From 11dbe27afb96c5b54b9f4f0a1c8b21194f59dc7b Mon Sep 17 00:00:00 2001 From: Jonas Bjurel Date: Sat, 3 Oct 2015 16:54:43 +0200 Subject: Moving tag arno.2015.1.0 from genesis to fuel/stable/arno Change-Id: I8bb3e28a814e04ad15e8a4b24b40bd7685600f46 Signed-off-by: Jonas Bjurel --- common/README.md | 30 ++ common/docs/user-guide.rst | 159 ++++++++ common/manifests/README.md | 17 + common/puppet-opnfv/manifests/ceph_deploy.pp | 102 +++++ common/puppet-opnfv/manifests/compute.pp | 163 ++++++++ common/puppet-opnfv/manifests/controller.pp | 135 +++++++ .../puppet-opnfv/manifests/controller_networker.pp | 438 +++++++++++++++++++++ .../manifests/external_net_presetup.pp | 102 +++++ .../puppet-opnfv/manifests/external_net_setup.pp | 85 ++++ common/puppet-opnfv/manifests/init.pp | 44 +++ common/puppet-opnfv/manifests/network.pp | 77 ++++ common/puppet-opnfv/manifests/ntp.pp | 72 ++++ common/puppet-opnfv/manifests/odl_docker.pp | 50 +++ common/puppet-opnfv/manifests/odl_service.pp | 24 ++ common/puppet-opnfv/manifests/repo.pp | 67 ++++ common/puppet-opnfv/manifests/resolver.pp | 62 +++ common/puppet-opnfv/manifests/tempest.pp | 27 ++ .../manifests/templates/dockerfile/Dockerfile | 82 ++++ .../dockerfile/container_scripts/check_feature.sh | 18 + .../dockerfile/container_scripts/speak.sh | 20 + .../start_odl_docker_container.sh | 48 +++ .../manifests/templates/ntp.conf.compute.erb | 22 ++ .../manifests/templates/ntp.conf.controller.erb | 22 ++ common/puppet-opnfv/templates/br_ex.erb | 10 + common/tools/README.md | 17 + 25 files changed, 1893 insertions(+) create mode 100644 common/README.md create mode 100644 common/docs/user-guide.rst create mode 100644 common/manifests/README.md create mode 100644 common/puppet-opnfv/manifests/ceph_deploy.pp create mode 100644 common/puppet-opnfv/manifests/compute.pp create mode 100644 common/puppet-opnfv/manifests/controller.pp create mode 100644 common/puppet-opnfv/manifests/controller_networker.pp create mode 100644 common/puppet-opnfv/manifests/external_net_presetup.pp create mode 100644 common/puppet-opnfv/manifests/external_net_setup.pp create mode 100644 common/puppet-opnfv/manifests/init.pp create mode 100644 common/puppet-opnfv/manifests/network.pp create mode 100644 common/puppet-opnfv/manifests/ntp.pp create mode 100644 common/puppet-opnfv/manifests/odl_docker.pp create mode 100644 common/puppet-opnfv/manifests/odl_service.pp create mode 100644 common/puppet-opnfv/manifests/repo.pp create mode 100644 common/puppet-opnfv/manifests/resolver.pp create mode 100644 common/puppet-opnfv/manifests/tempest.pp create mode 100644 common/puppet-opnfv/manifests/templates/dockerfile/Dockerfile create mode 100644 common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/check_feature.sh create mode 100644 common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/speak.sh create mode 100644 common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/start_odl_docker_container.sh create mode 100644 common/puppet-opnfv/manifests/templates/ntp.conf.compute.erb create mode 100644 common/puppet-opnfv/manifests/templates/ntp.conf.controller.erb create mode 100644 common/puppet-opnfv/templates/br_ex.erb create mode 100644 common/tools/README.md (limited to 'common') diff --git a/common/README.md b/common/README.md new file mode 100644 index 000000000..537c8eab0 --- /dev/null +++ b/common/README.md @@ -0,0 +1,30 @@ + +# Common +This directory contains those files which belong to the "OPNFV-Installation and Maintenance" phase of the installation process. + +The OPNFV install process consists of two main phases: +* **BASE-INSTALLATION:** Installation of plain-vanilla VM-manager (for BGS, OpenStack will be used as VM-Manager) + * (repeatable) install of a plain vanilla VM-manager (for BGS this is OpenStack) that deploys to bare metal and supports a HA-setup of the VM-manager + * the installation is performed with an installer ā€œiā€ that creates a system in state BASE(i). + * Files which are specific to an installer process are found in the directory of the associated installer approach (e.g. "fuel", "foreman", "opensteak", etc.) + * Once the installation of the plain vanilla environment is complete, the installer i is terminated. The system is left in state BASE(i) and handed over to the second phase. +* **OPNFV-INSTALLATION and MAINTENANCE:** Installation of OPNFV specific modules, maintenance of the overall OPNFV installation + * the system state for this second phase