/init.yml index 19126f89d..9dbfd59a1 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/init.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/init.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -7,7 +7,7 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-common-noha.openstack_init + - cluster.mcp-common-ha.openstack_init parameters: _param: neutron_tenant_network_types: "flat,vxlan" diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/message_queue.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/message_queue.yml new file mode 100644 index 000000000..3fe3c0eaa --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/message_queue.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_message_queue + - cluster.mcp-ovs-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/proxy.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/proxy.yml new file mode 100644 index 000000000..27120ffe3 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/proxy.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_triport + - cluster.mcp-common-ha.openstack_proxy + - cluster.mcp-ovs-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/telemetry.yml b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/telemetry.yml new file mode 100644 index 000000000..161eb9f1e --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-ha/openstack/telemetry.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-ha.openstack_interface_vcp_biport + - cluster.mcp-common-ha.openstack_telemetry + - cluster.mcp-ovs-ha.infra.init_vcp diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/infra/config.yml b/mcp/reclass/classes/cluster/mcp-ovs-noha/infra/config.yml index 66c246859..cd8a9e4ad 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/infra/config.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-noha/infra/config.yml @@ -1,5 +1,5 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -8,13 +8,15 @@ --- classes: - system.reclass.storage.system.openstack_gateway_single - - cluster.virtual-mcp-pike-common-noha.infra.config - - cluster.virtual-mcp-pike-ovs-noha + - cluster.mcp-common-noha.infra.config + - cluster.mcp-ovs-noha + - cluster.all-mcp-arch-common.infra.config_pdf parameters: reclass: storage: node: openstack_gateway_node01: params: - tenant_address: 10.1.0.110 - external_address: 10.16.0.110 + tenant_address: ${_param:opnfv_openstack_gateway_node01_tenant_address} + external_address: ${_param:opnfv_openstack_gateway_node01_external_address} + pxe_admin_address: ${_param:opnfv_openstack_gateway_node01_pxe_admin_address} diff --git a/mcp/reclass/classes/cluster/mcp-ovs-noha/infra/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-noha/infra/init.yml new file mode 100644 index 000000000..564061762 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-noha/infra/init.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.infra + +parameters: + _param: + cluster_name: mcp-ovs-noha diff --git a/mcp/reclass/classes/cluster/mcp-ovs-noha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-ovs-noha/infra/maas.yml new file mode 100644 index 000000000..0d54d3be1 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-noha/infra/maas.yml @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovs-noha.infra + - cluster.all-mcp-arch-common.infra.maas diff --git a/mcp/reclass/classes/cluster/mcp-ovs-noha/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-noha/init.yml new file mode 100644 index 000000000..24de77a24 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-noha/init.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.init_options + - cluster.mcp-ovs-noha.infra + - cluster.mcp-ovs-noha.openstack diff --git a/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/compute.yml.j2 new file mode 100644 index 000000000..2707c7f5e --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/compute.yml.j2 @@ -0,0 +1,37 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} +--- +classes: + - service.neutron.compute.single + - system.nova.compute.nfv.hugepages + - cluster.mcp-common-noha.openstack_compute + - cluster.mcp-ovs-noha +parameters: + linux: + network: + interface: + pxe_admin_int: + # For scenarios without public network on cmp, set admin gw + gateway: {{ nm.net_admin_gw }} + name_servers: + - {{ nm.net_admin_gw }} + br-mesh: + enabled: true + type: bridge + proto: static + address: ${_param:tenant_address} + netmask: ${_param:opnfv_net_private_mask} + use_interfaces: + - {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }} + system: + package: + cgroup-tools: + version: latest diff --git a/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/control.yml b/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/control.yml new file mode 100644 index 000000000..dd0245344 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/control.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - system.neutron.control.openvswitch.single + - cluster.mcp-common-noha.openstack_control + - cluster.mcp-ovs-noha +parameters: + nova: + controller: + scheduler_default_filters: "DifferentHostFilter,SameHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,\ + CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,\ + ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,NUMATopologyFilter" diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/gateway.yml b/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/gateway.yml.j2 index 0eec95cc4..685402da8 100644 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/gateway.yml +++ b/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/gateway.yml.j2 @@ -1,15 +1,18 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{%- set vlan_private_start = (nm.vlan_private | string).rsplit('-')[0] %} --- classes: - - cluster.virtual-mcp-pike-common-noha.openstack_gateway + - cluster.mcp-common-noha.openstack_gateway - service.neutron.gateway.single - - cluster.virtual-mcp-pike-ovs-noha + - cluster.mcp-ovs-noha parameters: linux: network: @@ -20,6 +23,6 @@ parameters: mtu: ${_param:interface_mtu} proto: static address: ${_param:tenant_address} - netmask: 255.255.255.0 + netmask: ${_param:opnfv_net_private_mask} use_interfaces: - - ${_param:tenant_interface} + - {{ ma.interface_str(nm.ctl01.nic_private, vlan_private_start) }} diff --git a/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/init.yml b/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/init.yml new file mode 100644 index 000000000..79e231825 --- /dev/null +++ b/mcp/reclass/classes/cluster/mcp-ovs-noha/openstack/init.yml @@ -0,0 +1,13 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-common-noha.openstack_init +parameters: + _param: + neutron_tenant_network_types: "flat,vxlan" diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml deleted file mode 100644 index 7e3a49491..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/config.yml +++ /dev/null @@ -1,69 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - service.git.client - - system.linux.system.single - - system.linux.system.repo.mcp.salt - - system.salt.master.api - - system.salt.master.pkg - - system.reclass.storage.salt - - system.salt.minion.ca.salt_master - - system.salt.minion.cert.proxy - - system.mysql.client.single - - system.reclass.storage.system.openstack_compute_multi -parameters: - _param: - openstack_control_node01_hostname: ctl01 - reclass_data_repository: local - reclass_config_master: ${_param:opnfv_salt_master_ip} - salt_master_environment_repository: "https://github.com/tcpcloud" - salt_master_environment_revision: master - single_address: 172.16.10.100 - salt_master_host: 127.0.0.1 - salt_master_base_environment: prd - salt_minion_ca_host: ${linux:network:fqdn} - # yamllint disable-line rule:line-length - salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1" - linux: - network: - interface: - single_int: - enabled: true - name: ${_param:opnfv_fn_vm_secondary_interface} - type: eth - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 - salt: - master: - file_recv: true - reclass: - storage: - data_source: - engine: local - node: - openstack_control_node01: - name: ${_param:openstack_control_node01_hostname} - domain: ${_param:cluster_domain} - classes: - - cluster.${_param:cluster_name}.openstack.control - params: - linux_system_codename: xenial - salt_master_host: ${_param:reclass_config_master} - single_address: ${_param:openstack_control_node01_address} - openstack_compute_node01: - params: - single_address: 172.16.10.105 - tenant_address: 10.1.0.105 - external_address: 10.16.0.105 - openstack_compute_node02: - params: - single_address: 172.16.10.106 - tenant_address: 10.1.0.106 - external_address: 10.16.0.106 diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/init.yml deleted file mode 100644 index 464048396..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/infra/init.yml +++ /dev/null @@ -1,29 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -parameters: - _param: - cluster_domain: ${_param:cluster_name}.local - linux: - system: - apt: - config: - prefer_ipv4: - Acquire::ForceIPv4: true - network: - host: - cfg01: - address: ${_param:infra_config_address} - names: - - cfg01 - - cfg01.${_param:cluster_domain} - cfg: - address: ${_param:infra_config_address} - names: - - cfg - - cfg.${_param:cluster_domain} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_control.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_control.yml deleted file mode 100644 index 98256745f..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_control.yml +++ /dev/null @@ -1,142 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.linux.system.lowmem - - service.nfs.server - - system.mongodb.server.single - - system.mongodb.server.database.ceilometer - - system.ceilometer.client - - system.ceilometer.client.neutron - - system.memcached.server.single - - system.rabbitmq.server.single - - system.rabbitmq.server.vhost.openstack - - system.keystone.server.wsgi - - system.keystone.server.single - - system.keystone.client.single - - system.keystone.client.service.nova21 - - system.keystone.client.service.nova-placement - - system.keystone.client.service.glare - - system.keystone.client.service.cinder3 - - system.keystone.client.service.ceilometer - - system.keystone.client.service.aodh - - system.glance.control.single - - system.nova.control.single - - system.cinder.control.single - - system.cinder.control.backend.lvm - - system.heat.server.single - - service.mysql.server.single - - system.galera.server.database.cinder - - system.galera.server.database.glance - - system.galera.server.database.grafana - - system.galera.server.database.heat - - system.galera.server.database.keystone - - system.galera.server.database.nova - - system.galera.server.database.ceilometer - - system.galera.server.database.aodh - - service.ceilometer.server.single - - system.aodh.server.single - - system.horizon.server.single - - service.haproxy.proxy.single - - cluster.virtual-mcp-pike-common-noha.haproxy_openstack_api -parameters: - _param: - linux_system_codename: xenial - linux: - system: - package: - python-msgpack: - version: latest - network: - interface: - single_int: - enabled: true - name: ${_param:opnfv_fn_vm_secondary_interface} - type: eth - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 - public_int: - enabled: true - name: ${_param:opnfv_fn_vm_quaternary_interface} - type: eth - proto: static - address: ${_param:cluster_public_host} - netmask: 255.255.255.0 - keystone: - server: - admin_email: ${_param:admin_email} - glance: - server: - storage: - engine: file - images: [] - workers: 1 - nova: - controller: - networking: dvr - cpu_allocation: 54 - metadata: - password: ${_param:metadata_password} - bind: - private_address: ${_param:cluster_local_address} - public_address: ${_param:cluster_vip_address} - novncproxy_port: 6080 - vncproxy_url: http://${_param:cluster_vip_address}:6080 - workers: 1 - pkgs: - - nova-api - - nova-conductor - - nova-consoleauth - - nova-novncproxy - - nova-scheduler - - python-novaclient - horizon: - server: - # yamllint disable-line rule:truthy - secure: False - heat: - server: - bind: - api_cfn: - address: ${_param:single_address} - api_cloudwatch: - address: ${_param:single_address} - mysql: - server: - version: '5.7' - bind: - address: ${_param:cluster_local_address} - key_buffer: 8 - max_allowed_packet: 128 - max_connections: 2048 - thread_stack: 512 - thread_cache_size: 12 - query_cache_limit: 2 - query_cache_size: 0 - mongodb: - server: - bind: - address: ${_param:cluster_local_address},127.0.0.1 - logging: - verbose: v - nfs: - server: - share: - nova_instances: - path: /srv/nova/instances - host: - nova: - host: ${_param:single_address}/24 - params: - - rw - - no_root_squash - - async - neutron: - server: - vlan_aware_vms: true diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_gateway.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_gateway.yml deleted file mode 100644 index 9822de7d3..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-common-noha/openstack_gateway.yml +++ /dev/null @@ -1,76 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -parameters: - _param: - primary_interface: ${_param:opnfv_fn_vm_secondary_interface} - tenant_interface: ${_param:opnfv_fn_vm_tertiary_interface} - external_interface: ${_param:opnfv_fn_vm_quaternary_interface} - interface_mtu: 9000 - linux_system_codename: xenial - neutron: - gateway: - notification: true - agent_mode: ${_param:neutron_gateway_agent_mode} - vlan_aware_vms: true - linux: - network: - bridge: openvswitch - interface: - dhcp_int: - enabled: true - name: ${_param:opnfv_fn_vm_primary_interface} - proto: dhcp - type: eth - mtu: ${_param:interface_mtu} - primary_interface: - enabled: true - name: ${_param:primary_interface} - mtu: ${_param:interface_mtu} - proto: manual - type: eth - tenant_interface: - enabled: true - name: ${_param:tenant_interface} - mtu: ${_param:interface_mtu} - proto: manual - type: eth - external_interface: - enabled: true - name: ${_param:external_interface} - mtu: ${_param:interface_mtu} - proto: manual - type: eth - br-floating: - enabled: true - type: ovs_bridge - mtu: ${_param:interface_mtu} - br-mgmt: - enabled: true - type: bridge - proto: static - address: ${_param:single_address} - netmask: 255.255.255.0 - mtu: ${_param:interface_mtu} - use_interfaces: - - ${_param:primary_interface} - float-to-ex: - enabled: true - type: ovs_port - mtu: ${_param:interface_mtu} - bridge: br-floating - br-ex: - enabled: true - type: bridge - mtu: ${_param:interface_mtu} - address: ${_param:external_address} - netmask: 255.255.255.0 - use_interfaces: - - ${_param:external_interface} - use_ovs_ports: - - float-to-ex diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/init.yml deleted file mode 100644 index 7575d89b8..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/init.yml +++ /dev/null @@ -1,18 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.linux.system.single - - cluster.all-mcp-arch-common - - cluster.virtual-mcp-pike-common-noha.init_options - - cluster.virtual-mcp-pike-odl-noha.infra - - cluster.virtual-mcp-pike-odl-noha.openstack - -parameters: - _param: - opendaylight_service_host: 172.16.10.111 diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/compute.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/compute.yml deleted file mode 100644 index 4c42b585b..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/compute.yml +++ /dev/null @@ -1,57 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - service.neutron.compute.single - - cluster.virtual-mcp-pike-common-noha.openstack_compute - - cluster.virtual-mcp-pike-odl-noha -parameters: - opendaylight: - client: - ovsdb_server_iface: ptcp:6639:127.0.0.1 - ovsdb_odl_iface: tcp:${_param:opendaylight_service_host}:6640 - tunnel_ip: ${_param:tenant_address} - provider_mappings: physnet1:br-floating - linux: - network: - gateway: ${_param:openstack_gateway_address} - interface: - external_interface: - enabled: true - name: ${_param:external_interface} - mtu: ${_param:interface_mtu} - proto: manual - type: eth - br-mesh: - enabled: true - type: bridge - proto: static - address: ${_param:tenant_address} - netmask: 255.255.255.0 - gateway: 10.1.0.110 - use_interfaces: - - ${_param:tenant_interface} - br-floating: - enabled: true - type: ovs_bridge - mtu: ${_param:interface_mtu} - float-to-ex: - enabled: true - type: ovs_port - mtu: ${_param:interface_mtu} - bridge: br-floating - br-ex: - enabled: true - type: bridge - mtu: ${_param:interface_mtu} - address: ${_param:external_address} - netmask: 255.255.255.0 - use_interfaces: - - ${_param:external_interface} - use_ovs_ports: - - float-to-ex diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/gateway.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/gateway.yml deleted file mode 100644 index 47d11cd5d..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-odl-noha/openstack/gateway.yml +++ /dev/null @@ -1,41 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.virtual-mcp-pike-common-noha.openstack_gateway - - system.neutron.gateway.opendaylight.single - - cluster.virtual-mcp-pike-odl-noha -parameters: - _param: - neutron_agents: - - neutron-dhcp-agent - - neutron-metadata-agent - neutron: - gateway: - pkgs: ${_param:neutron_agents} - services: ${_param:neutron_agents} - backend: - router: ${_param:opendaylight_router} - opendaylight: - client: - ovsdb_server_iface: ptcp:6639:127.0.0.1 - ovsdb_odl_iface: tcp:${_param:opendaylight_service_host}:6640 - tunnel_ip: ${_param:tenant_address} - provider_mappings: physnet1:br-floating - linux: - network: - interface: - br-mesh: - enabled: true - type: bridge - mtu: ${_param:interface_mtu} - proto: static - address: ${_param:tenant_address} - netmask: 255.255.255.0 - use_interfaces: - - ${_param:tenant_interface} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/init.yml deleted file mode 100644 index 0fd6fa790..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovn-noha/init.yml +++ /dev/null @@ -1,14 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.linux.system.single - - cluster.all-mcp-arch-common - - cluster.virtual-mcp-pike-common-noha.init_options - - cluster.virtual-mcp-pike-ovn-noha.infra - - cluster.virtual-mcp-pike-ovn-noha.openstack diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/init.yml deleted file mode 100644 index 07e3ef2ca..