is called OPNFV(x) - where x is determined by a particular OPNFV release item. + * install deltas to state BASE(i) to reach the desired state OPNFV(x). Deltas would be defined as a set of scripts/manifests. Given that the state BASE(i) differs by installer used, the scripts could also be different. That said, it is a clear objective to make these scripts as generic and independent from the installer used as possible. + * maintain the system in state OPNFV(x) + * decouple device configuration from orchestration; allow for different tool chains to be used for device configuration and orchestration. I.e. rather than couple device config and orchestration with a single tool such as puppet in master-agent mode, enable a single tool to be focused on config (e.g. puppet in master-less mode) and another one for orchestration (e.g. Ansible/Salt driving upgrade of components, download of particular manifests to the nodes etc. + diff --git a/common/docs/user-guide.rst b/common/docs/user-guide.rst new file mode 100644 index 000000000..8e0222493 --- /dev/null +++ b/common/docs/user-guide.rst @@ -0,0 +1,159 @@ +===================================== +OPNFV User Guide for the Arno release +===================================== + +Abstract +======== + +This document provides an overview of how to use the Arno release of OPNFV once the system has been successfully deployed to a Pharos compliant infrastructure. + +License +======= + +OPNFV User Guide for the Arno release (c) by Christopher Price (christopher.price@ericsson.com) + +OPNFV User Guide for the Arno release is licensed under a Creative Commons Attribution 4.0 International License. You should have received a copy of the license along with this. If not, see . + +Version history +=================== + ++--------------------+--------------------+--------------------+--------------------+ +| **Date** | **Ver.** | **Author** | **Comment** | +| | | | | ++--------------------+--------------------+--------------------+--------------------+ +| 2015-05-28 | 0.0.1 | Christopher Price | Initial version | +| | | (Ericsson AB) | | ++--------------------+--------------------+--------------------+--------------------+ +| 2015-06-02 | 0.0.2 | Christopher Price | Minor Updates | +| | | (Ericsson AB) | | ++--------------------+--------------------+--------------------+--------------------+ + + +.. contents:: Table of Contents + :backlinks: none + + +Introduction +============ + +This document provides a rudimentary user guide for the OPNFV Arno release. The Arno release is the initial iteration of the OPNFV project and should be used as a developmental platform if you are interested in participating in the community and providing feedback. + +The Arno release is not intended to be used in production environments. It is an initial, experimental, release intended to provide a foundation on which the OPNFV project can evaluate platform capabilities and develop further capabilities. It is possible that some expected features in the platform may not perform as desired, if you find these types of issue in the platform please report them to support@opnfv.org so that we can resolve them in future releases. + +Preface +======= + +The Arno release of OPNFV is derived exclusively from open source development activities. As such the functions, capabilities and user interfaces of the platform derive directly from those upstream sources as well. The OPNFV project intends to work cooperatively and in conjunction with these projects, awareness of the components and their roles in the platform is important when attempting to use the platform. + + - In the Arno release OpenStack Juno is used as the virtual infrastructure management component. When operating the Arno release you will most often be interacting with the provided OpenStack interfaces. + - Application deployment on the stack can be performed directly on the OpenStack interfaces or by using the Heat interfaces provided. + - If you intend to perform actions on the networking component of the stack the Arno release uses OpenDaylight Helium. The interfaces for OpenDaylight are available for checking topology and interacting with the OpenDaylight SDN controller. + - Additional interfaces are provided by the Linux operating systems. The Arno release supports either Centos 7.1 or Ubuntu 14.4 operating systems. + +Details of operating these interfaces are explained later in the document. + +Prerequisites +============= + +Hardware