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/init.yml +++ /dev/null @@ -1,14 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.linux.system.single - - cluster.all-mcp-arch-common - - cluster.virtual-mcp-pike-common-noha.init_options - - cluster.virtual-mcp-pike-ovs-dpdk-noha.infra - - cluster.virtual-mcp-pike-ovs-dpdk-noha.openstack diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/init.yml deleted file mode 100644 index 5445a07ea..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-dpdk-noha/openstack/init.yml +++ /dev/null @@ -1,21 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.virtual-mcp-pike-common-noha.openstack_init -parameters: - _param: - neutron_tenant_network_types: "flat,vlan" - compute_hugepages_size: 2M - compute_hugepages_count: 2048 - compute_hugepages_mount: /mnt/hugepages_2M - compute_dpdk_driver: uio - compute_ovs_pmd_cpu_mask: "0x6" - compute_ovs_dpdk_socket_mem: "1024" - compute_ovs_dpdk_lcore_mask: "0x8" - compute_ovs_memory_channels: "2" diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/init.yml deleted file mode 100644 index b29ac95ca..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/init.yml +++ /dev/null @@ -1,14 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - system.linux.system.single - - cluster.all-mcp-arch-common - - cluster.virtual-mcp-pike-common-noha.init_options - - cluster.virtual-mcp-pike-ovs-noha.infra - - cluster.virtual-mcp-pike-ovs-noha.openstack diff --git a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/compute.yml b/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/compute.yml deleted file mode 100644 index 52edf879f..000000000 --- a/mcp/reclass/classes/cluster/virtual-mcp-pike-ovs-noha/openstack/compute.yml +++ /dev/null @@ -1,24 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - service.neutron.compute.single - - cluster.virtual-mcp-pike-common-noha.openstack_compute - - cluster.virtual-mcp-pike-ovs-noha -parameters: - linux: - network: - interface: - br-mesh: - enabled: true - type: bridge - proto: static - address: ${_param:tenant_address} - netmask: 255.255.255.0 - use_interfaces: - - ${_param:tenant_interface} diff --git a/mcp/reclass/classes/system b/mcp/reclass/classes/system -Subproject 4a5c3dec811bfdbbd7c3f9d20d53e4a95842f6b +Subproject 6176bde8f5a5e3b723149830242ada46c5126e3 diff --git a/mcp/reclass/nodes/cfg01.mcp-fdio-ha.local.yml b/mcp/reclass/nodes/cfg01.mcp-fdio-ha.local.yml new file mode 100644 index 000000000..8a17ec1ab --- /dev/null +++ b/mcp/reclass/nodes/cfg01.mcp-fdio-ha.local.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-fdio-ha.infra.config +parameters: + _param: + linux_system_codename: bionic + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: mcp-fdio-ha.local diff --git a/mcp/reclass/nodes/cfg01.baremetal-mcp-pike-odl-ha.local.yml b/mcp/reclass/nodes/cfg01.mcp-fdio-noha.local.yml index fb067f038..29bd93de7 100644 --- a/mcp/reclass/nodes/cfg01.baremetal-mcp-pike-odl-ha.local.yml +++ b/mcp/reclass/nodes/cfg01.mcp-fdio-noha.local.yml @@ -7,12 +7,12 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-odl-ha.infra.config + - cluster.mcp-fdio-noha.infra.config parameters: _param: - linux_system_codename: xenial + linux_system_codename: bionic reclass_data_revision: master linux: system: name: cfg01 - domain: baremetal-mcp-pike-odl-ha.local + domain: mcp-fdio-noha.local diff --git a/mcp/reclass/nodes/cfg01.mcp-iec-noha.local.yml b/mcp/reclass/nodes/cfg01.mcp-iec-noha.local.yml new file mode 100644 index 000000000..82f7b155e --- /dev/null +++ b/mcp/reclass/nodes/cfg01.mcp-iec-noha.local.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-iec-noha.infra.config +parameters: + _param: + linux_system_codename: bionic + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: mcp-iec-noha.local diff --git a/mcp/reclass/nodes/cfg01.mcp-k8s-calico-noha.local.yml b/mcp/reclass/nodes/cfg01.mcp-k8s-calico-noha.local.yml new file mode 100644 index 000000000..cd2fd1a57 --- /dev/null +++ b/mcp/reclass/nodes/cfg01.mcp-k8s-calico-noha.local.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-k8s-calico-noha.infra.config +parameters: + _param: + linux_system_codename: bionic + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: mcp-k8s-calico-noha.local diff --git a/mcp/reclass/nodes/cfg01.virtual-mcp-pike-ovn-noha.local.yml b/mcp/reclass/nodes/cfg01.mcp-odl-ha.local.yml index fb40f6545..f0d912e8b 100644 --- a/mcp/reclass/nodes/cfg01.virtual-mcp-pike-ovn-noha.local.yml +++ b/mcp/reclass/nodes/cfg01.mcp-odl-ha.local.yml @@ -7,12 +7,12 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-ovn-noha.infra.config + - cluster.mcp-odl-ha.infra.config parameters: _param: - linux_system_codename: xenial + linux_system_codename: bionic reclass_data_revision: master linux: system: name: cfg01 - domain: virtual-mcp-pike-ovn-noha.local + domain: mcp-odl-ha.local diff --git a/mcp/reclass/nodes/cfg01.baremetal-mcp-pike-ovs-ha.local.yml b/mcp/reclass/nodes/cfg01.mcp-odl-noha.local.yml index dc9c8c748..fcad8a6cf 100644 --- a/mcp/reclass/nodes/cfg01.baremetal-mcp-pike-ovs-ha.local.yml +++ b/mcp/reclass/nodes/cfg01.mcp-odl-noha.local.yml @@ -7,12 +7,12 @@ ############################################################################## --- classes: - - cluster.baremetal-mcp-pike-ovs-ha.infra.config + - cluster.mcp-odl-noha.infra.config parameters: _param: - linux_system_codename: xenial + linux_system_codename: bionic reclass_data_revision: master linux: system: name: cfg01 - domain: baremetal-mcp-pike-ovs-ha.local + domain: mcp-odl-noha.local diff --git a/mcp/reclass/nodes/cfg01.mcp-ovn-ha.local.yml b/mcp/reclass/nodes/cfg01.mcp-ovn-ha.local.yml new file mode 100644 index 000000000..6d4a8bef3 --- /dev/null +++ b/mcp/reclass/nodes/cfg01.mcp-ovn-ha.local.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovn-ha.infra.config +parameters: + _param: + linux_system_codename: bionic + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: mcp-ovn-ha.local diff --git a/mcp/reclass/nodes/cfg01.virtual-mcp-pike-odl-noha.local.yml b/mcp/reclass/nodes/cfg01.mcp-ovn-noha.local.yml index 8828a9312..22014d7a2 100644 --- a/mcp/reclass/nodes/cfg01.virtual-mcp-pike-odl-noha.local.yml +++ b/mcp/reclass/nodes/cfg01.mcp-ovn-noha.local.yml @@ -7,12 +7,12 @@ ############################################################################## --- classes: - - cluster.virtual-mcp-pike-odl-noha.infra.config + - cluster.mcp-ovn-noha.infra.config parameters: _param: - linux_system_codename: xenial + linux_system_codename: bionic reclass_data_revision: master linux: system: name: cfg01 - domain: virtual-mcp-pike-odl-noha.local + domain: mcp-ovn-noha.local diff --git a/mcp/reclass/nodes/cfg01.mcp-ovs-dpdk-ha.local.yml b/mcp/reclass/nodes/cfg01.mcp-ovs-dpdk-ha.local.yml new file mode 100644 index 000000000..9ad516f18 --- /dev/null +++ b/mcp/reclass/nodes/cfg01.mcp-ovs-dpdk-ha.local.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovs-dpdk-ha.infra.config +parameters: + _param: + linux_system_codename: bionic + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: mcp-ovs-dpdk-ha.local diff --git a/mcp/reclass/nodes/cfg01.mcp-ovs-dpdk-noha.local.yml b/mcp/reclass/nodes/cfg01.mcp-ovs-dpdk-noha.local.yml new file mode 100644 index 000000000..d1ba70a91 --- /dev/null +++ b/mcp/reclass/nodes/cfg01.mcp-ovs-dpdk-noha.local.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovs-dpdk-noha.infra.config +parameters: + _param: + linux_system_codename: bionic + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: mcp-ovs-dpdk-noha.local diff --git a/mcp/reclass/nodes/cfg01.mcp-ovs-ha.local.yml b/mcp/reclass/nodes/cfg01.mcp-ovs-ha.local.yml new file mode 100644 index 000000000..8f1cc2cd5 --- /dev/null +++ b/mcp/reclass/nodes/cfg01.mcp-ovs-ha.local.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovs-ha.infra.config +parameters: + _param: + linux_system_codename: bionic + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: mcp-ovs-ha.local diff --git a/mcp/reclass/nodes/cfg01.mcp-ovs-noha.local.yml b/mcp/reclass/nodes/cfg01.mcp-ovs-noha.local.yml new file mode 100644 index 000000000..9d1f0265a --- /dev/null +++ b/mcp/reclass/nodes/cfg01.mcp-ovs-noha.local.yml @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - cluster.mcp-ovs-noha.infra.config +parameters: + _param: + linux_system_codename: bionic + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: mcp-ovs-noha.local diff --git a/mcp/reclass/nodes/cfg01.virtual-mcp-pike-ovs-dpdk-noha.local.yml b/mcp/reclass/nodes/cfg01.virtual-mcp-pike-ovs-dpdk-noha.local.yml deleted file mode 100644 index 4c435f873..000000000 --- a/mcp/reclass/nodes/cfg01.virtual-mcp-pike-ovs-dpdk-noha.local.yml +++ /dev/null @@ -1,18 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.virtual-mcp-pike-ovs-dpdk-noha.infra.config -parameters: - _param: - linux_system_codename: xenial - reclass_data_revision: master - linux: - system: - name: cfg01 - domain: virtual-mcp-pike-ovs-dpdk-noha.local diff --git a/mcp/reclass/nodes/cfg01.virtual-mcp-pike-ovs-noha.local.yml b/mcp/reclass/nodes/cfg01.virtual-mcp-pike-ovs-noha.local.yml deleted file mode 100644 index 7a715cfb8..000000000 --- a/mcp/reclass/nodes/cfg01.virtual-mcp-pike-ovs-noha.local.yml +++ /dev/null @@ -1,18 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -classes: - - cluster.virtual-mcp-pike-ovs-noha.infra.config -parameters: - _param: - linux_system_codename: xenial - reclass_data_revision: master - linux: - system: - name: cfg01 - domain: virtual-mcp-pike-ovs-noha.local diff --git a/mcp/salt-formulas/maas/machines/delete.sls b/mcp/salt-formulas/maas/machines/delete.sls deleted file mode 100644 index dbb625a02..000000000 --- a/mcp/salt-formulas/maas/machines/delete.sls +++ /dev/null @@ -1,19 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{%- from "maas/map.jinja" import region with context %} - -maas_login_admin: - cmd.run: - - name: "maas-region apikey --username {{ region.admin.username }} > /var/lib/maas/.maas_credentials" - -# TODO: implement delete_machine via _modules/maas.py -delete_machine: - cmd.run: - - name: "maas login {{ region.admin.username }} http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && maas opnfv machine delete {{ pillar['system_id'] }}" - - require: - - cmd: maas_login_admin diff --git a/mcp/salt-formulas/maas/machines/mark_broken_fixed.sls b/mcp/salt-formulas/maas/machines/mark_broken_fixed.sls deleted file mode 100644 index 17a7df8d8..000000000 --- a/mcp/salt-formulas/maas/machines/mark_broken_fixed.sls +++ /dev/null @@ -1,19 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{%- from "maas/map.jinja" import region with context %} - -maas_login_admin: - cmd.run: - - name: "maas-region apikey --username {{ region.admin.username }} > /var/lib/maas/.maas_credentials" - -# TODO: implement mark_broken_fixed_machine via _modules/maas.py -mark_broken_fixed_machine: - cmd.run: - - name: "maas login {{ region.admin.username }} http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && maas opnfv machine mark-broken {{ pillar['system_id'] }} && sleep 10 && maas opnfv machine mark-fixed {{ pillar['system_id'] }}" - - require: - - cmd: maas_login_admin diff --git a/mcp/salt-formulas/opendaylight/client.sls b/mcp/salt-formulas/opendaylight/client.sls deleted file mode 100644 index dba51b399..000000000 --- a/mcp/salt-formulas/opendaylight/client.sls +++ /dev/null @@ -1,38 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc. and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{%- from "opendaylight/map.jinja" import client with context %} -{%- if client.get('enabled', True) %} - -opendaylight_client_packages: - pkg.installed: - - pkgs: {{ client.pkgs }} - -{%- if pillar.linux.network.bridge is defined and pillar.linux.network.bridge == 'openvswitch' %} -ovs_set_manager: - cmd.run: - - name: "ovs-vsctl set-manager {{ client.ovsdb_server_iface }} {{ client.ovsdb_odl_iface }}" - - unless: "ovs-vsctl get-manager | grep -Fx {{ client.ovsdb_odl_iface }}" - -ovs_set_tunnel_endpoint: - cmd.run: - - name: "ovs-vsctl set Open_vSwitch . other_config:local_ip={{ client.tunnel_ip }}" - - unless: "ovs-vsctl get Open_vSwitch . other_config | fgrep local_ip" - - require: - - cmd: ovs_set_manager - -{%- if client.provider_mappings is defined %} -ovs_set_provider_mapping: - cmd.run: - - name: "ovs-vsctl set Open_vSwitch . other_config:provider_mappings={{ client.provider_mappings }}" - - unless: "ovs-vsctl get Open_vSwitch . other_config | fgrep provider_mappings" - - require: - - cmd: ovs_set_manager -{%- endif %} - -{%- endif %} -{%- endif %} diff --git a/mcp/salt-formulas/opendaylight/server.sls b/mcp/salt-formulas/opendaylight/server.sls deleted file mode 100644 index 30c337c00..000000000 --- a/mcp/salt-formulas/opendaylight/server.sls +++ /dev/null @@ -1,82 +0,0 @@ -############################################################################## -# Copyright (c) 2017 Mirantis Inc. and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -{% from "opendaylight/map.jinja" import server with context %} - -{%- if server.enabled %} - -opendaylight_repo: - pkgrepo.managed: - # NOTE(armband): PPA handling behind proxy broken, define it explicitly - # https://github.com/saltstack/salt/pull/45224 - # - ppa: {{ server.repo }} - - human_name: opendaylight-ppa - - name: deb http://ppa.launchpad.net/odl-team/nitrogen/ubuntu xenial main - - file: /etc/apt/sources.list.d/odl-team-ubuntu-nitrogen-xenial.list - - keyid: 49B07274951063870A8B7EAE7B8AA1A344C05248 - - keyserver: keyserver.ubuntu.com - -opendaylight: - pkg.installed: - - require: - - pkgrepo: opendaylight_repo - - require_in: - - file: /opt/opendaylight/etc/jetty.xml - - file: /opt/opendaylight/bin/setenv - - ini: /opt/opendaylight/etc/org.apache.karaf.features.cfg - - ini: /opt/opendaylight/etc/org.ops4j.pax.web.cfg - service.running: - - enable: true - - watch: - - file: /opt/opendaylight/etc/jetty.xml - - file: /opt/opendaylight/bin/setenv - - ini: /opt/opendaylight/etc/org.apache.karaf.features.cfg - - ini: /opt/opendaylight/etc/org.ops4j.pax.web.cfg - -/opt/opendaylight/etc/jetty.xml: - file.managed: - - source: salt://opendaylight/files/jetty.xml - - template: jinja - - user: odl - - group: odl - -/opt/opendaylight/bin/setenv: - file.managed: - - source: salt://opendaylight/files/setenv.shell - - mode: 0755 - - use: - - file: /opt/opendaylight/etc/jetty.xml - -{% set features %} -{%- for f in server.karaf_features.itervalues() -%} -{{ f | join(',') }}{%- if not loop.last %},{%- endif %} -{%- endfor %} -{% endset %} - -/opt/opendaylight/etc/org.apache.karaf.features.cfg: - ini.options_present: - - sections: - featuresBoot: {{ features }} - -/opt/opendaylight/etc/org.ops4j.pax.web.cfg: - ini.options_present: - - sections: - org.ops4j.pax.web.listening.addresses: {{ server.odl_bind_ip }} - -{%- if server.get('router_enabled', false) %} -/opt/opendaylight/etc/custom.properties: - ini.options_present: - - sections: - ovsdb.l3.fwd.enabled: 'yes' - ovsdb.of.version: 1.3 - - require: - - pkg: opendaylight - - watch_in: - - service: opendaylight -{%- endif %} - -{%- endif %} diff --git a/mcp/salt-formulas/salt-formula-aodh b/mcp/salt-formulas/salt-formula-aodh new file mode 160000 +Subproject 858785a84cdbfb3add01158d40237af0d41e4b4 diff --git a/mcp/salt-formulas/salt-formula-apache b/mcp/salt-formulas/salt-formula-apache new file mode 160000 +Subproject 41d31d33354eeff85cd65b78fae0d5af274172b diff --git a/mcp/salt-formulas/salt-formula-armband/armband/files/nova-libvirt-aarch64-rollup.diff b/mcp/salt-formulas/salt-formula-armband/armband/files/nova-libvirt-aarch64-rollup.diff new file mode 100644 index 000000000..1ecbf2973 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-armband/armband/files/nova-libvirt-aarch64-rollup.diff @@ -0,0 +1,27 @@ +From: Charalampos Kominos <Charalampos.Kominos@enea.com> +Date: Wed, 2 May 2018 14:20:47 +0200 +Subject: [PATCH] Allow libvirt to honor root device naming + +Current behaviour in upstream nova is for rootfs to be in /dev/vda +which is the default behaviour when using virtio driver. However when +other devices are requested either by glance or by CLI, nova ignores +that naming and still tries to attach to vda which fails. + +Manually applied in https://review.openstack.org/#/c/214314/ + +JIRA: ARMBAND-376 + +Signed-off-by: Charalampos Kominos <charalampos.kominos@enea.com> +--- + +--- a/nova/virt/libvirt/driver.py ++++ b/nova/virt/libvirt/driver.py +@@ -8257,6 +8257,8 @@ + "Ignoring supplied device name: %(device_name)s. " + "Libvirt can't honour user-supplied dev names", + {'device_name': bdm.device_name}, instance=instance) ++ if instance.root_device_name == bdm.device_name: ++ instance.root_device_name = None + bdm.device_name = None + block_device_info = driver.get_block_device_info(instance, + block_device_mapping) diff --git a/mcp/salt-formulas/salt-formula-armband/armband/init.sls b/mcp/salt-formulas/salt-formula-armband/armband/init.sls new file mode 100644 index 000000000..8a8cf2ab1 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-armband/armband/init.sls @@ -0,0 +1,7 @@ +include: + - armband.qemu_efi + - armband.vgabios + {%- if salt['pkg.version']('python-nova') %} + - armband.nova_libvirt + - armband.nova_config + {%- endif %} diff --git a/mcp/salt-formulas/salt-formula-armband/armband/nova_config.sls b/mcp/salt-formulas/salt-formula-armband/armband/nova_config.sls new file mode 100644 index 000000000..b0e17b718 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-armband/armband/nova_config.sls @@ -0,0 +1,37 @@ +{% if grains['cpuarch'] == 'aarch64' %} +{% if grains['virtual'] == 'kvm' %} +nova_virt_type: + file.replace: + - name: "/etc/nova/nova.conf" + - pattern: '^virt_type\s*=.*$' + - repl: "virt_type = qemu" +nova_compute_virt_type: + file.replace: + - name: "/etc/nova/nova-compute.conf" + - pattern: '^virt_type\s*=.*$' + - repl: "virt_type = qemu" +{% endif %} +nova_pointer_model: + file.replace: + - name: "/etc/nova/nova.conf" + - pattern: '^#pointer_model\s*=.*$' + - repl: "pointer_model = ps2mouse" +nova_cpu_mode: + file.replace: + - name: "/etc/nova/nova.conf" + - pattern: '^cpu_mode\s*=\s*host-passthrough' + - repl: "cpu_mode = custom" +nova_cpu_model: + file.replace: + - name: "/etc/nova/nova.conf" + - pattern: '^#cpu_model\s*=.