Requirements +--------------------- + +The Arno release of OPNFV is intended to be run as a baremetal deployment on a "Pharos compliant" lab infrastructure. The Pharos project in OPNFV is a community activity to provide guidance and establish requirements on hardware platforms supporting the Arno virtualisation platform. + +Prior to deploying the OPNFV platform it is important that the hardware infrastructure be configured according to the Pharos specification: http://artifacts.opnfv.org/pharos/docs/spec.html + +Arno Platform Deployment +------------------------ + +The Arno platform supports installation and deployment using two deployment tools; a Foreman based deployment toolchain and a Fuel based deployment toolchain. + +In order to deploy the Arno release on a Pharos compliant lab using the Foreman deployment toolchain you should follow in the Foreman installation guide: http://artifacts.opnfv.org/genesis/foreman/docs/installation-instructions.html + +In order to deploy the Arno release on a Pharos compliant lab using the Fuel deployment toolchain you should follow in the Fuel installation guide: http://artifacts.opnfv.org/genesis/fuel/docs/installation-instructions.html + +Enabling or disabling OpenDaylight and the native Neutron driver +---------------------------------------------------------------- + +You may find that you wish to adjust the system by enabling or disabling the native OpenStack Neutron driver depending on the tasks you are trying to achieve with the platform. Each of the deployment tools has the option to deploy with or without OpenDaylight enabled. Details of the available delpoyment options can be found in the associated installation-instructions, please note the platform validation procedures expect a fully deployed platform and results may vary depending on the options selected. + +Deployment Validation +--------------------- + +Once installed you should validate the deployment completed successfully by executing the automated basic platform validation routines outlined in the Arno testing documentation: http://artifacts.opnfv.org/functest/docs/functest.html + +Operating the Arno platform +=========================== + +The Arno release provides a platform for deploying software on virtual infrastructure. The majority of operations to be executed on the platform revolve around deploying, managing and removing software (applications) on the platform itself. Application deployment is covered in the following sections, however some platform operations you may want to perform include setting up a tenant, in OpenStack tenants are also known as projects in this document we will refer to them as tenants, and associated users for that tenant. + +OpenStack provides a good overview of how to create your first tenant for deploying your applications. You should create a tenant for your applications, associate users with the tenant and assign quota's. + - Open the OpenStack console (Horizon) you should find this by logging into your control node; for example to access the console of POD1 of the OPNFV lab you would browse to <172.30.9.70:80> + - Create your tenant and users by following the instructions at: http://docs.openstack.org/openstack-ops/content/projects_users.html + +Further actions and activities for checking logs and status can be found in other areas of the operations document: http://docs.openstack.org/openstack-ops/content/openstack-ops_preface.html + + +Deploying your applications on Arno +=================================== + +Most actions you will want to perform can be executed from the OpenStack dashboard. When deploying your application on Arno a good reference is the user-guide which describe uploading, managing and deploying your application images. + + - Make sure you have established your tenant, associated users and quota's + - Follow the guidelines for managing and deploying your images in the following user-guide: http://docs.openstack.org/user-guide/dashboard.html + + +Frequently Asked Questions +========================== + +Does OPNFV provide support for the Arno release? +------------------------------------------------ + +The Arno release of OPNFV is intended to be a developmental release and is not considered suitable for production deployment or at scale testing activities. As a developmental release, and in the spirit of collaborative development, we want as much feedback from the community as possible on your experiences