*$' + {% if grains['virtual'] == 'kvm' %} + - repl: "cpu_model = cortex-a57" + {% else %} + - repl: "cpu_model = host" + {% endif %} +restart_nova-compute: + cmd: + - run + - name: "service nova-compute restart" +{% endif %} diff --git a/mcp/salt-formulas/salt-formula-armband/armband/nova_libvirt.sls b/mcp/salt-formulas/salt-formula-armband/armband/nova_libvirt.sls new file mode 100644 index 000000000..9d26e86a4 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-armband/armband/nova_libvirt.sls @@ -0,0 +1,9 @@ +{% if grains['cpuarch'] == 'aarch64' %} +nova-libvirt-aarch64-rollup: + file.patch: + - name: /usr/lib/python2.7/dist-packages + - source: salt://armband/files/nova-libvirt-aarch64-rollup.diff + - hash: False + - options: '-p1' + - unless: 'test -f /var/cache/salt/minion/files/base/armband/files/nova-libvirt-aarch64-rollup.diff && cd /usr/lib/python2.7/dist-packages && patch -p1 -R --dry-run -r - < /var/cache/salt/minion/files/base/armband/files/nova-libvirt-aarch64-rollup.diff' +{% endif %} diff --git a/mcp/salt-formulas/salt-formula-armband/armband/qemu_efi.sls b/mcp/salt-formulas/salt-formula-armband/armband/qemu_efi.sls new file mode 100644 index 000000000..aef17f9a8 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-armband/armband/qemu_efi.sls @@ -0,0 +1,4 @@ +{% if grains['cpuarch'] == 'aarch64' %} +qemu-efi: + pkg.installed +{% endif %} diff --git a/mcp/salt-formulas/salt-formula-armband/armband/vgabios.sls b/mcp/salt-formulas/salt-formula-armband/armband/vgabios.sls new file mode 100644 index 000000000..7f004971c --- /dev/null +++ b/mcp/salt-formulas/salt-formula-armband/armband/vgabios.sls @@ -0,0 +1,9 @@ +{% if grains['cpuarch'] == 'aarch64' %} +vgabios: + pkg.installed +/usr/share/qemu: + file.directory +/usr/share/qemu/vgabios-stdvga.bin: + file.symlink: + - target: "/usr/share/vgabios/vgabios.bin" +{% endif %} diff --git a/mcp/salt-formulas/salt-formula-barbican b/mcp/salt-formulas/salt-formula-barbican new file mode 160000 +Subproject f70167cf8e99bdd72bcac7dbc946ec1655d5f31 diff --git a/mcp/salt-formulas/salt-formula-ceilometer b/mcp/salt-formulas/salt-formula-ceilometer new file mode 160000 +Subproject 7478c662b0a41671ebb76af936948d29e1a0448 diff --git a/mcp/salt-formulas/salt-formula-cinder b/mcp/salt-formulas/salt-formula-cinder new file mode 160000 +Subproject 57837bfba6427fd0d63afae332c724be5c3fa3b diff --git a/mcp/salt-formulas/salt-formula-etcd b/mcp/salt-formulas/salt-formula-etcd new file mode 160000 +Subproject b0c13fc3701045df3587d74d37bd947fd84dfda diff --git a/mcp/salt-formulas/salt-formula-glance b/mcp/salt-formulas/salt-formula-glance new file mode 160000 +Subproject bab584dc63874210c1bd3e42bcca8fd06d06ed3 diff --git a/mcp/salt-formulas/salt-formula-gnocchi b/mcp/salt-formulas/salt-formula-gnocchi new file mode 160000 +Subproject 0d4773a7dc87872dd28b3be0fc8a0a81cdaa864 diff --git a/mcp/salt-formulas/salt-formula-heat b/mcp/salt-formulas/salt-formula-heat new file mode 160000 +Subproject f1218e910d9bbf38c48b67e27cfa3c83024bbae diff --git a/mcp/salt-formulas/salt-formula-horizon b/mcp/salt-formulas/salt-formula-horizon new file mode 160000 +Subproject 116b93154b33bea17251b118e84c3eb47eb6893 diff --git a/mcp/salt-formulas/salt-formula-keystone b/mcp/salt-formulas/salt-formula-keystone new file mode 160000 +Subproject 196016fcaeb572108221933051b67568a52e80b diff --git a/mcp/salt-formulas/salt-formula-kubernetes b/mcp/salt-formulas/salt-formula-kubernetes new file mode 160000 +Subproject ffa16d06db002139aca3856b26539e54f17ed6d diff --git a/mcp/salt-formulas/salt-formula-linux b/mcp/salt-formulas/salt-formula-linux new file mode 160000 +Subproject a0d8b2d8b108bff351d6ed60ad427dcbdccc57d diff --git a/mcp/salt-formulas/salt-formula-maas b/mcp/salt-formulas/salt-formula-maas new file mode 160000 +Subproject decf41b9dd92ab23752b34c21e4f57dc780be33 diff --git a/mcp/salt-formulas/salt-formula-neutron b/mcp/salt-formulas/salt-formula-neutron new file mode 160000 +Subproject 7e623c0c660715f58ceaaf20e3d8620454c3977 diff --git a/mcp/salt-formulas/salt-formula-nfs b/mcp/salt-formulas/salt-formula-nfs new file mode 160000 +Subproject 5872d161e3ee149335932bfa364a437fdd367af diff --git a/mcp/salt-formulas/salt-formula-nova b/mcp/salt-formulas/salt-formula-nova new file mode 160000 +Subproject 60df8720a81b32f05885e3cbd49a4bb6e8960e2 diff --git a/mcp/salt-formulas/salt-formula-opendaylight/metadata/service/server/cluster.yml b/mcp/salt-formulas/salt-formula-opendaylight/metadata/service/server/cluster.yml new file mode 100644 index 000000000..3554d786e --- /dev/null +++ b/mcp/salt-formulas/salt-formula-opendaylight/metadata/service/server/cluster.yml @@ -0,0 +1,60 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +applications: + - opendaylight +classes: + - service.keepalived.cluster.single + - service.haproxy.proxy.single +parameters: + _param: + opendaylight_version: neon + cluster_vip_address: ${_param:opendaylight_service_host} + keepalived_vip_virtual_router_id: 199 + keepalived_vip_password: ${_param:opnfv_main_password} + keepalived_vip_interface: ${_param:single_nic} + haproxy_odl_api_check_params: check inter 20s fastinter 2s + opendaylight: + server: + enabled: 'True' + version: ${_param:opendaylight_version} + repo: 'odl-team/${_param:opendaylight_version}' + cluster_enabled: true + keepalived: + cluster: + vrrp_scripts: + check_pidof: + args: haproxy + interval: 20 + rise: 3 + fall: 1 + instance: + VIP: + track_script: check_pidof + haproxy: + proxy: + listen: + opendaylight_api: + type: general-service + balance: source + binds: + - address: ${_param:opendaylight_service_host} + port: ${_param:opendaylight_rest_port} + servers: + - name: ${_param:opendaylight_server_node01_hostname} + host: ${_param:opendaylight_server_node01_address} + port: ${_param:opendaylight_rest_port} + params: ${_param:haproxy_odl_api_check_params} + - name: ${_param:opendaylight_server_node02_hostname} + host: ${_param:opendaylight_server_node02_address} + port: ${_param:opendaylight_rest_port} + params: ${_param:haproxy_odl_api_check_params} + - name: ${_param:opendaylight_server_node03_hostname} + host: ${_param:opendaylight_server_node03_address} + port: ${_param:opendaylight_rest_port} + params: ${_param:haproxy_odl_api_check_params} diff --git a/mcp/metadata/service/opendaylight/server/single.yml b/mcp/salt-formulas/salt-formula-opendaylight/metadata/service/server/single.yml index b714809b3..36736be0a 100644 --- a/mcp/metadata/service/opendaylight/server/single.yml +++ b/mcp/salt-formulas/salt-formula-opendaylight/metadata/service/server/single.yml @@ -9,8 +9,10 @@ applications: - opendaylight parameters: + _param: + opendaylight_version: neon opendaylight: server: enabled: 'True' - logging: - engine: syslog + version: ${_param:opendaylight_version} + repo: 'odl-team/${_param:opendaylight_version}' diff --git a/mcp/metadata/service/opendaylight/support.yml b/mcp/salt-formulas/salt-formula-opendaylight/metadata/service/support.yml index bbb204315..bbb204315 100644 --- a/mcp/metadata/service/opendaylight/support.yml +++ b/mcp/salt-formulas/salt-formula-opendaylight/metadata/service/support.yml diff --git a/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/config.sls b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/config.sls new file mode 100644 index 000000000..3f1f81348 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/config.sls @@ -0,0 +1,94 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{% from "opendaylight/map.jinja" import server with context %} + +/opt/opendaylight/etc/jetty.xml: + file.managed: + - source: salt://opendaylight/files/jetty.xml + - template: jinja + - user: odl + - group: odl + +/opt/opendaylight/bin/setenv: + file.managed: + - source: salt://opendaylight/files/setenv.shell + - template: jinja + - mode: 0755 + - user: odl + - group: odl + +{%- set features = [] %} +{%- for f in server.karaf_features.itervalues() %} + {%- do features.extend(f) %} +{%- endfor %} + +/opt/opendaylight/etc/org.apache.karaf.features.cfg: + ini.options_present: + - sections: + featuresBoot: {{ features|join(',') }} + +/opt/opendaylight/etc/org.ops4j.pax.web.cfg: + ini.options_present: + - sections: + org.ops4j.pax.web.listening.addresses: {{ server.odl_bind_ip }} + org.osgi.service.http.port: {{ server.odl_rest_port }} + +{%- if not server.pax_logging_enabled|d(false) %} + {%- + set pax_logging_opts = [ + 'log4j2.rootLogger.appenderRef.PaxOsgi.ref', + 'log4j2.appender.osgi.type', + 'log4j2.appender.osgi.name', + 'log4j2.appender.osgi.filter' + ] + %} + + {%- for opt in pax_logging_opts %} +pax.logging.cfg.{{ opt }}: + file.comment: + - name: /opt/opendaylight/etc/org.ops4j.pax.logging.cfg + - regex: ^{{ opt }}\s*= + - backup: false + {%- endfor %} +{%- endif %} + +/opt/opendaylight/etc/org.opendaylight.openflowplugin.cfg: + file.managed: + - user: odl + - group: odl + ini.options_present: + - sections: + is-statistics-polling-on: {{ server.stats_polling_enabled }} + +{%- if server.get('router_enabled', false) %} +/opt/opendaylight/etc/custom.properties: + ini.options_present: + - sections: + ovsdb.l3.fwd.enabled: 'yes' + ovsdb.of.version: 1.3 +{%- endif %} + +{%- if server.netvirt_natservice is defined %} +/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml: + file.managed: + - source: salt://opendaylight/files/netvirt-natservice-config.xml + - template: jinja + - makedirs: true + - user: odl + - group: odl +{%- endif %} + +{%- if server.dhcp.enabled %} +/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-dhcpservice-config.xml: + file.managed: + - source: salt://opendaylight/files/netvirt-dhcpservice-config.xml + - template: jinja + - makedirs: true + - user: odl + - group: odl +{%- endif %} diff --git a/mcp/salt-formulas/opendaylight/files/jetty.xml b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/jetty.xml index e6371883a..de2ac677d 100644 --- a/mcp/salt-formulas/opendaylight/files/jetty.xml +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/jetty.xml @@ -84,7 +84,7 @@ DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd"> <Property name="jetty.host"/> </Set> <Set name="port"> - <Property name="jetty.port" default="8181"/> + <Property name="jetty.port" default="{{ server.odl_rest_port }}"/> </Set> <Set name="idleTimeout"> <Property name="http.timeout" default="300000"/> @@ -94,37 +94,6 @@ DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd"> </Arg> </Call> - <Call name="addConnector"> - <Arg> - <New class="org.eclipse.jetty.server.ServerConnector"> - <Arg name="server"> - <Ref refid="Server" /> - </Arg> - <Arg name="factories"> - <Array type="org.eclipse.jetty.server.ConnectionFactory"> - <Item> - <New class="org.eclipse.jetty.server.HttpConnectionFactory"> - <Arg name="config"> - <Ref refid="http-legacy" /> - </Arg> - </New> - </Item> - </Array> - </Arg> - <Set name="host">{{ server.odl_bind_ip }} - <Property name="jetty.host"/> - </Set> - <Set name="port"> - <Property name="jetty.port" default="{{ server.odl_rest_port }}"/> - </Set> - <Set name="idleTimeout"> - <Property name="http.timeout" default="300000"/> - </Set>q - <Set name="name">jetty-legacy</Set> - </New> - </Arg> - </Call> - <!-- =========================================================== --> <!-- Configure Authentication Realms --> <!-- Realms may be configured for the entire server here, or --> diff --git a/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-dhcpservice-config.xml b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-dhcpservice-config.xml new file mode 100644 index 000000000..336957fd1 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-dhcpservice-config.xml @@ -0,0 +1,23 @@ +{%- from "opendaylight/map.jinja" import server with context -%} +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<dhcpservice-config xmlns="urn:opendaylight:params:xml:ns:yang:dhcpservice:config"> + <controller-dhcp-enabled>{{ server.dhcp.enabled }}</controller-dhcp-enabled> + <dhcp-dynamic-allocation-pool-enabled>{{ server.dhcp.dynamic_allocation_pool_enabled }}</dhcp-dynamic-allocation-pool-enabled> +</dhcpservice-config> diff --git a/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-natservice-config.xml b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-natservice-config.xml new file mode 100644 index 000000000..35994e51d --- /dev/null +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-natservice-config.xml @@ -0,0 +1,23 @@ +{%- from "opendaylight/map.jinja" import server with context -%} +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<natservice-config xmlns="urn:opendaylight:netvirt:natservice:config"> + <nat-mode>{{ server.netvirt_natservice.nat_mode|d('controller') }}</nat-mode> + <snat-punt-timeout>{{ server.netvirt_natservice.snat_punt_timeout|d('5') }}</snat-punt-timeout> +</natservice-config> diff --git a/mcp/salt-formulas/opendaylight/files/setenv.shell b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/setenv.shell index d7dfbd96c..2921ade14 100644 --- a/mcp/salt-formulas/opendaylight/files/setenv.shell +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/setenv.shell @@ -19,4 +19,3 @@ export EXTRA_JAVA_OPTS='{{ server.java_extra_opts }}' # Additional JVM options # export KARAF_OPTS # Additional available Karaf options # export KARAF_DEBUG # Enable debug mode # export KARAF_REDIRECT # Enable/set the std/err redirection when using bin/start - diff --git a/mcp/salt-formulas/opendaylight/init.sls b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/init.sls index 132f69b33..132f69b33 100644 --- a/mcp/salt-formulas/opendaylight/init.sls +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/init.sls diff --git a/mcp/salt-formulas/opendaylight/map.jinja b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/map.jinja index 9e9df1dc1..44f2685d0 100644 --- a/mcp/salt-formulas/opendaylight/map.jinja +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/map.jinja @@ -1,34 +1,33 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc. and others. +# Copyright (c) 2019 Mirantis Inc. and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +{%- set pkgs = ['opendaylight'] %} +{%- do pkgs.append('opendaylight-leveldbjni') if grains['cpuarch'] == 'aarch64' %} + {% set server = salt['grains.filter_by']({ 'Debian': { + 'pkgs': pkgs, 'karaf_features': {'default': ['standard', 'wrap', 'ssh']}, 'odl_rest_port': '8282', 'odl_bind_ip': '0.0.0.0', - 'repo': 'odl-team/nitrogen', + 'repo': 'odl-team/oxygen', 'log_levels': {}, - 'enable_ha': false, - 'ha_node_ips': [], - 'ha_node_index': 0, + 'cluster_enabled': false, + 'seed_nodes_list': [], + 'stats_polling_enabled': false, + 'dhcp': { + 'enabled': false, + 'dynamic_allocation_pool_enabled': false, + }, 'security_group_mode': 'stateful', 'vpp_routing_node': '', 'java_extra_opts': '-Djava.net.preferIPv4Stack=true -XX:+UseG1GC', 'java_min_mem': '1g', 'java_max_mem': '2g', - }, - 'RedHat': { - 'repo': 'opendaylight-6-testing' - }, + } }, merge=salt['pillar.get']('opendaylight:server')) %} - -{%- set client = salt['grains.filter_by']({ - 'Debian': { - 'pkgs': ['python-networking-odl'], - }, -}, merge=salt['pillar.get']('opendaylight:client')) %} diff --git a/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/repo.sls b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/repo.sls new file mode 100644 index 000000000..1f322c53f --- /dev/null +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/repo.sls @@ -0,0 +1,56 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{% from "opendaylight/map.jinja" import server with context %} + +# NOTE: starting with Salt 2018.3, key_text might be used instead +opendaylight_repo_key: + # Launchpad PPA for ODL Team + # pub 4096R/44C05248 2017-01-26 + cmd.run: + - name: | + cat <<-EOF | sudo apt-key add - + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: GnuPG v1 + + mQINBFiKaBEBEADpCtIj8utf/bUfN6iQ+sxGiOPLnXVYoYyKifHDazD4o1Jevfiu + EpcDIx9EdnhrCpvKTU+jaw2B7K3pkdqbjbzjZY+2CDENSQXfRHuuI/nWDaYI0stx + Tf/evip3cxdutnZNAklzkxppHP+4UZm9HAd7uZsEyff4H9DIsHzZIA4Z++Hx2+lt + w9K0iCKh2k6Pon/VVo8Bir3JuKIIdLRAuHmyniYlHDswQnu+1nQHE0F/oboD0Q9Z + hOvXAr1L7LWu0hkLV7BqmeI0SPcRA3b5MU3dfaTK8MaPAo8anQTpCyYUnoIBqX8h + y324T/dvpFKq2/X3RL+wOSYTA8TLgyhH0fhdIKZg3G8m9kxuAHZYHIHnDtvgJ5yd + 72tNY+w8UIX8U2ark/WdkAMZr3O0AuTDlvHcasxO5+puAu8jh0EgtqItqrvKwiF7 + dmlHVW41Rt+su2fmsUkk4Z0IhWrn3PdrSWAcH2eL6vjuqx6CccpjsjyiSQ90dUox + EoMpY+viX59aF0kU4BLt76mQO6YZtCpicLxFGCu97v1mNn+FWjhBOIF08pVsbNlq + oMl2j0N8NKZxJvkkmsA/i//ch5FsjzvUy3xajlSzq9ruWS4SlWq2Vzdx/acvF7Oa + ABA11wIjzLc9vmhzQNiRa53fJQwi+w/Or9LtH2msKCbcPVHoZ5OT4t6S8QARAQAB + tBpMYXVuY2hwYWQgUFBBIGZvciBPREwgVGVhbYkCOAQTAQIAIgUCWIpoEQIbAwYL + CQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQe4qho0TAUkgAmg//XY/RqU4WcT+p + 13oDc3+Dp4aL+rwaNz0o56i0z0cYPxd8GPicCuS8d/di07GnQiBcZ5DZgegnnaYm + OUF+phxk4q+jYO/t2GHQlYSf/QyUv7OimidLOHN1FiahmcGobliwih70o6ZcMT84 + ggSu8jBzA/HLFBIkgStKD/staR5zJ2HfK298yVhiffyrPA+I3nPe7pvTaGa2e8AP + BYs5zB5n27upSZIokXFvqlmS4HEKDmPcY061wgmg1cNY1Y+mIuGjxY1Igbi6kAe0 + yaLN2AN4c2ImhpwOcuazKTe/q2ZhoPTpYvuzmogwau8LBjRBhVS6fkTpSBPEkcwn + f/QYmmVLygmpMDHuHapyH8iaUoksq7gd64iBRDJQN7giQSjkTVvcGBqoKG8lbUMV + MDT4FGuYYsObWUg7kmHlNq9nIVlAxmxv8ZTg9+8xy3f53aId/51m+gW9LGRAT94T + ZIWrF9cBvsPWoHgHkV1At/fPprOvNXqeQiJ7UzC3ikDNCu2AjPEbA4sb019RNgtj + jUI6g6RZdzbeKVpptxILCtT3yKbfKj8AfrfaRzS0yMhVudgLolIUA4S6g46p0Cgy + gITO49wxxBu6UAOsAG3psDRlsZmmrT4AH09Yt2RzmY0FBWValqpoPagheQqeU+2W + FKnV9Lw1SKMtWZbYMvIlB0rwts3k9lE= + =xkZ9 + -----END PGP PUBLIC KEY BLOCK----- + EOF + - unless: apt-key list | grep -qF '4096R/44C05248 2017-01-26' + +opendaylight_repo: + pkgrepo.managed: + # NOTE(armband): PPA handling behind proxy broken, define it explicitly + # https://github.com/saltstack/salt/pull/45224 + # - ppa: {{ server.repo }} + - human_name: opendaylight-ppa + - name: deb http://ppa.launchpad.net/{{ server.repo }}/ubuntu {{ grains.oscodename }} main + - file: /etc/apt/sources.list.d/odl-team-{{ server.version }}.list diff --git a/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/server.sls b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/server.sls new file mode 100644 index 000000000..6e31ffb3f --- /dev/null +++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/server.sls @@ -0,0 +1,51 @@ +############################################################################## +# Copyright (c) 2019 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{% from "opendaylight/map.jinja" import server with context %} + +{%- if server.enabled %} + +include: + - opendaylight.config + - opendaylight.repo + +{%- if grains['saltversioninfo'] < [2017, 7] %} +service.mask: + module.run: + - m_name: opendaylight +{%- else %} +opendaylight_service_mask: + service.masked: + - name: opendaylight +{%- endif %} + - prereq: + - pkg: opendaylight + +{%- if server.cluster_enabled %} +configure_cluster: + cmd.run: + - name: /opt/opendaylight/bin/configure-cluster-ipdetect.sh {{ server.seed_nodes_list }} + - require: + - pkg: opendaylight +{%- endif %} + +opendaylight: + pkg.installed: + - names: {{ server.pkgs }} + - require: + - sls: opendaylight.repo + - require_in: + - sls: opendaylight.config + service.running: + - enable: true +{%- if grains['saltversioninfo'] >= [2017, 7] %} + - unmask: true +{%- endif %} + - watch: + - sls: opendaylight.config + +{%- endif %} diff --git a/mcp/salt-formulas/salt-formula-oslo-templates b/mcp/salt-formulas/salt-formula-oslo-templates new file mode 160000 +Subproject 3534ca9dd05031cbde84cc878122183e3b6daec diff --git a/mcp/salt-formulas/salt-formula-panko b/mcp/salt-formulas/salt-formula-panko new file mode 160000 +Subproject 31c752a6eedf41bf4310f7a620acd87b61d0f09 diff --git a/mcp/salt-formulas/salt-formula-quagga/metadata/service/server/single.yml b/mcp/salt-formulas/salt-formula-quagga/metadata/service/server/single.yml new file mode 100644 index 000000000..2eeca6760 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-quagga/metadata/service/server/single.yml @@ -0,0 +1,12 @@ +############################################################################## +# Copyright (c) 2018 Intracom Telecom and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +parameters: + quagga: + server: + enabled: true diff --git a/mcp/salt-formulas/salt-formula-quagga/quagga/init.sls b/mcp/salt-formulas/salt-formula-quagga/quagga/init.sls new file mode 100644 index 000000000..810809d77 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-quagga/quagga/init.sls @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Intracom Telecom and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +include: +{%- if pillar.quagga.server is defined %} +- quagga.server +{%- endif %} diff --git a/mcp/salt-formulas/salt-formula-quagga/quagga/map.jinja b/mcp/salt-formulas/salt-formula-quagga/quagga/map.jinja new file mode 100644 index 000000000..a76c760d9 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-quagga/quagga/map.jinja @@ -0,0 +1,21 @@ +{#- + Copyright (c) 2018 Intracom Telecom and others. + All rights reserved. This program and the accompanying materials + are made available under the terms of the Apache License, Version 2.0 + which accompanies this distribution, and is available at + http://www.apache.org/licenses/LICENSE-2.0 +-#} +{% set server = salt['grains.filter_by']({ + 'Debian': { + 'pkgs': ['libglib2.0-0'], + 'quagga_package_url': 'https://wiki.opnfv.org/download/attachments/6827916/quagga-ubuntu.tar.gz', + 'quagga_package_checksum': 'https://wiki.opnfv.org/download/attachments/6827916/quagga-ubuntu.checksum', + 'install_cmd': 'dpkg -i' + }, + 'RedHat': { + 'pkgs': ['glib2', 'glib2-devel'], + 'quagga_package_url': 'https://wiki.opnfv.org/download/attachments/6827916/quagga-4.tar.gz', + 'quagga_package_checksum': 'https://wiki.opnfv.org/download/attachments/6827916/quagga-4.checksum', + 'install_cmd': 'yum -y' + }, +}, merge=salt['pillar.get']('quagga:server')) %} diff --git a/mcp/salt-formulas/salt-formula-quagga/quagga/server.sls b/mcp/salt-formulas/salt-formula-quagga/quagga/server.sls new file mode 100644 index 000000000..3a9c32906 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-quagga/quagga/server.sls @@ -0,0 +1,41 @@ +############################################################################## +# Copyright (c) 2018 Intracom Telecom and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- from "quagga/map.jinja" import server with context %} +{%- if server.enabled %} + +quagga_packages: + pkg.installed: + - names: {{ server.pkgs }} + +download_quagga: + file.managed: + - name: /var/cache/quagga.tar.gz + - source: {{ server.quagga_package_url }} + - source_hash: {{ server.quagga_package_checksum }} + - user: root + - group: root + +unarchive_quagga: + archive.extracted: + - source: /var/cache/quagga.tar.gz + - name: /tmp + - user: root + - group: root + +install_quagga_packages: + cmd.run: + - name: {{ server.install_cmd }} $(ls |grep -vE 'debuginfo|devel|contrib') + - cwd: /tmp/quagga + - runas: root + +start_zebra_rpc_daemon: + cmd.run: + - name: /opt/quagga/etc/init.d/zrpcd start + - runas: root + +{%- endif %} diff --git a/mcp/salt-formulas/salt-formula-rabbitmq b/mcp/salt-formulas/salt-formula-rabbitmq new file mode 160000 +Subproject a4d0ca57eec99edd1a6df031a6bd8eabec9a7bd diff --git a/mcp/salt-formulas/salt-formula-redis b/mcp/salt-formulas/salt-formula-redis new file mode 160000 +Subproject e6426b6a271b87e90a1c31ddcca36e5449383c4 diff --git a/mcp/salt-formulas/salt-formula-tacker/metadata/service/server/single.yml b/mcp/salt-formulas/salt-formula-tacker/metadata/service/server/single.yml new file mode 100644 index 000000000..231e978cc --- /dev/null +++ b/mcp/salt-formulas/salt-formula-tacker/metadata/service/server/single.yml @@ -0,0 +1,35 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +classes: + - service.git.client +parameters: + _param: + keystone_tacker_endpoint_type: internalURL + tacker: + server: + bind_host: ${_param:cluster_local_address} + enabled: true + git: + branch: stable/${_param:openstack_version} + database: + engine: mysql + host: ${_param:single_address} + port: 3306 + name: tacker + user: tacker + password: ${_param:mysql_tacker_password} + identity: + engine: keystone + region: RegionOne + host: ${_param:single_address} + port: 35357 + user: tacker + password: ${_param:keystone_tacker_password} + tenant: service + endpoint_type: ${_param:keystone_tacker_endpoint_type} diff --git a/mcp/salt-formulas/salt-formula-tacker/tacker/files/tacker.conf b/mcp/salt-formulas/salt-formula-tacker/tacker/files/tacker.conf new file mode 100644 index 000000000..7adfd3139 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-tacker/tacker/files/tacker.conf @@ -0,0 +1,45 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- from "tacker/map.jinja" import server with context %} + +[DEFAULT] +auth_strategy = keystone +policy_file = /usr/local/etc/tacker/policy.json +debug = True +use_syslog = False +bind_host = {{ server.bind_host }} +bind_port = 9890 +service_plugins = nfvo,vnfm + +state_path = /var/lib/tacker + +[nfvo_vim] +vim_drivers = openstack + +[keystone_authtoken] +region_name = {{ server.identity.region }} +auth_type = password +user_domain_id = {{ server.identity.get('domain', 'default') }} +project_domain_id = {{ server.identity.get('domain', 'default') }} +project_name = {{ server.identity.tenant }} +username = {{ server.identity.user }} +password = {{ server.identity.password }} +auth_url = http://{{ server.identity.host }}:35357 +www_authenticate_uri = http://{{ server.identity.host }}:5000 +{%- if server.cache is defined %} +memcached_servers={%- for member in server.cache.members %}{{ member.host }}:11211{% if not loop.last %},{% endif %}{%- endfor %} +{%- endif %} + +[agent] +root_helper = sudo /usr/local/bin/tacker-rootwrap /usr/local/etc/tacker/rootwrap.conf + +[database] +connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}?charset=utf8 + +[tacker] +monitor_driver = ping,http_ping diff --git a/mcp/salt-formulas/salt-formula-tacker/tacker/files/tacker.systemd b/mcp/salt-formulas/salt-formula-tacker/tacker/files/tacker.systemd new file mode 100644 index 000000000..12ff5cdde --- /dev/null +++ b/mcp/salt-formulas/salt-formula-tacker/tacker/files/tacker.systemd @@ -0,0 +1,20 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +[Unit] +Description = OpenStack Tacker service + +[Service] +ExecReload = /bin/kill -HUP $MAINPID +TimeoutStopSec = 300 +KillMode = process +WorkingDirectory = /tmp +ExecStartPre=/bin/mkdir -p /var/log/tacker +ExecStart=/usr/local/bin/tacker-server --config-file /usr/local/etc/tacker/tacker.conf --log-file /var/log/tacker/tacker.log + +[Install] +WantedBy = multi-user.target diff --git a/mcp/salt-formulas/salt-formula-tacker/tacker/init.sls b/mcp/salt-formulas/salt-formula-tacker/tacker/init.sls new file mode 100644 index 000000000..35291b8f9 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-tacker/tacker/init.sls @@ -0,0 +1,11 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +include: +{%- if pillar.tacker.server is defined %} +- tacker.server +{%- endif %} diff --git a/mcp/salt-formulas/salt-formula-tacker/tacker/map.jinja b/mcp/salt-formulas/salt-formula-tacker/tacker/map.jinja new file mode 100644 index 000000000..9a35c8e52 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-tacker/tacker/map.jinja @@ -0,0 +1,21 @@ +{#- + Copyright (c) 2018 Mirantis Inc. and others. + All rights reserved. This program and the accompanying materials + are made available under the terms of the Apache License, Version 2.0 + which accompanies this distribution, and is available at + http://www.apache.org/licenses/LICENSE-2.0 +-#} +{% set server = salt['grains.filter_by']({ + 'Debian': { + 'pkgs': ['python-heat-translator', 'python-tosca-parser', 'python-tackerclient'], + 'bind_host': '0.0.0.0', + 'git': { + 'source': 'https://github.com/openstack/tacker', + 'target': '/tmp/tacker', + 'branch': 'master', + }, + }, + 'RedHat': { + 'pkgs': 'openstack-tacker' + }, +}, merge=salt['pillar.get']('tacker:server')) %} diff --git a/mcp/salt-formulas/salt-formula-tacker/tacker/server.sls b/mcp/salt-formulas/salt-formula-tacker/tacker/server.sls new file mode 100644 index 000000000..eb3468a11 --- /dev/null +++ b/mcp/salt-formulas/salt-formula-tacker/tacker/server.sls @@ -0,0 +1,56 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc. and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- from "tacker/map.jinja" import server with context %} +{%- if server.enabled %} + +include: +- git + +{{ server.git.source }}: + git.latest: + - target: {{ server.git.target }} + - rev: {{ server.git.branch }} + - depth: 1 + +tacker_packages: + pkg.installed: + - names: {{ server.pkgs }} + +tacker_install: + cmd.run: + - name: python setup.py install + - cwd: {{ server.git.target }} + - creates: /usr/local/bin/tacker-server + - require: + - git: {{ server.git.source }} + +/usr/local/etc/tacker/tacker.conf: + file.managed: + - source: salt://tacker/files/tacker.conf + - template: jinja + - makedirs: true + - require: + - cmd: tacker_install + +tacker_db_manage: + cmd.run: + - name: /usr/local/bin/tacker-db-manage --config-file /usr/local/etc/tacker/tacker.conf upgrade head + - require: + - file: /usr/local/etc/tacker/tacker.conf + +/lib/systemd/system/tacker.service: + file.managed: + - source: salt://tacker/files/tacker.systemd + +tacker: + service.running: + - enable: true + - watch: + - file: /usr/local/etc/tacker/tacker.conf + +{%- endif %} diff --git a/mcp/scripts/.gitignore b/mcp/scripts/.gitignore new file mode 100644 index 000000000..d89d60722 --- /dev/null +++ b/mcp/scripts/.gitignore @@ -0,0 +1,5 @@ +mcp.rsa* +user-data.sh +xdf_data.sh +docker-compose/files/entrypoint_maas.sh +docker-compose/files/hosts diff --git a/mcp/scripts/docker-compose/docker-compose.yaml.j2 b/mcp/scripts/docker-compose/docker-compose.yaml.j2 new file mode 100644 index 000000000..04dc93f98 --- /dev/null +++ b/mcp/scripts/docker-compose/docker-compose.yaml.j2 @@ -0,0 +1,102 @@ +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- import 'net_macros.j2' as ma with context %} +{#- conf.MCPCONTROL_NET & co are mandatory, defaults are set via globals.sh #} +{%- set net_mcpcontrol = [conf.MCPCONTROL_NET, conf.MCPCONTROL_PREFIX] | join("/") %} +version: '2' +services: + opnfv-fuel-salt-master: + container_name: "fuel" + image: "opnfv/fuel:saltmaster-reclass-{{ conf.MCP_DOCKER_TAG }}" + restart: always + networks: + mcpcontrol: + ipv4_address: {{ conf.SALT_MASTER }} + pxebr: + ipv4_address: {{ nm.net_admin | ipnet_hostaddr(nm.start_ip[nm.net_admin] + nm.net_admin_hosts.index('opnfv_infra_config_pxe_admin_address') +1) }} + mgmt: + ipv4_address: {{ nm.net_mgmt | ipnet_hostaddr(nm.start_ip[nm.net_mgmt] + nm.net_mgmt_hosts.index('opnfv_infra_config_address') +1) }} + volumes: + - /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro + - {{ conf.MCP_REPO_ROOT_PATH }}:/root/fuel + - {{ conf.MCP_REPO_ROOT_PATH }}/mcp/scripts/docker-compose/files/entrypoint.sh:/entrypoint.sh + - {{ conf.MCP_STORAGE_DIR }}/pod_config.yml:/root/pod_config.yml + - {{ conf.MCP_STORAGE_DIR }}/nodes:/srv/salt/reclass/nodes + - {{ conf.MCP_STORAGE_DIR }}/pki:/etc/pki + - {{ conf.MCP_STORAGE_DIR }}/salt:/etc/salt + - {{ conf.MCP_STORAGE_DIR }}/hosts:/etc/hosts +{%- if conf.MCP_VCP or '-vcp-' in conf.MCP_DEPLOY_SCENARIO %} + - {{ conf.MCP_STORAGE_DIR }}/base_image_opnfv_fuel_vcp.img:/srv/salt/env/prd/salt/files/control/images/base_image_opnfv_fuel_vcp.img +{%- endif %} + hostname: cfg01 + domainname: {{ conf.cluster.domain }} + privileged: true + dns: +{%- for server in nm.dns_public %} + - {{ server }} +{%- endfor %} +{%- if nm.cluster.has_baremetal_nodes %} + opnfv-fuel-maas: + container_name: "maas" + image: "opnfv/fuel:saltminion-maas-{{ conf.MCP_DOCKER_TAG }}" + restart: always + networks: + mcpcontrol: + ipv4_address: {{ conf.MAAS_IP }} + pxebr: + ipv4_address: {{ nm.net_admin | ipnet_hostaddr(nm.start_ip[nm.net_admin] + nm.net_admin_hosts.index('opnfv_infra_maas_node01_deploy_address') +1) }} + mgmt: + ipv4_address: {{ nm.net_mgmt | ipnet_hostaddr(nm.start_ip[nm.net_mgmt] + nm.net_mgmt_hosts.index('opnfv_infra_maas_node01_address') +1) }} + volumes: + - /lib/modules:/lib/modules:ro + - /sys/fs/cgroup:/sys/fs/cgroup:ro + - /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro + - {{ conf.MCP_REPO_ROOT_PATH }}/mcp/scripts/docker-compose/files/entrypoint_maas.sh:/entrypoint.sh:ro + - {{ conf.MCP_STORAGE_DIR }}/hosts:/etc/hosts:ro + - {{ conf.MCP_STORAGE_DIR }}/mas01/etc/iptables:/etc/iptables + - {{ conf.MCP_STORAGE_DIR }}/mas01/var/lib/postgresql:/var/lib/postgresql + - {{ conf.MCP_STORAGE_DIR }}/mas01/var/lib/maas:/var/lib/maas + - {{ conf.MCP_STORAGE_DIR }}/mas01/var/spool/maas-proxy:/var/spool/maas-proxy + - {{ conf.MCP_STORAGE_DIR }}/mas01/etc/maas:/etc/maas + hostname: mas01 + domainname: {{ conf.cluster.domain }} + privileged: true + dns: +{%- for server in nm.dns_public %} + - {{ server }} +{%- endfor %} + ports: + - 5240:5240 +{%- endif %} +networks: + mcpcontrol: + driver: bridge + driver_opts: + com.docker.network.driver.mtu: 9000 + ipam: + config: + - subnet: {{ net_mcpcontrol }} + pxebr: + driver: macvlan + driver_opts: + parent: veth_mcp1 # Always untagged + ipam: + config: + - subnet: {{ nm.net_admin }} + mgmt: + driver: macvlan + driver_opts: +{%- if conf.idf.fuel.jumphost.get('trunks', {}).get('mgmt', False) %} + parent: {{ ma.interface_str('veth_mcp3', nm.vlan_mgmt) }} +{%- else %} + parent: veth_mcp3 # Untagged by default +{%- endif %} + ipam: + config: + - subnet: {{ nm.net_mgmt }} diff --git a/mcp/scripts/docker-compose/files/entrypoint.sh b/mcp/scripts/docker-compose/files/entrypoint.sh new file mode 100755 index 000000000..baf1f65d2 --- /dev/null +++ b/mcp/scripts/docker-compose/files/entrypoint.sh @@ -0,0 +1,104 @@ +#!/bin/bash -e +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +mkdir -p /etc/salt/{master.d,minion.d,proxy.d} + +if [ ! -z "$SALT_EXT_PILLAR" ]; then + cp -avr "/tmp/${SALT_EXT_PILLAR}.conf" /etc/salt/master.d/ +fi + +if [ ! -f /home/ubuntu/.ssh/authorized_keys ]; then + install -D -o ubuntu /root/fuel/mcp/scripts/mcp.rsa.pub \ + /home/ubuntu/.ssh/authorized_keys + mkdir -p /root/.ssh/ + echo 'User ubuntu' > /root/.ssh/config + echo 'IdentityFile /root/fuel/mcp/scripts/mcp.rsa' >> /root/.ssh/config +fi + +# salt state does not properly configure file_roots in master.conf, hard set it +cp -a /root/fuel/mcp/scripts/docker-compose/files/opnfv_master.conf \ + /etc/salt/master.d/opnfv_master.conf +echo -e 'master: localhost\nmine_interval: 15' > /etc/salt/minion.d/opnfv_slave.conf + +# NOTE: Most Salt and/or reclass tools have issues traversing Docker mounts +# or detecting them as directories inside the container. +# For now, let's do a lot of copy operations to bypass this. +# Later, we will inject the OPNFV patched reclass model during image build. +rm -rf /srv/salt/reclass/classes/* +cp -ar /root/fuel/mcp/reclass/classes/* /srv/salt/reclass/classes +cp -ar /root/fuel/mcp/reclass/nodes/* /srv/salt/reclass/nodes +# Sensitive data should stay out of /root/fuel, which is exposed via Jenkins WS +cp -a /root/pod_config.yml \ + /srv/salt/reclass/classes/cluster/all-mcp-arch-common/opnfv/pod_config.yml + +# OPNFV formulas +prefix=/srv/salt/formula/salt-formulas +rm -f /root/fuel/mcp/salt-formulas/*/.git +cp -ar /root/fuel/mcp/salt-formulas/* ${prefix}/ +for formula in 'armband' 'opendaylight' 'tacker' 'quagga'; do + ln -sf /root/fuel/mcp/salt-formulas/salt-formula-${formula}/* \ + /srv/salt/env/prd/ +done + +# Re-create classes.service links that we destroyed above +for formula in ${prefix}/*; do + if [ -e "${formula}/metadata/service" ] && [[ ! $formula =~ \. ]]; then + ln -sf "${formula}/metadata/service" \ + "/srv/salt/reclass/classes/service/${formula#${prefix}/salt-formula-}" + fi +done + +# Create links for salt-formula-* packages to mimic git-style salt-formulas +for artifact in /usr/share/salt-formulas/env/_*/*; do + ln -sf "${artifact}" "/srv/salt/env/prd/${artifact#/usr/share/salt-formulas/env/}" +done +for artifact in /usr/share/salt-formulas/env/*; do + if [[ ! ${artifact} =~ ^_ ]]; then + ln -sf "${artifact}" "/srv/salt/env/prd/$(basename ${artifact})" + fi +done +for formula in /usr/share/salt-formulas/reclass/service/*; do + ln -sf "${formula}" "/srv/salt/reclass/classes/service/$(basename ${formula})" +done + +# Temporary link rocky configs to stein +for f in /srv/salt/env/prd/*/files/rocky; do + if [ ! -d "$f/../stein" ]; then + ln -sf "$f" "$f/../stein" + fi +done + +# Tini init system resembles upstart very much, but needs a little adjustment +sed -i -e "s|return 'start/running' in |return 'is running' in |" \ + -e "s|ret = _default_runlevel|return _default_runlevel|" \ + /usr/lib/python2.7/dist-packages/salt/modules/upstart.py + +# Workaround for: https://github.com/salt-formulas/reclass/issues/77 +sed -i -e 's|\(ignore_overwritten_missing_references\)defaults.|\1|' \ + /usr/local/lib/python2.7/dist-packages/reclass/settings.py + +# Remove broken symlinks in /srv/salt, silences recurring warnings +find -L /srv/salt /srv/salt/env/prd/_* -maxdepth 1 -type l -delete + +# Fix up any permissions after above file shuffling +chown root:root -R /srv/salt + +# Docker-ce 19.x+ workaround for broken domainname setup +# shellcheck source=/dev/null +source /root/fuel/mcp/scripts/xdf_data.sh +hostname -b "cfg01.${CLUSTER_DOMAIN}" + +service ssh start +service salt-minion start + +if [[ $# -lt 1 ]] || [[ "$1" == "--"* ]]; then + exec /usr/bin/salt-master --log-file-level=quiet --log-level=info "$@" +else + exec "$@" +fi diff --git a/mcp/scripts/docker-compose/files/entrypoint_maas.sh.j2 b/mcp/scripts/docker-compose/files/entrypoint_maas.sh.j2 new file mode 100644 index 000000000..d92eeb017 --- /dev/null +++ b/mcp/scripts/docker-compose/files/entrypoint_maas.sh.j2 @@ -0,0 +1,62 @@ +#!/bin/bash -e +############################################################################## +# Copyright (c) 2019 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +{%- set pxebr_addr = nm.net_admin | ipnet_hostaddr(nm.start_ip[nm.net_admin] + nm.net_admin_hosts.index('opnfv_infra_maas_node01_deploy_address') +1) %} +if [ ! -e /var/lib/postgresql/*/main ]; then + cp -ar /var/lib/opnfv/{postgresql,maas} /var/lib/ + cp -ar /var/lib/opnfv/etc/maas /etc/ +fi +chown -R maas:maas /var/lib/maas /etc/maas +chown -R postgres:postgres /var/lib/postgresql +chown -R proxy:proxy /var/spool/maas-proxy + +if [ ! -f /etc/sysctl.d/99-salt.conf ]; then + echo 'net.ipv4.ip_forward = 1' > /etc/sysctl.d/99-salt.conf +fi + +cat <<-EOF | tee /etc/resolv.conf +{%- for server in nm.dns_public %} +nameserver {{ server }} +{%- endfor %} +EOF + +cat <<-EOF | tee /etc/salt/minion.d/opnfv.conf +id: mas01.{{ conf.cluster.domain }} +master: {{ conf.SALT_MASTER }} +grains: + virtual_subtype: Docker_ +EOF +rm -f /etc/salt/minion.d/99-master-address.conf + +# Work around MaaS issues with PXE/admin using jumbo frames +MAAS_MTU_SERVICE="/etc/systemd/system/maas-mtu.service" +cat <<-EOF | tee "${MAAS_MTU_SERVICE}" +[Unit] +Requires=network-online.target +After=network-online.target +[Service] +ExecStart=/bin/sh -ec '\ + /sbin/ifconfig $(/sbin/ip addr | /bin/grep -Po "{{ pxebr_addr }}.* \K(.*)") mtu 1500' +EOF +ln -sf "${MAAS_MTU_SERVICE}" "/etc/systemd/system/multi-user.target.wants/" + +# Configure mass-region-controller if not already done previously +[ ! -e /var/lib/maas/secret ] || exit 0 +MAAS_FIXUP_SERVICE="/etc/systemd/system/maas-fixup.service" +cat <<-EOF | tee "${MAAS_FIXUP_SERVICE}" +[Unit] +After=postgresql.service +[Service] +ExecStart=/bin/sh -ec '\ + echo "debconf debconf/frontend select Noninteractive" | debconf-set-selections && \ + /var/lib/dpkg/info/maas-region-controller.config configure && \ + /var/lib/dpkg/info/maas-region-controller.postinst configure' +EOF +ln -sf "${MAAS_FIXUP_SERVICE}" "/etc/systemd/system/multi-user.target.wants/" +rm "/usr/sbin/policy-rc.d" diff --git a/mcp/scripts/docker-compose/files/hosts.j2 b/mcp/scripts/docker-compose/files/hosts.j2 new file mode 100644 index 000000000..b42c5a088 --- /dev/null +++ b/mcp/scripts/docker-compose/files/hosts.j2 @@ -0,0 +1,7 @@ +{{ conf.SALT_MASTER }} cfg01.{{ conf.cluster.domain }} +127.0.0.1 localhost +::1 localhost ip6-localhost ip6-loopback +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters diff --git a/mcp/scripts/docker-compose/files/opnfv_master.conf b/mcp/scripts/docker-compose/files/opnfv_master.conf new file mode 100644 index 000000000..8e6d1af28 --- /dev/null +++ b/mcp/scripts/docker-compose/files/opnfv_master.conf @@ -0,0 +1,21 @@ +worker_threads: 20 +timeout: 15 +gather_job_timeout: 30 +max_open_files: 15000 + +file_roots: + base: + - /srv/salt/env/prd + prd: + - /srv/salt/env/prd + dev: + - /srv/salt/env/dev + - /srv/salt/env/prd + +user: root +file_recv: True + +open_mode: True + +peer: + .*: ['x509.sign_remote_certificate'] diff --git a/mcp/scripts/globals.sh b/mcp/scripts/globals.sh index fe8d7a3f9..e5d1decc6 100644 --- a/mcp/scripts/globals.sh +++ b/mcp/scripts/globals.sh @@ -1,6 +1,6 @@ #!/bin/bash -e ############################################################################## -# Copyright (c) 2017 Ericsson AB, Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Ericsson AB, Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at @@ -12,8 +12,47 @@ export CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x export SSH_KEY=${SSH_KEY:-"/var/lib/opnfv/mcp.rsa"} export SALT_MASTER=${INSTALLER_IP:-10.20.0.2} export SALT_MASTER_USER=${SALT_MASTER_USER:-ubuntu} +export VIRSH=${VIRSH:-'virsh --connect qemu:///system'} +export MCP_KERNEL_VER=${MCP_KERNEL_VER:-5.0.0-37} + +# Derived from INSTALLER_IP +export MCPCONTROL_NET=${MCPCONTROL_NET:-${SALT_MASTER%.*}.0} +export MCPCONTROL_PREFIX=${MCPCONTROL_PREFIX:-24} export MAAS_IP=${MAAS_IP:-${SALT_MASTER%.*}.3} -# Derivated from above global vars +# Derived from above global vars, not overideable export SSH_OPTS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${SSH_KEY}" export SSH_SALT="${SALT_MASTER_USER}@${SALT_MASTER}" + +############################################################################## +# BEGIN of colored notification wrappers +# + +# same as `notify_i` + trailing '\n'; +function notify() { + local msg=${1}; shift + notify_i "${msg}\n" "$@" +} + +# Inline (no newline added) colored output notification wrapper +function notify_i() { + tput setaf "${2:-1}" || true + echo -en "${1:-"[WARN] Unsupported opt arg: $3\\n"}" + tput sgr0 || true +} + +# same as `notify` + extra '\n' before and after; +function notify_n() { + local msg=${1}; shift + notify_i "\n${msg}\n\n" "$@" +} + +# same as `notify` + stderr output + exit; +function notify_e() { + local msg=${1}; shift + notify_i "\n${msg}\n\n" "$@" 1>&2 + exit 1 +} +# +# END of colored notification wrapper +############################################################################## diff --git a/mcp/scripts/lib.sh b/mcp/scripts/lib.sh index 29c27d9e9..6455a65c0 100644 --- a/mcp/scripts/lib.sh +++ b/mcp/scripts/lib.sh @@ -1,437 +1,16 @@ #!/bin/bash -e -# shellcheck disable=SC2155,SC1001 +# shellcheck disable=SC2155,SC2015 ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## # -# Library of shell functions +# Library of common shell functions used by build/deploy scripts, states etc. # -function generate_ssh_key { - local mcp_ssh_key=$(basename "${SSH_KEY}") - local user=${USER} - if [ -n "${SUDO_USER}" ] && [ "${SUDO_USER}" != 'root' ]; then - user=${SUDO_USER} - fi - - if [ -f "${SSH_KEY}" ]; then - cp "${SSH_KEY}" . - ssh-keygen -f "${mcp_ssh_key}" -y > "${mcp_ssh_key}.pub" - fi - - [ -f "${mcp_ssh_key}" ] || ssh-keygen -f "${mcp_ssh_key}" -N '' - sudo install -D -o "${user}" -m 0600 "${mcp_ssh_key}" "${SSH_KEY}" -} - -function get_base_image { - local base_image=$1 - local image_dir=$2 - - mkdir -p "${image_dir}" - wget -P "${image_dir}" -N "${base_image}" -} - -function __kernel_modules { - # Load mandatory kernel modules: loop, nbd - local image_dir=$1 - sudo modprobe loop - if sudo modprobe nbd max_part=8 || sudo modprobe -f nbd max_part=8; then - return 0 - fi - # CentOS (or RHEL family in general) do not provide 'nbd' out of the box - echo "[WARN] 'nbd' kernel module cannot be loaded!" - if [ ! -e /etc/redhat-release ]; then - echo "[ERROR] Non-RHEL system detected, aborting!" - echo "[ERROR] Try building 'nbd' manually or install it from a 3rd party." - exit 1 - fi - - # Best-effort attempt at building a non-maintaned kernel module - local __baseurl - local __subdir - local __uname_r=$(uname -r) - local __uname_m=$(uname -m) - if [ "${__uname_m}" = 'x86_64' ]; then - __baseurl='http://vault.centos.org/centos' - __subdir='Source/SPackages' - __srpm="kernel-${__uname_r%.${__uname_m}}.src.rpm" - else - __baseurl='http://vault.centos.org/altarch' - __subdir="Source/${__uname_m}/Source/SPackages" - # NOTE: fmt varies across releases (e.g. kernel-alt-4.11.0-44.el7a.src.rpm) - __srpm="kernel-alt-${__uname_r%.${__uname_m}}.src.rpm" - fi - - local __found='n' - local __versions=$(curl -s "${__baseurl}/" | grep -Po 'href="\K7\.[\d\.]+') - for ver in ${__versions}; do - for comp in os updates; do - local url="${__baseurl}/${ver}/${comp}/${__subdir}/${__srpm}" - if wget "${url}" -O "${image_dir}/${__srpm}" > /dev/null 2>&1; then - __found='y'; break 2 - fi - done - done - - if [ "${__found}" = 'n' ]; then - echo "[ERROR] Can't find the linux kernel SRPM for: ${__uname_r}" - echo "[ERROR] 'nbd' module cannot be built, aborting!" - echo "[ERROR] Try 'yum upgrade' or building 'nbd' krn module manually ..." - exit 1 - fi - - rpm -ivh "${image_dir}/${__srpm}" 2> /dev/null - mkdir -p ~/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} - # shellcheck disable=SC2016 - echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros - ( - cd ~/rpmbuild/SPECS - rpmbuild -bp --nodeps --target="${__uname_m}" kernel*.spec - cd ~/rpmbuild/BUILD/"${__srpm%.src.rpm}"/linux-* - sed -i 's/^.*\(CONFIG_BLK_DEV_NBD\).*$/\1=m/g' .config - # http://centosfaq.org/centos/nbd-does-not-compile-for-3100-514262el7x86_64 - if grep -Rq 'REQ_TYPE_DRV_PRIV' drivers/block; then - sed -i 's/REQ_TYPE_SPECIAL/REQ_TYPE_DRV_PRIV/g' drivers/block/nbd.c - fi - gunzip -c "/boot/symvers-${__uname_r}.gz" > Module.symvers - make prepare modules_prepare - make M=drivers/block -j - modinfo drivers/block/nbd.ko - sudo mkdir -p "/lib/modules/${__uname_r}/extra/" - sudo cp drivers/block/nbd.ko "/lib/modules/${__uname_r}/extra/" - ) - sudo depmod -a - sudo modprobe nbd max_part=8 || sudo modprobe -f nbd max_part=8 -} - -function mount_image { - local image=$1 - local image_dir=$2 - OPNFV_MNT_DIR="${image_dir}/ubuntu" - - # Find free nbd, loop devices - for dev in '/sys/class/block/nbd'*; do - if [ "$(cat "${dev}/size")" = '0' ]; then - OPNFV_NBD_DEV=/dev/$(basename "${dev}") - break - fi - done - OPNFV_LOOP_DEV=$(losetup -f) - OPNFV_MAP_DEV=/dev/mapper/$(basename "${OPNFV_NBD_DEV}")p1 - export OPNFV_MNT_DIR OPNFV_LOOP_DEV - [ -n "${OPNFV_NBD_DEV}" ] && [ -n "${OPNFV_LOOP_DEV}" ] || exit 1 - qemu-img resize "${image_dir}/${image}" 3G - sudo qemu-nbd --connect="${OPNFV_NBD_DEV}" --aio=native --cache=none \ - "${image_dir}/${image}" - sudo kpartx -av "${OPNFV_NBD_DEV}" - sleep 5 # /dev/nbdNp1 takes some time to come up - # Hardcode partition index to 1, unlikely to change for Ubuntu UCA image - if sudo growpart "${OPNFV_NBD_DEV}" 1; then - sudo kpartx -u "${OPNFV_NBD_DEV}" - sudo e2fsck -pf "${OPNFV_MAP_DEV}" - sudo resize2fs "${OPNFV_MAP_DEV}" - fi - # grub-update does not like /dev/nbd*, so use a loop device to work around it - sudo losetup "${OPNFV_LOOP_DEV}" "${OPNFV_MAP_DEV}" - mkdir -p "${OPNFV_MNT_DIR}" - sudo mount "${OPNFV_LOOP_DEV}" "${OPNFV_MNT_DIR}" - sudo mount -t proc proc "${OPNFV_MNT_DIR}/proc" - sudo mount -t sysfs sys "${OPNFV_MNT_DIR}/sys" - sudo mount -o bind /dev "${OPNFV_MNT_DIR}/dev" - sudo mkdir -p "${OPNFV_MNT_DIR}/run/resolvconf" - sudo cp /etc/resolv.conf "${OPNFV_MNT_DIR}/run/resolvconf" - echo "GRUB_DISABLE_OS_PROBER=true" | \ - sudo tee -a "${OPNFV_MNT_DIR}/etc/default/grub" - sudo sed -i -e 's/^\(GRUB_TIMEOUT\)=.*$/\1=1/g' -e 's/^GRUB_HIDDEN.*$//g' \ - "${OPNFV_MNT_DIR}/etc/default/grub" -} - -function apt_repos_pkgs_image { - local apt_key_urls=(${1//,/ }) - local all_repos=(${2//,/ }) - local pkgs_i=(${3//,/ }) - local pkgs_r=(${4//,/ }) - [ -n "${OPNFV_MNT_DIR}" ] || exit 1 - - # APT keys - if [ "${#apt_key_urls[@]}" -gt 0 ]; then - for apt_key in "${apt_key_urls[@]}"; do - sudo chroot "${OPNFV_MNT_DIR}" /bin/bash -c \ - "wget -qO - '${apt_key}' | apt-key add -" - done - fi - # Additional repositories - for repo_line in "${all_repos[@]}"; do - # <repo_name>|<repo prio>|deb|[arch=<arch>]|<repo url>|<dist>|<repo comp> - local repo=(${repo_line//|/ }) - [ "${#repo[@]}" -gt 5 ] || continue - # NOTE: Names and formatting are compatible with Salt linux.system.repo - cat <<-EOF | sudo tee "${OPNFV_MNT_DIR}/etc/apt/preferences.d/${repo[0]}" - - Package: * - Pin: release a=${repo[-2]} - Pin-Priority: ${repo[1]} - - EOF - echo "${repo[@]:2}" | sudo tee \ - "${OPNFV_MNT_DIR}/etc/apt/sources.list.d/${repo[0]}.list" - done - # Install packages - if [ "${#pkgs_i[@]}" -gt 0 ]; then - sudo DEBIAN_FRONTEND="noninteractive" \ - chroot "${OPNFV_MNT_DIR}" apt-get update - sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ - chroot "${OPNFV_MNT_DIR}" apt-get install -y "${pkgs_i[@]}" - fi - # Remove packages - if [ "${#pkgs_r[@]}" -gt 0 ]; then - sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ - chroot "${OPNFV_MNT_DIR}" apt-get purge -y "${pkgs_r[@]}" - fi - # Disable cloud-init metadata service datasource - sudo mkdir -p "${OPNFV_MNT_DIR}/etc/cloud/cloud.cfg.d" - echo "datasource_list: [ NoCloud, None ]" | sudo tee \ - "${OPNFV_MNT_DIR}/etc/cloud/cloud.cfg.d/95_real_datasources.cfg" -} - -function cleanup_mounts { - # Remove any mounts, loop and/or nbd devs created while patching base image - if [ -n "${OPNFV_MNT_DIR}" ] && [ -d "${OPNFV_MNT_DIR}" ]; then - if [ -f "${OPNFV_MNT_DIR}/boot/grub/grub.cfg" ]; then - # Grub thinks it's running from a live CD - sudo sed -i -e 's/^\s*set root=.*$//g' -e 's/^\s*loopback.*$//g' \ - "${OPNFV_MNT_DIR}/boot/grub/grub.cfg" - fi - sudo rm -f "${OPNFV_MNT_DIR}/run/resolvconf/resolv.conf" - sync - if mountpoint -q "${OPNFV_MNT_DIR}"; then - sudo umount -l "${OPNFV_MNT_DIR}" || true - fi - fi - if [ -n "${OPNFV_LOOP_DEV}" ] && \ - losetup "${OPNFV_LOOP_DEV}" 1>&2 > /dev/null; then - sudo losetup -d "${OPNFV_LOOP_DEV}" - fi - if [ -n "${OPNFV_NBD_DEV}" ]; then - sudo kpartx -d "${OPNFV_NBD_DEV}" || true - sudo qemu-nbd -d "${OPNFV_NBD_DEV}" || true - fi -} - -function cleanup_uefi { - # Clean up Ubuntu boot entry if cfg01, kvm nodes online from previous deploy - local cmd_str="ssh ${SSH_OPTS} ${SSH_SALT}" - [ ! "$(hostname)" = 'cfg01' ] || cmd_str='eval' - ${cmd_str} "sudo salt -C 'kvm* or cmp*' cmd.run \ - \"which efibootmgr > /dev/null 2>&1 && \ - efibootmgr | grep -oP '(?<=Boot)[0-9]+(?=.*ubuntu)' | \ - xargs -I{} efibootmgr --delete-bootnum --bootnum {}; \ - rm -rf /boot/efi/*\"" || true -} - -function cleanup_vms { - # clean up existing nodes - for node in $(virsh list --name | grep -P '\w{3}\d{2}'); do - virsh destroy "${node}" - done - for node in $(virsh list --name --all | grep -P '\w{3}\d{2}'); do - virsh domblklist "${node}" | awk '/^.da/ {print $2}' | \ - xargs --no-run-if-empty -I{} sudo rm -f {} - virsh undefine "${node}" --remove-all-storage --nvram - done -} - -function prepare_vms { - local base_image=$1; shift - local image_dir=$1; shift - local repos_pkgs_str=$1; shift # ^-sep list of repos, pkgs to install/rm - local vnodes=("$@") - local image=base_image_opnfv_fuel.img - local vcp_image=${image%.*}_vcp.img - local _o=${base_image/*\/} - local _h=$(echo "${repos_pkgs_str}.$(md5sum "${image_dir}/${_o}")" | \ - md5sum | cut -c -8) - local _tmp - - cleanup_uefi - cleanup_vms - get_base_image "${base_image}" "${image_dir}" - IFS='^' read -r -a repos_pkgs <<< "${repos_pkgs_str}" - - echo "[INFO] Lookup cache / build patched base image for fingerprint: ${_h}" - _tmp="${image%.*}.${_h}.img" - if [ "${image_dir}/${_tmp}" -ef "${image_dir}/${image}" ]; then - echo "[INFO] Patched base image found" - else - rm -f "${image_dir}/${image%.*}"* - if [[ ! "${repos_pkgs_str}" =~ ^\^+$ ]]; then - echo "[INFO] Patching base image ..." - cp "${image_dir}/${_o}" "${image_dir}/${_tmp}" - __kernel_modules "${image_dir}" - mount_image "${_tmp}" "${image_dir}" - apt_repos_pkgs_image "${repos_pkgs[@]:0:4}" - cleanup_mounts - else - echo "[INFO] No patching required, using vanilla base image" - ln -sf "${image_dir}/${_o}" "${image_dir}/${_tmp}" - fi - ln -sf "${image_dir}/${_tmp}" "${image_dir}/${image}" - fi - - envsubst < user-data.template > user-data.sh # CWD should be <mcp/scripts> - - # Create config ISO and resize OS disk image for each foundation node VM - for node in "${vnodes[@]}"; do - ./create-config-drive.sh -k "$(basename "${SSH_KEY}").pub" -u user-data.sh \ - -h "${node}" "${image_dir}/mcp_${node}.iso" - cp "${image_dir}/${image}" "${image_dir}/mcp_${node}.qcow2" - qemu-img resize "${image_dir}/mcp_${node}.qcow2" 100G - done - - # VCP VMs base image specific changes - if [[ ! "${repos_pkgs_str}" =~ \^{3}$ ]] && [ -n "${repos_pkgs[*]:4}" ]; then - echo "[INFO] Lookup cache / build patched VCP image for md5sum: ${_h}" - _tmp="${vcp_image%.*}.${_h}.img" - if [ "${image_dir}/${_tmp}" -ef "${image_dir}/${vcp_image}" ]; then - echo "[INFO] Patched VCP image found" - else - echo "[INFO] Patching VCP image ..." - cp "${image_dir}/${image}" "${image_dir}/${_tmp}" - __kernel_modules "${image_dir}" - mount_image "${_tmp}" "${image_dir}" - apt_repos_pkgs_image "${repos_pkgs[@]:4:4}" - cleanup_mounts - ln -sf "${image_dir}/${_tmp}" "${image_dir}/${vcp_image}" - fi - fi -} - -function create_networks { - local vnode_networks=("$@") - # create required networks, including constant "mcpcontrol" - # FIXME(alav): since we renamed "pxe" to "mcpcontrol", we need to make sure - # we delete the old "pxe" virtual network, or it would cause IP conflicts. - for net in "pxe" "mcpcontrol" "${vnode_networks[@]}"; do - if virsh net-info "${net}" >/dev/null 2>&1; then - virsh net-destroy "${net}" || true - virsh net-undefine "${net}" - fi - # in case of custom network, host should already have the bridge in place - if [ -f "net_${net}.xml" ] && [ ! -d "/sys/class/net/${net}/bridge" ]; then - virsh net-define "net_${net}.xml" - virsh net-autostart "${net}" - virsh net-start "${net}" - fi - done -} - -function create_vms { - local image_dir=$1; shift - # vnode data should be serialized with the following format: - # '<name0>,<ram0>,<vcpu0>|<name1>,<ram1>,<vcpu1>[...]' - IFS='|' read -r -a vnodes <<< "$1"; shift - local vnode_networks=("$@") - - # AArch64: prepare arch specific arguments - local virt_extra_args="" - if [ "$(uname -i)" = "aarch64" ]; then - # No Cirrus VGA on AArch64, use virtio instead - virt_extra_args="$virt_extra_args --video=virtio" - fi - - # create vms with specified options - for serialized_vnode_data in "${vnodes[@]}"; do - IFS=',' read -r -a vnode_data <<< "${serialized_vnode_data}" - - # prepare network args - net_args=" --network network=mcpcontrol,model=virtio" - if [ "${DEPLOY_TYPE:-}" = 'baremetal' ]; then - # 3rd interface gets connected to PXE/Admin Bridge (cfg01, mas01) - vnode_networks[2]="${vnode_networks[0]}" - fi - for net in "${vnode_networks[@]:1}"; do - net_args="${net_args} --network bridge=${net},model=virtio" - done - - # shellcheck disable=SC2086 - virt-install --name "${vnode_data[0]}" \ - --ram "${vnode_data[1]}" --vcpus "${vnode_data[2]}" \ - --cpu host-passthrough --accelerate ${net_args} \ - --disk path="${image_dir}/mcp_${vnode_data[0]}.qcow2",format=qcow2,bus=virtio,cache=none,io=native \ - --os-type linux --os-variant none \ - --boot hd --vnc --console pty --autostart --noreboot \ - --disk path="${image_dir}/mcp_${vnode_data[0]}.iso",device=cdrom \ - --noautoconsole \ - ${virt_extra_args} - done -} - -function update_mcpcontrol_network { - # set static ip address for salt master node, MaaS node - local cmac=$(virsh domiflist cfg01 2>&1| awk '/mcpcontrol/ {print $5; exit}') - local amac=$(virsh domiflist mas01 2>&1| awk '/mcpcontrol/ {print $5; exit}') - virsh net-update "mcpcontrol" add ip-dhcp-host \ - "<host mac='${cmac}' name='cfg01' ip='${SALT_MASTER}'/>" --live --config - [ -z "${amac}" ] || virsh net-update "mcpcontrol" add ip-dhcp-host \ - "<host mac='${amac}' name='mas01' ip='${MAAS_IP}'/>" --live --config -} - -function start_vms { - local vnodes=("$@") - - # start vms - for node in "${vnodes[@]}"; do - virsh start "${node}" - sleep $((RANDOM%5+1)) - done -} - -function check_connection { - local total_attempts=60 - local sleep_time=5 - - set +e - echo '[INFO] Attempting to get into Salt master ...' - - # wait until ssh on Salt master is available - # shellcheck disable=SC2034 - for attempt in $(seq "${total_attempts}"); do - # shellcheck disable=SC2086 - ssh ${SSH_OPTS} "ubuntu@${SALT_MASTER}" uptime - case $? in - 0) echo "${attempt}> Success"; break ;; - *) echo "${attempt}/${total_attempts}> ssh server ain't ready yet, waiting for ${sleep_time} seconds ..." ;; - esac - sleep $sleep_time - done - set -e -} - -function parse_yaml { - local prefix=$2 - local s - local w - local fs - s='[[:space:]]*' - w='[a-zA-Z0-9_]*' - fs="$(echo @|tr @ '\034')" - sed -e 's|---||g' -ne "s|^\($s\)\($w\)$s:$s\"\(.*\)\"$s\$|\1$fs\2$fs\3|p" \ - -e "s|^\($s\)\($w\)$s[:-]$s\(.*\)$s\$|\1$fs\2$fs\3|p" "$1" | - awk -F"$fs" '{ - indent = length($1)/2; - vname[indent] = $2; - for (i in vname) {if (i > indent) {delete vname[i]}} - if (length($3) > 0) { - vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")} - printf("%s%s%s=(\"%s\")\n", "'"$prefix"'",vn, $2, $3); - } - }' | sed 's/_=/+=/g' -} - function wait_for { # Execute in a subshell to prevent local variable override during recursion ( @@ -443,12 +22,11 @@ function wait_for { for attempt in $(seq "${total_attempts}"); do echo "[wait_for] Attempt ${attempt}/${total_attempts%.*} for: ${cmdstr}" if [ "${total_attempts%.*}" = "${total_attempts}" ]; then - # shellcheck disable=SC2015 eval "${cmdstr}" && echo "[wait_for] OK: ${cmdstr}" && return 0 || true else - !(eval "${cmdstr}" || echo __fuel_wf_failure__) |& tee /dev/stderr | \ - grep -Eq '(Not connected|No response|__fuel_wf_failure__)' && \ - echo "[wait_for] OK: ${cmdstr}" && return 0 || true + ! (eval "${cmdstr}" || echo 'No response') |& tee /dev/stderr | \ + grep -Eq '(Not connected|No response)' && \ + echo "[wait_for] OK: ${cmdstr}" && return 0 || true fi sleep "${sleep_time}" done @@ -456,3 +34,24 @@ function wait_for { return 1 ) } + +function cleanup_uefi { + # Clean up Ubuntu boot entry if cfg01, baremetal nodes online from previous deploy + local cmd_str="ssh ${SSH_OPTS} ${SSH_SALT}" + ping -c 1 -w 1 "${SALT_MASTER}" || return 0 + [ ! "$(hostname)" = 'cfg01' ] || cmd_str='eval' + ${cmd_str} "sudo salt -C 'G@virtual:physical and not cfg01*' cmd.run \ + \"which efibootmgr > /dev/null 2>&1 && \ + efibootmgr | grep -oP '(?<=Boot)[0-9]+(?=.*ubuntu)' | \ + xargs -I{} efibootmgr --delete-bootnum --bootnum {}; \ + rm -rf /boot/efi/*\"" || true + + ${cmd_str} "sudo salt -C 'G@virtual:physical and not cfg01*' cmd.run 'shutdown now'" || true +} + +function get_nova_compute_pillar_data { + local value=$(salt -C 'I@nova:compute and *01*' pillar.get _param:"${1}" --out yaml | cut -d ' ' -f2) + if [ "${value}" != "''" ]; then + echo "${value}" + fi +} diff --git a/mcp/scripts/lib_jump_common.sh b/mcp/scripts/lib_jump_common.sh new file mode 100644 index 000000000..c2bd46649 --- /dev/null +++ b/mcp/scripts/lib_jump_common.sh @@ -0,0 +1,213 @@ +#!/bin/bash -e +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# Library of shell functions used by build / deploy scripts on jumpserver: +# - distro package requirements installation (e.g. DEB, RPM); +# - other package requirements from custom sources (e.g. docker); +# - jumpserver prerequisites validation (e.g. network bridges); +# - distro configuration (e.g. udev, sysctl); +# etc. + +############################################################################## +# private helper functions +############################################################################## + +function __parse_yaml { + local prefix=$2 + local s + local w + local fs + s='[[:space:]]*' + w='[a-zA-Z0-9_]*' + fs="$(echo @|tr @ '\034')" + sed -e 's|---||g' -ne "s|^\($s\)\($w\)$s:$s\"\(.*\)\"$s\$|\1$fs\2$fs\3|p" \ + -e "s|^\($s\)\($w\)$s[:-]$s\(.*\)$s\$|\1$fs\2$fs\3|p" "$1" | + awk -F"$fs" '{ + indent = length($1)/2; + vname[indent] = $2; + for (i in vname) {if (i > indent) {delete vname[i]}} + if (length($3) > 0) { + vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")} + printf("%s%s%s=(\"%s\")\n", "'"$prefix"'",vn, $2, $3); + } + }' | sed 's/_=/+=/g' +} + +############################################################################## +# public functions +############################################################################## + +function jumpserver_pkg_install { + local req_type=$1 + if [ -n "$(command -v apt-get)" ]; then + pkg_type='deb'; pkg_cmd='sudo apt-get install -y' + else + pkg_type='rpm'; pkg_cmd='sudo yum install -y --skip-broken' + fi + eval "$(__parse_yaml "./requirements_${pkg_type}.yaml")" + for section in 'common' "$(uname -i)"; do + section_var="${req_type}_${section}[*]" + pkg_list+=" ${!section_var}" + done + # shellcheck disable=SC2086 + ${pkg_cmd} ${pkg_list} +} + +function jumpserver_check_requirements { + # shellcheck disable=SC2178 + local states=$1; shift + # shellcheck disable=SC2178 + local vnodes=$1; shift + local br=("$@") + local err_br_not_found='Linux bridge not found!' + local err_br_virsh_net='is a virtual network, Linux bridge expected!' + local warn_br_endpoint="Endpoints might be inaccessible from external hosts!" + # MaaS requires a Linux bridge for PXE/admin + if [[ "${states}" =~ maas ]]; then + if ! brctl showmacs "${br[0]}" >/dev/null 2>&1; then + notify_e "[ERROR] PXE/admin (${br[0]}) ${err_br_not_found}" + fi + # Assume virsh network name matches bridge name (true if created by us) + if ${VIRSH} net-info "${br[0]}" >/dev/null 2>&1; then + notify_e "[ERROR] ${br[0]} ${err_br_virsh_net}" + fi + fi + # If virtual nodes are present, public should be a Linux bridge + if [ -n "${vnodes}" ]; then + if ! brctl showmacs "${br[3]}" >/dev/null 2>&1; then + if [[ "${states}" =~ maas ]]; then + # Baremetal nodes *require* a proper public network + notify_e "[ERROR] Public (${br[3]}) ${err_br_not_found}" + else + notify_n "[WARN] Public (${br[3]}) ${err_br_not_found}" 3 + notify_n "[WARN] ${warn_br_endpoint}" 3 + fi + fi + if ${VIRSH} net-info "${br[3]}" >/dev/null 2>&1; then + if [[ "${states}" =~ maas ]]; then + notify_e "[ERROR] ${br[3]} ${err_br_virsh_net}" + else + notify_n "[WARN] ${br[3]} ${err_br_virsh_net}" 3 + notify_n "[WARN] ${warn_br_endpoint}" 3 + fi + fi + # https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1797332 + if lsb_release -d | grep -q -e 'Ubuntu 16.04'; then + if uname -r | grep -q -e '^4\.4\.'; then + notify_n "[WARN] Host kernel too old; nested virtualization issues!" 3 + notify_n "[WARN] apt install linux-generic-hwe-16.04 && reboot" 3 + notify_e "[ERROR] Please upgrade the kernel and reboot!" + fi + fi + fi +} + +function docker_install { + local image_dir=$1 + # Mininum effort attempt at installing Docker if missing + if ! docker --version; then + curl -fsSL https://get.docker.com -o get-docker.sh + sudo sh get-docker.sh + rm get-docker.sh + # On RHEL distros, the Docker service should be explicitly started + sudo systemctl start docker + else + DOCKER_VER=$(docker version --format '{{.Server.Version}}') + if [ "${DOCKER_VER%%.*}" -lt 2 ]; then + notify_e "[ERROR] Docker version ${DOCKER_VER} is too old, please upgrade it." + fi + fi + # Distro-provided docker-compose might be simply broken (Ubuntu 16.04, CentOS 7) + if ! docker-compose --version > /dev/null 2>&1 || \ + [ "$(docker-compose version --short | tr -d '.')" -lt 1220 ] && \ + [ "$(uname -m)" = 'x86_64' ]; then + COMPOSE_BIN="${image_dir}/docker-compose" + COMPOSE_VERSION='1.22.0' + notify_n "[WARN] Using docker-compose ${COMPOSE_VERSION} in ${COMPOSE_BIN}" 3 + if [ ! -e "${COMPOSE_BIN}" ]; then + COMPOSE_URL="https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}" + sudo curl -L "${COMPOSE_URL}/docker-compose-$(uname -s)-$(uname -m)" -o "${COMPOSE_BIN}" + sudo chmod +x "${COMPOSE_BIN}" + fi + fi +} + +function e2fsprogs_install { + local image_dir=$1 + E2FS_VER=$(e2fsck -V 2>&1 | grep -Pzo "e2fsck \K1\.\d{2}") + if [ "${E2FS_VER//./}" -lt 143 ]; then + E2FS_TGZ="${image_dir}/e2fsprogs.tar.gz" + E2FS_VER='1.43.9' + E2FS_URL="https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/snapshot/e2fsprogs-${E2FS_VER}.tar.gz" + notify_n "[WARN] Using e2fsprogs ${E2FS_VER} from ${E2FS_TGZ}" 3 + if [ ! -e "${E2FS_TGZ}" ]; then + curl -L "${E2FS_URL}" -o "${E2FS_TGZ}" + mkdir -p "${image_dir}/e2fsprogs" + tar xzf "${E2FS_TGZ}" -C "${image_dir}/e2fsprogs" --strip-components=1 + cd "${image_dir}/e2fsprogs" || exit 1 + ./configure + make + cd - || exit 1 + fi + fi +} + +function virtinst_install { + local image_dir=$1 + VIRT_VER=$(virt-install --version 2>&1) + if [ "${VIRT_VER//./}" -lt 140 ]; then + VIRT_TGZ="${image_dir}/virt-manager.tar.gz" + VIRT_VER='1.4.3' + VIRT_URL="https://github.com/virt-manager/virt-manager/archive/v${VIRT_VER}.tar.gz" + notify_n "[WARN] Using virt-install ${VIRT_VER} from ${VIRT_TGZ}" 3 + if [ ! -e "${VIRT_TGZ}" ]; then + curl -L "${VIRT_URL}" -o "${VIRT_TGZ}" + mkdir -p "${image_dir}/virt-manager" + tar xzf "${VIRT_TGZ}" -C "${image_dir}/virt-manager" --strip-components=1 + fi + fi +} + +function do_udev_cfg { + local _conf='/etc/udev/rules.d/99-opnfv-fuel-vnet-mtu.rules' + # http://linuxaleph.blogspot.com/2013/01/how-to-network-jumbo-frames-to-kvm-guest.html + echo 'SUBSYSTEM=="net", ACTION=="add|change", KERNEL=="vnet*", RUN+="/bin/sh -c '"'/bin/sleep 1; /sbin/ip link set %k mtu 9000'\"" |& sudo tee "${_conf}" + echo 'SUBSYSTEM=="net", ACTION=="add|change", KERNEL=="*-nic", RUN+="/bin/sh -c '"'/bin/sleep 1; /sbin/ip link set %k mtu 9000'\"" |& sudo tee -a "${_conf}" + sudo udevadm control --reload + sudo udevadm trigger +} + +function do_sysctl_cfg { + local _conf='/etc/sysctl.d/99-opnfv-fuel-bridge.conf' + # https://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf + if modprobe br_netfilter bridge; then + echo 'net.bridge.bridge-nf-call-arptables = 0' |& sudo tee "${_conf}" + echo 'net.bridge.bridge-nf-call-iptables = 0' |& sudo tee -a "${_conf}" + echo 'net.bridge.bridge-nf-call-ip6tables = 0' |& sudo tee -a "${_conf}" + # Some distros / sysadmins explicitly blacklist br_netfilter + sudo sysctl -q -p "${_conf}" || true + fi +} + +function generate_ssh_key { + # shellcheck disable=SC2155 + local mcp_ssh_key=$(basename "${SSH_KEY}") + local user=${USER} + if [ -n "${SUDO_USER}" ] && [ "${SUDO_USER}" != 'root' ]; then + user=${SUDO_USER} + fi + + if [ -f "${SSH_KEY}" ]; then + cp "${SSH_KEY}" . + ssh-keygen -f "${mcp_ssh_key}" -y > "${mcp_ssh_key}.pub" + fi + + [ -f "${mcp_ssh_key}" ] || ssh-keygen -f "${mcp_ssh_key}" -N '' + sudo install -D -o "${user}" -m 0600 "${mcp_ssh_key}" "${SSH_KEY}" +} diff --git a/mcp/scripts/lib_jump_deploy.sh b/mcp/scripts/lib_jump_deploy.sh new file mode 100644 index 000000000..3dc3c4436 --- /dev/null +++ b/mcp/scripts/lib_jump_deploy.sh @@ -0,0 +1,591 @@ +#!/bin/bash -e +# shellcheck disable=SC2155,SC1001,SC2015,SC2128 +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# Library of shell functions used by deploy script on jumpserver: +# - base cloud image (used by FN VMs and VCP VMs) processing: +# * download; +# * tooling for offline image modification (without libguestfs); +# * package pre-installation (requires nbd, loop krn mods); +# - virtualized hosts processing: +# * virsh-managed VMs boilerplate; +# * salt master container tooling; +# * virsh & docker network plumbing; +# etc. + +############################################################################## +# private helper functions +############################################################################## + +function __get_base_image { + local base_image=$1 + local image_dir=$2 + + mkdir -p "${image_dir}" + wget --progress=dot:giga -P "${image_dir}" -N "${base_image}" +} + +function __kernel_modules { + # Load mandatory kernel modules: loop, nbd + local image_dir=$1 + test -e /dev/loop-control || sudo modprobe loop + if sudo modprobe nbd max_part=8 || sudo modprobe -f nbd max_part=8; then + return 0 + fi + if [ -e /dev/nbd0 ]; then return 0; fi # nbd might be inbuilt + # CentOS (or RHEL family in general) do not provide 'nbd' out of the box + echo "[WARN] 'nbd' kernel module cannot be loaded!" + if [ ! -e /etc/redhat-release ]; then + echo "[ERROR] Non-RHEL system detected, aborting!" + echo "[ERROR] Try building 'nbd' manually or install it from a 3rd party." + exit 1 + fi + + # Best-effort attempt at building a non-maintaned kernel module + local __baseurl='http://vault.centos.org/centos' + local __subdir='Source/SPackages' + local __uname_r=$(uname -r) + local __uname_m=$(uname -m) + if [ "${__uname_m}" = 'x86_64' ]; then + __srpm="kernel-${__uname_r%.${__uname_m}}.src.rpm" + else + # NOTE: fmt varies across releases (e.g. kernel-alt-4.11.0-44.el7a.src.rpm) + __srpm="kernel-alt-${__uname_r%.${__uname_m}}.src.rpm" + fi + + local __found='n' + local __versions=$(curl -s "${__baseurl}/" | grep -Po 'href="\K7\.[\d\.]+') + for ver in ${__versions}; do + for comp in os updates; do + local url="${__baseurl}/${ver}/${comp}/${__subdir}/${__srpm}" + if wget "${url}" -O "${image_dir}/${__srpm}" > /dev/null 2>&1; then + __found='y'; break 2 + fi + done + done + + if [ "${__found}" = 'n' ]; then + echo "[ERROR] Can't find the linux kernel SRPM for: ${__uname_r}" + echo "[ERROR] 'nbd' module cannot be built, aborting!" + echo "[ERROR] Try 'yum upgrade' or building 'nbd' krn module manually ..." + exit 1 + fi + + rpm -ivh "${image_dir}/${__srpm}" 2> /dev/null + mkdir -p ~/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} + # shellcheck disable=SC2016 + echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros + ( + cd ~/rpmbuild/SPECS + rpmbuild -bp --nodeps --target="${__uname_m}" kernel*.spec + cd ~/rpmbuild/BUILD/"${__srpm%.src.rpm}"/linux-* + sed -i 's/^.*\(CONFIG_BLK_DEV_NBD\).*$/\1=m/g' .config + # http://centosfaq.org/centos/nbd-does-not-compile-for-3100-514262el7x86_64 + if grep -Rq 'REQ_TYPE_DRV_PRIV' drivers/block; then + sed -i 's/REQ_TYPE_SPECIAL/REQ_TYPE_DRV_PRIV/g' drivers/block/nbd.c + fi + gunzip -c "/boot/symvers-${__uname_r}.gz" > Module.symvers + make prepare modules_prepare + make M=drivers/block -j + modinfo drivers/block/nbd.ko + sudo mkdir -p "/lib/modules/${__uname_r}/extra/" + sudo cp drivers/block/nbd.ko "/lib/modules/${__uname_r}/extra/" + ) + sudo depmod -a + sudo modprobe nbd max_part=8 || sudo modprobe -f nbd max_part=8 +} + +function __mount_image { + local image=$1 + local image_dir=$2 + OPNFV_MNT_DIR="${image_dir}/mnt" + + # Find free nbd, loop devices + for dev in '/sys/class/block/nbd'*; do + if [ "$(cat "${dev}/size")" = '0' ]; then + OPNFV_NBD_DEV=/dev/$(basename "${dev}") + break + fi + done + OPNFV_LOOP_DEV=$(sudo losetup -f) + OPNFV_MAP_DEV=/dev/mapper/$(basename "${OPNFV_NBD_DEV}")p1 + export OPNFV_MNT_DIR OPNFV_LOOP_DEV + [ -n "${OPNFV_NBD_DEV}" ] && [ -n "${OPNFV_LOOP_DEV}" ] || exit 1 + [[ "${MCP_OS:-}" =~ centos ]] || \ + qemu-img resize "${image_dir}/${image}" 3G + sudo qemu-nbd --connect="${OPNFV_NBD_DEV}" --aio=native --cache=none \ + "${image_dir}/${image}" + sudo kpartx -av "${OPNFV_NBD_DEV}" + # Hardcode partition index to 1, unlikely to change for Ubuntu UCA image + sudo partx -uvn 1:1 "${OPNFV_NBD_DEV}" + if [[ "${MCP_OS:-}" =~ ubuntu ]] && sudo growpart "${OPNFV_NBD_DEV}" 1 + then + if [ -e "${image_dir}/e2fsprogs" ]; then + E2FSCK_PREFIX="${image_dir}/e2fsprogs/e2fsck/" + RESIZE_PREFIX="${image_dir}/e2fsprogs/resize/" + fi + sudo kpartx -u "${OPNFV_NBD_DEV}" + sudo "${E2FSCK_PREFIX}e2fsck" -pf "${OPNFV_MAP_DEV}" + sudo "${RESIZE_PREFIX}resize2fs" "${OPNFV_MAP_DEV}" + else + sleep 5 # /dev/nbdNp1 takes some time to come up + fi + sudo partx -d "${OPNFV_NBD_DEV}" + mkdir -p "${OPNFV_MNT_DIR}" + if [ "$(uname -i)" = "aarch64" ] && [[ "${MCP_OS:-}" =~ centos ]]; then + # AArch64 CentOS cloud image contains a broken shim binary + # https://bugzilla.redhat.com/show_bug.cgi?id=1527283 + sudo mount "${OPNFV_MAP_DEV}" "${OPNFV_MNT_DIR}" + sudo cp -f --remove-destination "${OPNFV_MNT_DIR}/EFI/BOOT/fbaa64.efi" \ + "${OPNFV_MNT_DIR}/EFI/BOOT/BOOTAA64.EFI" + sudo umount -l "${OPNFV_MNT_DIR}" + # AArch64 CentOS cloud image has root partition at index 4 instead of 1 + sudo mount "${OPNFV_MAP_DEV/p1/p4}" "${OPNFV_MNT_DIR}" + else + # grub-update does not like /dev/nbd*, so use a loop device to work around it + sudo losetup "${OPNFV_LOOP_DEV}" "${OPNFV_MAP_DEV}" + sudo mount "${OPNFV_LOOP_DEV}" "${OPNFV_MNT_DIR}" + fi + sudo mount -t proc proc "${OPNFV_MNT_DIR}/proc" + sudo mount -t sysfs sys "${OPNFV_MNT_DIR}/sys" + sudo mount -o bind /dev "${OPNFV_MNT_DIR}/dev" + if [[ "${MCP_OS:-}" =~ ubuntu1804 ]]; then + # Ubuntu Bionic (18.04) or newer defaults to using netplan.io, revert it + sudo mkdir -p "${OPNFV_MNT_DIR}/run/systemd/resolve" + echo "nameserver ${dns_public}" | sudo tee \ + "${OPNFV_MNT_DIR}/run/systemd/resolve/stub-resolv.conf" + sudo chroot "${OPNFV_MNT_DIR}" systemctl stop \ + systemd-networkd.socket systemd-networkd \ + networkd-dispatcher systemd-networkd-wait-online systemd-resolved + sudo chroot "${OPNFV_MNT_DIR}" systemctl disable \ + systemd-networkd.socket systemd-networkd \ + networkd-dispatcher systemd-networkd-wait-online systemd-resolved + sudo chroot "${OPNFV_MNT_DIR}" systemctl mask \ + systemd-networkd.socket systemd-networkd \ + networkd-dispatcher systemd-networkd-wait-online systemd-resolved + sudo chroot "${OPNFV_MNT_DIR}" apt --assume-yes purge nplan netplan.io + echo "source /etc/network/interfaces.d/*" | \ + sudo tee "${OPNFV_MNT_DIR}/etc/network/interfaces" + elif [[ "${MCP_OS:-}" =~ centos ]]; then + sudo sed -i -e 's/^\(SELINUX\)=.*$/\1=permissive/g' \ + "${OPNFV_MNT_DIR}/etc/selinux/config" + fi + sudo rm -f "${OPNFV_MNT_DIR}/etc/resolv.conf" + echo "nameserver ${dns_public}" | sudo tee \ + "${OPNFV_MNT_DIR}/etc/resolv.conf" + echo "GRUB_DISABLE_OS_PROBER=true" | \ + sudo tee -a "${OPNFV_MNT_DIR}/etc/default/grub" + sudo sed -i -e 's/^\(GRUB_TIMEOUT\)=.*$/\1=1/g' -e 's/^GRUB_HIDDEN.*$//g' \ + "${OPNFV_MNT_DIR}/etc/default/grub" +} + +function __apt_repos_pkgs_image { + local apt_key_urls=(${1//,/ }) + local all_repos=(${2//,/ }) + local pkgs_i=(${3//,/ }) + local pkgs_r=(${4//,/ }) + [ -n "${OPNFV_MNT_DIR}" ] || exit 1 + + # NOTE: We don't support (yet) some features for non-APT repos: keys, prio + + # APT keys + if [[ "${MCP_OS:-}" =~ ubuntu ]] && [ "${#apt_key_urls[@]}" -gt 0 ]; then + for apt_key in "${apt_key_urls[@]}"; do + sudo chroot "${OPNFV_MNT_DIR}" /bin/bash -c \ + "wget -qO - '${apt_key}' | apt-key add -" + done + fi + # Additional repositories + for repo_line in "${all_repos[@]}"; do + # <repo_name>|<repo prio>|deb|[arch=<arch>]|<repo url>|<dist>|<repo comp> + local repo=(${repo_line//|/ }) + + if [[ "${MCP_OS:-}" =~ centos ]]; then + cat <<-EOF | sudo tee "${OPNFV_MNT_DIR}/etc/yum.repos.d/${repo[0]}.repo" + [${repo[0]}] + baseurl=${repo[3]} + enabled=1 + gpgcheck=0 + EOF + continue + fi + [ "${#repo[@]}" -gt 5 ] || continue + # NOTE: Names and formatting are compatible with Salt linux.system.repo + cat <<-EOF | sudo tee "${OPNFV_MNT_DIR}/etc/apt/preferences.d/${repo[0]}" + + Package: * + Pin: release a=${repo[-2]} + Pin-Priority: ${repo[1]} + + EOF + echo "${repo[@]:2}" | sudo tee \ + "${OPNFV_MNT_DIR}/etc/apt/sources.list.d/${repo[0]}.list" + done + # Install packages + if [ "${#pkgs_i[@]}" -gt 0 ]; then + if [[ "${MCP_OS:-}" =~ ubuntu ]]; then + sudo DEBIAN_FRONTEND="noninteractive" \ + chroot "${OPNFV_MNT_DIR}" apt-get update + sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ + chroot "${OPNFV_MNT_DIR}" apt-get install -y "${pkgs_i[@]}" + else + sudo chroot "${OPNFV_MNT_DIR}" yum install -y "${pkgs_i[@]}" + fi + fi + # Remove packages + if [ "${#pkgs_r[@]}" -gt 0 ]; then + if [[ "${MCP_OS:-}" =~ ubuntu ]]; then + sudo DEBIAN_FRONTEND="noninteractive" FLASH_KERNEL_SKIP="true" \ + chroot "${OPNFV_MNT_DIR}" apt-get purge -y "${pkgs_r[@]}" + else + sudo chroot "${OPNFV_MNT_DIR}" yum remove -y "${pkgs_r[@]}" + fi + fi + # Disable cloud-init metadata service datasource + sudo mkdir -p "${OPNFV_MNT_DIR}/etc/cloud/cloud.cfg.d" + echo "datasource_list: [ NoCloud, None ]" | sudo tee \ + "${OPNFV_MNT_DIR}/etc/cloud/cloud.cfg.d/95_real_datasources.cfg" +} + +function __cleanup_vms { + # clean up existing nodes + for node in $(${VIRSH} list --name | grep -P '\w{3}\d{2}'); do + ${VIRSH} destroy "${node}" 2>/dev/null || true + done + for node in $(${VIRSH} list --name --all | grep -P '\w{3}\d{2}'); do + ${VIRSH} domblklist "${node}" | awk '/^.da/ {print $2}' | \ + xargs --no-run-if-empty -I{} sudo rm -f {} + ${VIRSH} undefine "${node}" --remove-all-storage --nvram || \ + ${VIRSH} undefine "${node}" --remove-all-storage + done +} + +############################################################################## +# public functions +############################################################################## + +function prepare_vms { + local base_image_f=$1; shift + local base_image=${base_image_f%.xz} + local image_dir=$1; shift + local repos_pkgs_str=$1; shift # ^-sep list of repos, pkgs to install/rm + local image=base_image_opnfv_fuel.img + local vcp_image=${image%.*}_vcp.img + local _o=${base_image/*\/} + [ -n "${image_dir}" ] || exit 1 + + cleanup_uefi + __cleanup_vms + __get_base_image "${base_image_f}" "${image_dir}" + [ "${base_image}" == "${base_image_f}" ] || unxz -fk "${image_dir}/${_o}.xz" + IFS='^' read -r -a repos_pkgs <<< "${repos_pkgs_str}" + + local _h=$(echo "${repos_pkgs_str}.$(md5sum "${image_dir}/${_o}")" | \ + md5sum | cut -c -8) + local _tmp="${image%.*}.${_h}.img" + echo "[INFO] Lookup cache / build patched base image for fingerprint: ${_h}" + if [ "${image_dir}/${_tmp}" -ef "${image_dir}/${image}" ]; then + echo "[INFO] Patched base image found" + else + # shellcheck disable=SC2115 + rm -rf "${image_dir}/${image%.*}"* + if [[ ! "${repos_pkgs_str}" =~ ^\^+$ ]]; then + echo "[INFO] Patching base image ..." + cp "${image_dir}/${_o}" "${image_dir}/${_tmp}" + __kernel_modules "${image_dir}" + __mount_image "${_tmp}" "${image_dir}" + __apt_repos_pkgs_image "${repos_pkgs[@]:0:4}" + cleanup_mounts + else + echo "[INFO] No patching required, using vanilla base image" + ln -sf "${image_dir}/${_o}" "${image_dir}/${_tmp}" + fi + ln -sf "${image_dir}/${_tmp}" "${image_dir}/${image}" + fi + + # VCP VMs base image specific changes + if [[ ! "${repos_pkgs_str}" =~ \^{3}$ ]] && [ -n "${repos_pkgs[*]:4}" ]; then + echo "[INFO] Lookup cache / build patched VCP image for md5sum: ${_h}" + _tmp="${vcp_image%.*}.${_h}.img" + if [ "${image_dir}/${_tmp}" -ef "${image_dir}/${vcp_image}" ]; then + echo "[INFO] Patched VCP image found" + else + echo "[INFO] Patching VCP image ..." + cp "${image_dir}/${image}" "${image_dir}/${_tmp}" + __kernel_modules "${image_dir}" + __mount_image "${_tmp}" "${image_dir}" + __apt_repos_pkgs_image "${repos_pkgs[@]:4:4}" + cleanup_mounts + ln -sf "${image_dir}/${_tmp}" "${image_dir}/${vcp_image}" + fi + fi +} + +function create_networks { + local all_vnode_networks=("$@") + # create required networks + for net in "mcpcontrol" "${all_vnode_networks[@]}"; do + if ${VIRSH} net-info "${net}" >/dev/null 2>&1; then + ${VIRSH} net-destroy "${net}" || true + ${VIRSH} net-undefine "${net}" + fi + # in case of custom network, host should already have the bridge in place + if [ -f "virsh_net/net_${net}.xml" ] && \ + [ ! -d "/sys/class/net/${net}/bridge" ]; then + ${VIRSH} net-define "virsh_net/net_${net}.xml" + ${VIRSH} net-autostart "${net}" + ${VIRSH} net-start "${net}" + fi + done + + sudo ip link del veth_mcp0 || true + sudo ip link del veth_mcp2 || true + # Create systemd service for veth creation after reboot + FUEL_VETHC_SERVICE="/etc/systemd/system/opnfv-fuel-vethc.service" + FUEL_VETHA_SERVICE="/etc/systemd/system/opnfv-fuel-vetha.service" + test -f /usr/sbin/ip && PREFIX=/usr/sbin || PREFIX=/sbin + cat <<-EOF | sudo tee "${FUEL_VETHC_SERVICE}" + [Unit] + After=libvirtd.service + Before=docker.service + [Service] + ExecStart=/bin/sh -ec '\ + ${PREFIX}/ip link add veth_mcp0 type veth peer name veth_mcp1 && \ + ${PREFIX}/ip link add veth_mcp2 type veth peer name veth_mcp3 && \ + ${PREFIX}/ip link set veth_mcp0 up mtu 9000 && \ + ${PREFIX}/ip link set veth_mcp1 up mtu 9000 && \ + ${PREFIX}/ip link set veth_mcp2 up mtu 9000 && \ + ${PREFIX}/ip link set veth_mcp3 up mtu 9000' + EOF + cat <<-EOF | sudo tee "${FUEL_VETHA_SERVICE}" + [Unit] + StartLimitInterval=200 + StartLimitBurst=10 + After=opnfv-fuel-vethc.service + [Service] + Restart=on-failure + RestartSec=10 + ExecStartPre=/bin/sh -ec '\ + ${PREFIX}/brctl showstp ${all_vnode_networks[0]} > /dev/null 2>&1 && \ + ${PREFIX}/brctl showstp ${all_vnode_networks[1]} > /dev/null 2>&1' + ExecStart=/bin/sh -ec '\ + ${PREFIX}/brctl addif ${all_vnode_networks[0]} veth_mcp0 && \ + ${PREFIX}/brctl addif ${all_vnode_networks[1]} veth_mcp2 && \ + while ${PREFIX}/ip rule del to ${SALT_MASTER} iif docker0 table 200 2>/dev/null; do true; done && \ + ${PREFIX}/ip rule add to ${SALT_MASTER} iif docker0 table 200 && \ + ${PREFIX}/ip route replace ${SALT_MASTER} dev ${all_vnode_networks[0]} table 200' + EOF + sudo ln -sf "${FUEL_VETHC_SERVICE}" "/etc/systemd/system/multi-user.target.wants/" + sudo ln -sf "${FUEL_VETHA_SERVICE}" "/etc/systemd/system/multi-user.target.wants/" + sudo systemctl daemon-reload + sudo systemctl restart opnfv-fuel-vethc + sudo systemctl restart opnfv-fuel-vetha +} + +function cleanup_all { + local image_dir=$1; shift + local all_vnode_networks=("$@") + [ ! -e "${image_dir}/docker-compose" ] || COMPOSE_PREFIX="${image_dir}/" + + cleanup_uefi + __cleanup_vms + sudo ip link del veth_mcp0 || true + sudo ip link del veth_mcp2 || true + for net in "mcpcontrol" "${all_vnode_networks[@]}"; do + if ${VIRSH} net-info "${net}" >/dev/null 2>&1; then + ${VIRSH} net-destroy "${net}" || true + ${VIRSH} net-undefine "${net}" + fi + done + sudo rm -f "/etc/systemd/system/multi-user.target.wants/opnfv-fuel"* \ + "/etc/systemd/system/opnfv-fuel"* + sudo systemctl daemon-reload + "${COMPOSE_PREFIX}docker-compose" -f docker-compose/docker-compose.yaml down +} + +function create_vms { + local image_dir=$1; shift + local image=base_image_opnfv_fuel.img + # vnode data should be serialized with the following format: + # <name0>,<disks0>,<ram0>,<vcpu0>[,<sockets0>,<cores0>,<threads0>[,<cell0name0>,<cell0memory0>, + # <cell0cpus0>,<cell1name0>,<cell1memory0>,<cell1cpus0>]]|<name1>,...' + IFS='|' read -r -a vnodes <<< "$1"; shift + + # AArch64: prepare arch specific arguments + local virt_extra_args="" + if [ "$(uname -i)" = "aarch64" ]; then + # No Cirrus VGA on AArch64, use virtio instead + virt_extra_args="$virt_extra_args --video=virtio" + fi + + # create vms with specified options + for serialized_vnode_data in "${vnodes[@]}"; do + if [ -z "${serialized_vnode_data}" ]; then continue; fi + IFS=',' read -r -a vnode_data <<< "${serialized_vnode_data}" + IFS=';' read -r -a disks_data <<< "${vnode_data[1]}" + + # Create config ISO and resize OS disk image for each foundation node VM + ./create-config-drive.sh -k "$(basename "${SSH_KEY}").pub" \ + -u 'user-data.sh' -h "${vnode_data[0]}" "${image_dir}/mcp_${vnode_data[0]}.iso" + cp "${image_dir}/${image}" "${image_dir}/mcp_${vnode_data[0]}.qcow2" + qemu-img resize "${image_dir}/mcp_${vnode_data[0]}.qcow2" "${disks_data[0]}" + # Prepare additional drives if present + idx=0 + virt_extra_storage= + for dsize in "${disks_data[@]:1}"; do + ((idx+=1)) + qcow_file="${image_dir}/mcp_${vnode_data[0]}_${idx}.qcow2" + qemu-img create "${qcow_file}" "${dsize}" + virt_extra_storage+=" --disk path=${qcow_file},format=qcow2,bus=virtio,cache=none,io=native" + done + + # prepare VM CPU model, count, topology (optional), NUMA cells (optional, requires topo) + local virt_cpu_args=' --cpu host-passthrough' + local idx=7 # cell0.name index in serialized data + while [ -n "${vnode_data[${idx}]}" ]; do + virt_cpu_args+=",${vnode_data[${idx}]}.memory=${vnode_data[$((idx + 1))]}" + virt_cpu_args+=",${vnode_data[${idx}]}.cpus=${vnode_data[$((idx + 2))]}" + idx=$((idx + 3)) + done + virt_cpu_args+=" --vcpus vcpus=${vnode_data[3]}" + if [ -n "${vnode_data[6]}" ]; then + virt_cpu_args+=",sockets=${vnode_data[4]},cores=${vnode_data[5]},threads=${vnode_data[6]}" + fi + + # prepare network args + local vnode_networks=("$@") + local net_args= + for net in "${vnode_networks[@]}"; do + net_args="${net_args} --network bridge=${net},model=virtio" + done + + [ ! -e "${image_dir}/virt-manager" ] || VIRT_PREFIX="${image_dir}/virt-manager/" + # shellcheck disable=SC2086 + ${VIRT_PREFIX}${VIRSH/virsh/virt-install} --name "${vnode_data[0]}" \ + ${virt_cpu_args} --accelerate \ + ${net_args} \ + --ram "${vnode_data[2]}" \ + --disk path="${image_dir}/mcp_${vnode_data[0]}.qcow2",format=qcow2,bus=virtio,cache=none,io=native \ + ${virt_extra_storage} \ + --os-type linux --os-variant none \ + --boot hd --vnc --console pty --autostart --noreboot \ + --disk path="${image_dir}/mcp_${vnode_data[0]}.iso",device=cdrom \ + --noautoconsole \ + ${virt_extra_args} + done +} + +function reset_vms { + local vnodes=("$@") + local cmd_str="ssh ${SSH_OPTS} ${SSH_SALT}" + + # reset non-infrastructure vms, wait for them to come back online + for node in "${vnodes[@]}"; do + ${VIRSH} reset "${node}" + done + for node in "${vnodes[@]}"; do + wait_for 20.0 "${cmd_str} sudo salt -C '${node}*' saltutil.sync_all" + done +} + +function start_vms { + local vnodes=("$@") + + # start vms + for node in "${vnodes[@]}"; do + ${VIRSH} start "${node}" + sleep $((RANDOM%5+1)) + done +} + +function prepare_containers { + local image_dir=$1 + [ -n "${image_dir}" ] || exit 1 + [ -n "${MCP_REPO_ROOT_PATH}" ] || exit 1 + [ ! -e "${image_dir}/docker-compose" ] || COMPOSE_PREFIX="${image_dir}/" + + "${COMPOSE_PREFIX}docker-compose" -f docker-compose/docker-compose.yaml down + if [[ ! "${MCP_DOCKER_TAG}" =~ 'verify' ]]; then + "${COMPOSE_PREFIX}docker-compose" -f docker-compose/docker-compose.yaml pull + fi + # overwrite hosts only on first container up, to preserve cluster nodes + sudo cp docker-compose/files/hosts "${image_dir}/hosts" + sudo rm -rf "${image_dir}/"{salt,pki,mas01/etc} "${image_dir}/nodes/"* + find "${image_dir}/mas01/var/lib/" \ + -mindepth 2 -maxdepth 2 -not -name boot-resources \ + -exec sudo rm -rf {} \; || true + mkdir -p "${image_dir}/"{salt/master.d,salt/minion.d} + + if grep -q -e 'maas' 'docker-compose/docker-compose.yaml'; then + # Apparmor workaround for bind9 inside Docker containers using AUFS + for profile in 'usr.sbin.ntpd' 'usr.sbin.named' \ + 'usr.sbin.dhcpd' 'usr.sbin.tcpdump' 'usr.bin.tcpdump'; do + if [ -e "/etc/apparmor.d/${profile}" ] && \ + [ ! -e "/etc/apparmor.d/disable/${profile}" ]; then + sudo ln -sf "/etc/apparmor.d/${profile}" "/etc/apparmor.d/disable/" + sudo apparmor_parser -R "/etc/apparmor.d/${profile}" || true + fi + done + fi +} + +function start_containers { + local image_dir=$1 + [ -n "${image_dir}" ] || exit 1 + [ ! -e "${image_dir}/docker-compose" ] || COMPOSE_PREFIX="${image_dir}/" + if grep -q -e 'maas' 'docker-compose/docker-compose.yaml'; then + chmod +x docker-compose/files/entrypoint*.sh + fi + "${COMPOSE_PREFIX}docker-compose" -f docker-compose/docker-compose.yaml up -d +} + +function check_connection { + local total_attempts=60 + local sleep_time=5 + + set +e + echo '[INFO] Attempting to get into Salt master ...' + + # wait until ssh on Salt master is available + # shellcheck disable=SC2034 + for attempt in $(seq "${total_attempts}"); do + # shellcheck disable=SC2086 + ssh ${SSH_OPTS} "ubuntu@${SALT_MASTER}" uptime + case $? in + 0) echo "${attempt}> Success"; break ;; + *) echo "${attempt}/${total_attempts}> ssh server ain't ready yet, waiting for ${sleep_time} seconds ..." ;; + esac + sleep $sleep_time + done + set -e +} + +function cleanup_mounts { + # Remove any mounts, loop and/or nbd devs created while patching base image + if [ -n "${OPNFV_MNT_DIR}" ] && [ -d "${OPNFV_MNT_DIR}" ]; then + if [ -f "${OPNFV_MNT_DIR}/boot/grub/grub.cfg" ]; then + # Grub thinks it's running from a live CD + sudo sed -i -e 's/^\s*set root=.*$//g' -e 's/^\s*loopback.*$//g' \ + "${OPNFV_MNT_DIR}/boot/grub/grub.cfg" + fi + sync + if mountpoint -q "${OPNFV_MNT_DIR}"; then + sudo umount -l "${OPNFV_MNT_DIR}" || true + fi + fi + if [ -n "${OPNFV_LOOP_DEV}" ] && \ + sudo losetup "${OPNFV_LOOP_DEV}" 1>&2 > /dev/null; then + sudo losetup -d "${OPNFV_LOOP_DEV}" + fi + if [ -n "${OPNFV_NBD_DEV}" ]; then + sudo partx -d "${OPNFV_NBD_DEV}" || true + sudo kpartx -d "${OPNFV_NBD_DEV}" || true + sudo qemu-nbd -d "${OPNFV_NBD_DEV}" || true + fi +} diff --git a/mcp/scripts/lib_template.sh b/mcp/scripts/lib_template.sh new file mode 100644 index 000000000..822d14116 --- /dev/null +++ b/mcp/scripts/lib_template.sh @@ -0,0 +1,91 @@ +#!/bin/bash -e +# shellcheck disable=SC2155,SC1001,SC2015,SC2128 +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# Library of shell functions dedicated to j2 template handling +# + +PHAROS_GEN_CFG='./pharos/config/utils/generate_config.py' +PHAROS_IA='./pharos/config/installers/fuel/pod_config.yml.j2' +PHAROS_VALIDATE_SCHEMA_SCRIPT='./pharos/config/utils/validate_schema.py' +PHAROS_SCHEMA_PDF='./pharos/config/pdf/pod1.schema.yaml' +PHAROS_SCHEMA_IDF='./pharos/config/pdf/idf-pod1.schema.yaml' + +# Handles pod_config and scenarios only +function do_templates_scenario { + local image_dir=$1; shift + local target_lab=$1; shift + local target_pod=$1; shift + local lab_config_uri=$1; shift + local scenario_dir=$1; shift + local extra_yaml=("$@") + + BASE_CONFIG_PDF="${lab_config_uri}/labs/${target_lab}/${target_pod}.yaml" + BASE_CONFIG_IDF="${lab_config_uri}/labs/${target_lab}/idf-${target_pod}.yaml" + LOCAL_PDF="${image_dir}/$(basename "${BASE_CONFIG_PDF}")" + LOCAL_IDF="${image_dir}/$(basename "${BASE_CONFIG_IDF}")" + + # Expand scenario file and main reclass input (pod_config.yaml) based on PDF + if ! curl --create-dirs -o "${LOCAL_PDF}" "${BASE_CONFIG_PDF}"; then + notify_e "[ERROR] Could not retrieve PDF (Pod Descriptor File)!" + elif ! curl -o "${LOCAL_IDF}" "${BASE_CONFIG_IDF}"; then + notify_e "[ERROR] Could not retrieve IDF (Installer Descriptor File)!" + fi + # Check first if configuration files are valid + if [[ ! "$target_pod" =~ "virtual" ]]; then + if ! "${PHAROS_VALIDATE_SCHEMA_SCRIPT}" -y "${LOCAL_PDF}" \ + -s "${PHAROS_SCHEMA_PDF}"; then + notify_e "[ERROR] PDF does not match yaml schema!" + elif ! "${PHAROS_VALIDATE_SCHEMA_SCRIPT}" -y "${LOCAL_IDF}" \ + -s "${PHAROS_SCHEMA_IDF}"; then + notify_e "[ERROR] IDF does not match yaml schema!" + fi + fi + printenv | \ + awk '/^(SALT|MCP|MAAS).*=/ { gsub(/=/,": "); print }' >> "${LOCAL_PDF}" + j2args=$(find "${scenario_dir}" -name '*.j2' -exec echo -j {} \;) + # shellcheck disable=SC2086 + if ! python3 "${PHAROS_GEN_CFG}" -y "${LOCAL_PDF}" ${j2args} -b -v \ + -i "$(dirname "$(readlink -f "${PHAROS_IA}")")"; then + notify_e '[ERROR] Could not convert j2 scenario definitions!' + fi + for _yaml in "${extra_yaml[@]}"; do + awk '/^---$/{f=1;next;}f' "${_yaml}" >> "${LOCAL_PDF}" + done + if ! python3 "${PHAROS_GEN_CFG}" -y "${LOCAL_PDF}" \ + -i "$(dirname "$(readlink -f "${PHAROS_IA}")")" \ + -j "${PHAROS_IA}" -v > "${image_dir}/pod_config.yml"; then + notify_e "[ERROR] Could not convert PDF+IDF to reclass model input!" + fi +} + +# Expand reclass and virsh network templates based on PDF + IDF + others +function do_templates_cluster { + local image_dir=$1; shift + local target_lab=$1; shift + local target_pod=$1; shift + local git_repo_root=$1; shift + local extra_yaml=("$@") + + RECLASS_CLUSTER_DIR=$(cd "${git_repo_root}/mcp/reclass/classes/cluster"; pwd) + LOCAL_PDF="${image_dir}/${target_pod}.yaml" + + for _yaml in "${extra_yaml[@]}"; do + awk '/^---$/{f=1;next;}f' "${_yaml}" >> "${LOCAL_PDF}" + done + # shellcheck disable=SC2046 + j2args=$(find "${RECLASS_CLUSTER_DIR}" "$(readlink -f virsh_net)" \ + "$(readlink -f docker-compose)" $(readlink -f ./*j2) \ + -name '*.j2' -exec echo -j {} \;) + # shellcheck disable=SC2086 + if ! python3 "${PHAROS_GEN_CFG}" -y "${LOCAL_PDF}" ${j2args} -b -v \ + -i "$(dirname "$(readlink -f "${PHAROS_IA}")")"; then + notify_e '[ERROR] Could not convert PDF to network definitions!' + fi +} diff --git a/mcp/scripts/net_public.xml b/mcp/scripts/net_public.xml deleted file mode 100644 index d6df4aa30..000000000 --- a/mcp/scripts/net_public.xml +++ /dev/null @@ -1,14 +0,0 @@ -<!-- - Copyright (c) 2017 Mirantis Inc., Enea AB and others. - - All rights reserved. This program and the accompanying materials - are made available under the terms of the Apache License, Version 2.0 - which accompanies this distribution, and is available at - http://www.apache.org/licenses/LICENSE-2.0 ---> -<network> - <name>public</name> - <bridge name="public"/> - <forward mode="nat"/> - <ip address="10.16.0.1" netmask="255.255.255.0" /> -</network> diff --git a/mcp/scripts/pharos b/mcp/scripts/pharos -Subproject 89d7cb905bf6f286648638f5865884ac5e332e5 +Subproject 061b5588d40253193eddf76139c361d62e6fbeb diff --git a/mcp/scripts/requirements_deb.yaml b/mcp/scripts/requirements_deb.yaml index 9a6ec8273..58fc533b0 100644 --- a/mcp/scripts/requirements_deb.yaml +++ b/mcp/scripts/requirements_deb.yaml @@ -1,37 +1,46 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -requirements_pkg: +build: + # Common pkgs required for all builds, no matter the type, arch etc. + common: + - curl + - git + - make + - python3-pip +deploy: # Common pkgs required for all deploys, no matter the type, arch etc. common: - bridge-utils + - build-essential - cloud-guest-utils - cpu-checker - curl + - docker-compose - e2fsprogs - git - kpartx + - libglib2.0-bin - libvirt-bin - - make - mkisofs - qemu-kvm - rsync - uuid-runtime - virtinst + # python is indirectly required for PDF parsing + - python3 + - python3-jinja2 + - python3-yaml + - python3-jsonschema # Optional, arch-specific requirements, matched by key name = $(uname -m) aarch64: # AArch64 VMs use AAVMF (guest UEFI) - ipxe-qemu - qemu-efi - # Optional, deploy-type-specific requirements - baremetal: - # For baremetal, python is indirectly required for PDF parsing - - python - - python-ipaddress - - python-jinja2 - - python-yaml + # AArch64 CentOS cloud image is archived with xz + - xz-utils diff --git a/mcp/scripts/requirements_rpm.yaml b/mcp/scripts/requirements_rpm.yaml index ebd7e85dc..b2ee0dcd1 100644 --- a/mcp/scripts/requirements_rpm.yaml +++ b/mcp/scripts/requirements_rpm.yaml @@ -1,21 +1,30 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -requirements_pkg: +build: + # Common pkgs required for all builds, no matter the type, arch etc. + common: + - git + - make + - python3-pip +deploy: # Common pkgs required for all deploys, no matter the type, arch etc. common: - bc - bridge-utils - cloud-utils-growpart - curl + - docker-compose - elfutils-libelf-devel - e2fsprogs - genisoimage + - gcc + - gdisk - git - kpartx - libvirt @@ -27,14 +36,14 @@ requirements_pkg: - util-linux - virt-install - wget + # For python is indirectly required for PDF parsing + - python3 + - python36-jinja2 + - python36-yaml + - python36-jsonschema # Optional, arch-specific requirements, matched by key name = $(uname -m) aarch64: # AArch64 VMs use AAVMF (guest UEFI) - AAVMF - # Optional, deploy-type-specific requirements - baremetal: - # For baremetal, python is indirectly required for PDF parsing - - python - - python-ipaddress - - python-jinja2 - - python-yaml + # AArch64 CentOS cloud image is archived with xz + - xz diff --git a/mcp/scripts/salt.sh b/mcp/scripts/salt.sh deleted file mode 100755 index a13194363..000000000 --- a/mcp/scripts/salt.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -e -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -# -# Deploy Salt Master -# - -CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x -F_GIT_ROOT=$(git rev-parse --show-toplevel) -F_GIT_DIR=$(cd "${F_GIT_ROOT}/mcp" && git rev-parse --git-dir) -F_GIT_SUBD=${F_GIT_ROOT#${F_GIT_DIR%%/.git*}} -OPNFV_TMP_DIR="/home/${SALT_MASTER_USER}/opnfv" -OPNFV_GIT_DIR="/root/opnfv" -OPNFV_FUEL_DIR="/root/fuel" -OPNFV_RDIR="reclass/classes/cluster/all-mcp-arch-common" -OPNFV_VCP_IMG="mcp/scripts/base_image_opnfv_fuel_vcp.img" -OPNFV_VCP_DIR="/srv/salt/env/prd/salt/files/control/images" -LOCAL_GIT_DIR="${F_GIT_ROOT%${F_GIT_SUBD}}" -LOCAL_PDF_RECLASS=$1 -NODE_MASK='*' - -[[ "${CLUSTER_DOMAIN}" =~ virtual ]] || NODE_MASK='mas01*' - -# push to cfg01 current git repo first (including submodules), at ~ubuntu/opnfv -# later we move it to ~root/opnfv (and ln as ~root/fuel); delete the temp clone -remote_tmp="${SSH_SALT}:$(basename "${OPNFV_TMP_DIR}")" -rsync -Erl --delete -e "ssh ${SSH_OPTS}" \ - --exclude-from="${F_GIT_ROOT}/.gitignore" \ - "${LOCAL_GIT_DIR}/" "${remote_tmp}/" -if [ -n "${LOCAL_PDF_RECLASS}" ] && [ -f "${LOCAL_PDF_RECLASS}" ]; then - rsync -e "ssh ${SSH_OPTS}" "${LOCAL_PDF_RECLASS}" \ - "${remote_tmp}${F_GIT_SUBD}/mcp/${OPNFV_RDIR}/opnfv/" -fi -local_vcp_img=$(dirname "${LOCAL_PDF_RECLASS}")/$(basename "${OPNFV_VCP_IMG}") -if [ -e "${local_vcp_img}" ]; then - rsync -L -e "ssh ${SSH_OPTS}" "${local_vcp_img}" \ - "${remote_tmp}${F_GIT_SUBD}/${OPNFV_VCP_IMG}" -fi - -# ssh to cfg01 -# shellcheck disable=SC2086,2087 -ssh ${SSH_OPTS} "${SSH_SALT}" bash -s -e << SALT_INSTALL_END - sudo -i - set -e - export CI_DEBUG=${CI_DEBUG}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x - - echo -n 'Checking out cloud-init has finished running ...' - while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo -n '.'; sleep 1; done - echo ' done' - - mkdir -p /srv/salt /usr/share/salt-formulas/reclass - rm -rf ${OPNFV_GIT_DIR} - mv ${OPNFV_TMP_DIR} ${OPNFV_GIT_DIR} && chown -R root.root ${OPNFV_GIT_DIR} - find ${OPNFV_GIT_DIR} -name '.git' -type f | while read f_git; do - sed -i 's@${LOCAL_GIT_DIR}@${OPNFV_GIT_DIR}@g' \$f_git - done - ln -sf ${OPNFV_GIT_DIR}${F_GIT_SUBD} ${OPNFV_FUEL_DIR} - ln -sf ${OPNFV_FUEL_DIR}/mcp/reclass /srv/salt - ln -sf ${OPNFV_FUEL_DIR}/mcp/deploy/scripts /srv/salt - cd /srv/salt/${OPNFV_RDIR} && rm -f arch && ln -sf "\$(uname -i)" arch - - cp -r ${OPNFV_FUEL_DIR}/mcp/metadata/service /usr/share/salt-formulas/reclass - cd /srv/salt/reclass/classes/service && \ - ln -sf /usr/share/salt-formulas/reclass/service/opendaylight - - cd /srv/salt/scripts - export DEBIAN_FRONTEND=noninteractive - OLD_DOMAIN=\$(grep -Pzo "id: cfg01\.\K(\S*)" /etc/salt/minion.d/minion.conf) || true - BOOTSTRAP_SALTSTACK_OPTS=" -r -dX stable 2016.11 " \ - MASTER_HOSTNAME=cfg01.${CLUSTER_DOMAIN} DISTRIB_REVISION=stable \ - EXTRA_FORMULAS="nfs" \ - ./salt-master-init.sh - salt-key -Ay - - cp -r ${OPNFV_FUEL_DIR}/mcp/salt-formulas/* /usr/share/salt-formulas/env - cd ${OPNFV_FUEL_DIR}/mcp/patches && ./patch.sh patches.list formulas - cd ${OPNFV_FUEL_DIR}/mcp/patches && ./patch.sh patches.list reclass - - source ${OPNFV_FUEL_DIR}/mcp/scripts/lib.sh - wait_for 3.0 "salt-call state.apply salt" - - # In case scenario changed (and implicitly domain name), re-register minions - if [ -n "\${OLD_DOMAIN}" ] && [ "\${OLD_DOMAIN}" != "${CLUSTER_DOMAIN}" ]; then - salt "*.\${OLD_DOMAIN}" cmd.run "grep \${OLD_DOMAIN} -Rl /etc/salt | \ - xargs --no-run-if-empty sed -i 's/\${OLD_DOMAIN}/${CLUSTER_DOMAIN}/g'; \ - service salt-minion restart" || true - salt-key -yd "*.\${OLD_DOMAIN}" - salt-key -Ay - fi - - # Init specific to VMs on FN (all for virtual, cfg|mas for baremetal) - salt -C "${NODE_MASK} or cfg01*" saltutil.sync_all - wait_for 3.0 'salt -C "${NODE_MASK} or cfg01*" state.apply salt' - wait_for 3.0 'salt -C "cfg01*" state.apply linux' - - salt -C "${NODE_MASK} and not cfg01*" state.sls linux || true - salt -C "${NODE_MASK} and not cfg01*" pkg.upgrade refresh=False - - salt -C "${NODE_MASK} or cfg01*" state.sls ntp - - if [ -f "${OPNFV_FUEL_DIR}/${OPNFV_VCP_IMG}" ]; then - mkdir -p "${OPNFV_VCP_DIR}" - mv "${OPNFV_FUEL_DIR}/${OPNFV_VCP_IMG}" "${OPNFV_VCP_DIR}/" - fi - - # symlink manually until package with required commit is available - cd /usr/share/salt-formulas/env/aodh/files - ln -sf ocata pike -SALT_INSTALL_END diff --git a/mcp/scripts/sysinfo_print.sh b/mcp/scripts/sysinfo_print.sh index bff36aff4..f07e7a5cb 100755 --- a/mcp/scripts/sysinfo_print.sh +++ b/mcp/scripts/sysinfo_print.sh @@ -10,9 +10,20 @@ # Collect jump server system information for deploy debugging # +# HW info +cat /proc/cpuinfo +free -mh +df -h + # Network info brctl show +ip a +route -n +sudo iptables -S # Distro & pkg info cat /etc/*-release uname -a + +# Misc info +sudo losetup -a diff --git a/mcp/scripts/user-data.sh.j2 b/mcp/scripts/user-data.sh.j2 new file mode 100644 index 000000000..8b80e32d0 --- /dev/null +++ b/mcp/scripts/user-data.sh.j2 @@ -0,0 +1,20 @@ +#!/bin/bash +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +{%- import 'net_map.j2' as nm with context %} +rm -f /etc/salt/minion_id /etc/salt/pki/minion/minion_master.pub +echo "id: $(hostname).{{ conf.cluster.domain }}" > /etc/salt/minion +echo "master: {{ nm.net_admin | ipnet_hostaddr(nm.start_ip[nm.net_admin] + nm.net_admin_hosts.index('opnfv_infra_config_pxe_admin_address') +1) }}" >> /etc/salt/minion +ldconfig +{%- if 'ubuntu1804' in conf.MCP_OS %} +systemctl unmask networking.service || true +systemctl enable networking.service || true +systemctl start networking.service || true +{%- endif %} +systemctl enable salt-minion.service +systemctl restart salt-minion.service diff --git a/mcp/scripts/user-data.template b/mcp/scripts/user-data.template deleted file mode 100644 index 189310be4..000000000 --- a/mcp/scripts/user-data.template +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -rm /etc/salt/minion_id -rm -f /etc/salt/pki/minion/minion_master.pub -echo "id: $(hostname).${CLUSTER_DOMAIN}" > /etc/salt/minion -echo "master: ${SALT_MASTER}" >> /etc/salt/minion -service salt-minion restart diff --git a/mcp/scripts/net_internal.xml b/mcp/scripts/virsh_net/net_internal.xml index 8cf875e7c..8cf875e7c 100644 --- a/mcp/scripts/net_internal.xml +++ b/mcp/scripts/virsh_net/net_internal.xml diff --git a/mcp/scripts/net_mgmt.xml b/mcp/scripts/virsh_net/net_mgmt.xml.j2 index 4fbec712a..23b32f2f4 100644 --- a/mcp/scripts/net_mgmt.xml +++ b/mcp/scripts/virsh_net/net_mgmt.xml.j2 @@ -6,8 +6,9 @@ which accompanies this distribution, and is available at http://www.apache.org/licenses/LICENSE-2.0 --> +{%- import 'net_map.j2' as nm with context %} <network> <name>mgmt</name> <bridge name="mgmt"/> - <ip address="172.16.10.1" netmask="255.255.255.0"/> + <ip address="{{ nm.net_mgmt | ipnet_hostmin }}" netmask="{{ nm.net_mgmt | ipnet_netmask }}"/> </network> diff --git a/mcp/scripts/virsh_net/net_public.xml.j2 b/mcp/scripts/virsh_net/net_public.xml.j2 new file mode 100644 index 000000000..a9e8349f4 --- /dev/null +++ b/mcp/scripts/virsh_net/net_public.xml.j2 @@ -0,0 +1,20 @@ +<!-- + Copyright (c) 2018 Mirantis Inc., Enea AB and others. + + All rights reserved. This program and the accompanying materials + are made available under the terms of the Apache License, Version 2.0 + which accompanies this distribution, and is available at + http://www.apache.org/licenses/LICENSE-2.0 +--> +{%- import 'net_map.j2' as nm with context %} +<network> + <name>public</name> + <bridge name="public"/> +{%- if nm.cluster.has_virtual_nodes %} +{#- Ideally, jumpserver would have a real Linux bridge we will hook to. + In case it doesn't, we use this virsh network as a *mock* public. + The *mock* public should NOT overlap with the real public in any way. #} + <forward mode="nat"/> + <ip address="{{ nm.net_public | ipnet_hostmin }}" netmask="{{ nm.net_public | ipnet_netmask }}"/> +{%- endif %} +</network> diff --git a/mcp/scripts/net_mcpcontrol.xml.template b/mcp/scripts/virsh_net/net_pxebr.xml.j2 index e0034fd16..1c48e9b1a 100644 --- a/mcp/scripts/net_mcpcontrol.xml.template +++ b/mcp/scripts/virsh_net/net_pxebr.xml.j2 @@ -1,18 +1,19 @@ <!-- - Copyright (c) 2017 Mirantis Inc., Enea AB and others. + Copyright (c) 2018 Mirantis Inc., Enea AB and others. All rights reserved. This program and the accompanying materials are made available under the terms of the Apache License, Version 2.0 which accompanies this distribution, and is available at http://www.apache.org/licenses/LICENSE-2.0 --> +{%- import 'net_map.j2' as nm with context %} <network> - <name>mcpcontrol</name> - <bridge name="mcpcontrol"/> + <name>pxebr</name> <forward mode="nat"/> - <ip address="${SALT_MASTER%.*}.1" netmask="255.255.255.0"> + <bridge name="pxebr"/> + <ip address="{{ nm.net_admin_gw }}" netmask="{{ nm.net_admin | ipnet_netmask }}"> <dhcp> - <range start="${SALT_MASTER%.*}.2" end="${SALT_MASTER%.*}.254"/> + <range start="{{ nm.net_admin_pool_start }}" end="{{ nm.net_admin_pool_end }}"/> </dhcp> </ip> </network> diff --git a/mcp/scripts/xdf_data.sh.j2 b/mcp/scripts/xdf_data.sh.j2 new file mode 100644 index 000000000..6aca36f32 --- /dev/null +++ b/mcp/scripts/xdf_data.sh.j2 @@ -0,0 +1,117 @@ +#!/bin/bash -e +# shellcheck disable=SC2034 +############################################################################## +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# Data derived from XDF (PDF/IDF/SDF/etc), used as input in deploy.sh +# + +{%- import 'net_map.j2' as nm with context -%} +{%- set cluster_states = conf.cluster.states if conf.MCP_NO_DEPLOY_ENVIRONMENT < 2 else [] -%} +{%- set arch = conf[conf.MCP_JUMP_ARCH] -%} +{%- set V = conf.virtual -%} +{%- set section_map = { + 'control': nm.ctl01.idx, + 'compute': nm.cmp001.idx +} -%} + +{%- macro bash_arr(_l) -%} + ({%- for n in _l -%}'{{ n }}' {% endfor -%}) +{%- endmacro -%} + +{#- Pack list as `sep`-separated string, replacing spaces with '|' -#} +{%- macro pack(x = [], sep = ',') -%} + {{ x | join(sep) | replace(' ', '|') }} +{%- endmacro -%} + +{#- Pack all vnode data as string -#} +{%- macro serialize_vnodes() -%} + {%- set arr = [] -%} + {%- for section in section_map -%} + {%- for n in V.nodes[section] or [] -%} + {%- if ( section_map[section] < conf.nodes | length and + conf.nodes[section_map[section] + loop.index0].node.type == 'virtual' ) -%} + {%- if n not in V -%}{%- do V.update({n: {}}) -%}{%- endif -%} + {%- set cpu_topo = 'cpu_topology' in V[n] and not conf.MCP_CMP_SS -%} + {%- if 'numa' in V[n] and cpu_topo -%} + {%- for k, v in V[n].numa.items() -%} + {%- set c = pack([k, v.memory, v.cpus]) -%} + {%- do V[n].update({'s_numa': c if 's_numa' not in V[n] else pack([c, V[n].s_numa])}) -%} + {%- endfor -%} + {%- endif -%} + {%- do arr.append(pack([n, V[n].disks or arch.default.disks, + V[n].ram or arch.default.ram, + V[n].vcpus or arch.default.vcpus, + '' if not cpu_topo else pack([ + V[n].cpu_topology.sockets, + V[n].cpu_topology.cores, + V[n].cpu_topology.threads, + '' if 's_numa' not in V[n] else V[n].s_numa])])) -%} + {%- endif -%} + {%- endfor -%} + {%- endfor -%} + '{{ pack(arr, '|') }}' +{%- endmacro -%} + +{#- Return a bash array of node names or a Salt query, optionally filtered by type #} +{%- macro filter_nodes(type, output_as_query = False, sections = section_map) -%} + {%- set arr = [] -%} + {%- for section in sections -%} + {%- for n in V.nodes[section] or [] -%} + {%- if ( section_map[section] < conf.nodes | length and + conf.nodes[section_map[section] + loop.index0].node.type in type ) -%} + {%- do arr.append(n) -%} + {%- endif -%} + {%- endfor -%} + {%- endfor -%} + {%- if output_as_query -%} + '{{ arr | join('* or ') }}*' + {%- else -%} + {{ bash_arr(arr) }} + {%- endif -%} +{%- endmacro -%} + +{#- Pack repo_pkg data as string -#} +{%- macro serialize_repo_pkg() -%} + {%- set arr = [] -%} + {%- set sections = [arch[conf.MCP_OS].common] -%} + {%- if conf.MCP_VCP or '-vcp-' in conf.MCP_DEPLOY_SCENARIO -%} + {%- do sections.append(arch[conf.MCP_OS].control) -%} + {%- endif -%} + {%- for c in sections -%} + {%- do arr.append(pack([pack(c.repo['keys']), pack(c.repo.repos), + pack(c.pkg.install), pack(c.pkg.remove)], '^')) -%} + {%- endfor -%} + '{{ pack(arr, '^') }}' +{%- endmacro -%} + +{%- set bridges = conf.idf.fuel.jumphost.bridges %} +# Determine bridge names based on IDF, where all bridges are now mandatory +OPNFV_BRIDGES=( + '{{ bridges.admin or "pxebr" }}' + '{{ bridges.mgmt or "mgmt" }}' + '{{ bridges.private or "internal" }}' + '{{ bridges.public or "public" }}' +) + +export CLUSTER_DOMAIN={{ conf.cluster.domain }} +dns_public={{ nm.dns_public[0] }} +cluster_states={{ bash_arr(arch.default.cluster.states + cluster_states) }} +virtual_nodes={{ filter_nodes('virtual') }} +control_nodes_query={{ filter_nodes(['baremetal', 'virtual'], True, ['control']) }} +base_image={{ arch[conf.MCP_OS].base_image }} + +# Serialize vnode data as: +# <name0>,<ram0>,<vcpu0>[,<sockets0>,<cores0>,<threads0>[,<cell0name0>,<cell0memory0>, +# <cell0cpus0>,<cell1name0>,<cell1memory0>,<cell1cpus0>]]|<name1>,...' +virtual_nodes_data={{ serialize_vnodes() }} + +# Serialize repos, packages to (pre-)install/remove for: +# - foundation node VM base image (virtual: all VMs, baremetal: cfg01|mas01) +# - virtualized control plane VM base image (only when VCP is used) +virtual_repos_pkgs={{ serialize_repo_pkg() }} |