with the platform and how the release can be improved. + +Support for Arno is provided in two ways: + +You can engage with the community to help us improve and further develop the OPNFV platform by raising Jira Bugs or Tasks, and pushing correction patches to our repositories. + + - To access Jira for issue reporting or improvement proposals head to: https://jira.opnfv.org/ + - To get started helping out developing the platform head to: https://wiki.opnfv.org/developer + +Alternatively if you are intending to invest your time as a user of the platform you can ask questions and request help from our mailing list at: mailto://support@opnfv.org + +License +======= + +All Arno entities are protected by the `Apache 2.0 License `_. +Arno platform components and their licences are described in their respective Release Notes: http://artifacts.opnfv.org/genesis/foreman/docs/release-notes.html and http://artifacts.opnfv.org/genesis/fuel/docs/release-notes.html + +References +========== + +OpenStack +--------- + +`OpenStack Admin User Guide `_ + +OpenDaylight +------------ + +`OpenDaylight User Guide `_ + +Foreman +------- + +`Foreman User Manual `_ + +Fuel +---- + +`Fuel User Guide `_ + +:Authors: Christopher Price (christopher.price@ericsson.com) +:Version: 0.0.2 + +**Documentation tracking** + +Revision: _sha1_ + +Build date: _date_ + diff --git a/common/manifests/README.md b/common/manifests/README.md new file mode 100644 index 000000000..2c34e1914 --- /dev/null +++ b/common/manifests/README.md @@ -0,0 +1,17 @@ + +# Manifests +Puppet manifests which are common to OPNFV (i.e. independent from the various installer approaches). diff --git a/common/puppet-opnfv/manifests/ceph_deploy.pp b/common/puppet-opnfv/manifests/ceph_deploy.pp new file mode 100644 index 000000000..57202aaf7 --- /dev/null +++ b/common/puppet-opnfv/manifests/ceph_deploy.pp @@ -0,0 +1,102 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +#Class installs and configures a ceph cluster +#Creates a single OSD per host and configures host as a monitor +#Inserts authentication keyrings for volumes and images users +#Creates OSD pools for volumes and images (needed by OpenStack) +#Depends on puppet module: https://github.com/stackforge/puppet-ceph/ + +class opnfv::ceph_deploy ( + $fsid = '904c8491-5c16-4dae-9cc3-6ce633a7f4cc', + $osd_pool_default_pg_num = '128', + $osd_pool_default_size = '1', + $osd_pool_default_min_size = '1', + $mon_initial_members = '', + $mon_host = '', + $cluster_network = "10.4.8.0/21", + $public_network = "10.4.8.0/21", + $osd_journal_size = '1000', + $osd_ip = '', + $mon_key = 'AQDcvhVV+H08DBAA5/0GGcfBQxz+/eKAdbJdTQ==', + $admin_key = 'AQDcvhVV+H08DBAA5/0GGcfBQxz+/eKAdbJdTQ==', + $images_key = 'AQAfHBdUKLnUFxAAtO7WPKQZ8QfEoGqH0CLd7A==', + $volumes_key = 'AQAfHBdUsFPTHhAAfqVqPq31FFCvyyO7oaOQXw==', + $boostrap_key = 'AQDcvhVV+H08DBAA5/0GGcfBQxz+/eKAdbJdTQ==', +) { + + class { 'ceph': + fsid => $fsid, + osd_pool_default_pg_num => $osd_pool_default_pg_num, + osd_pool_default_size => $osd_pool_default_size, + osd_pool_default_min_size => $osd_pool_default_min_size, + mon_initial_members => $mon_initial_members, + mon_host => $mon_host, + cluster_network => $cluster_network, + public_network => $public_network, + } + -> + ceph_config { + 'global/osd_journal_size': value => $osd_journal_size; + } + -> + ceph::mon { $::hostname: + public_addr => $osd_ip, + key => $mon_key, + } + + Ceph::Key { + inject => true, + inject_as_id => 'mon.', + inject_keyring => "/var/lib/ceph/mon/ceph-${::hostname}/keyring", + } + + ceph::key { 'client.admin': + secret => $admin_key, + cap_mon => 'allow *', + cap_osd => 'allow *', + cap_mds => 'allow', + mode => '0644', + } + ceph::key { 'client.images': + secret => $images_key, + cap_mon => 'allow r', + cap_osd => 'allow class-read object_prefix rbd_children, allow rwx pool=images', + inject => true, + mode => '0644', + } + + ceph::key { 'client.volumes': + secret => $volumes_key, + cap_mon => 'allow r', + cap_osd => 'allow class-read object_prefix rbd_children, allow rwx pool=volumes', + inject => true, + mode => '0644', + } + ceph::key { 'client.bootstrap-osd': + secret => $boostrap_key, + cap_mon => 'allow profile bootstrap-osd', + keyring_path => '/var/lib/ceph/bootstrap-osd/ceph.keyring', + } + -> + ceph::osd { '/osd0': } + -> + exec { 'create volumes pool': + command => "/usr/bin/ceph osd pool create volumes $osd_pool_default_pg_num", + } + -> + exec { 'create images pool': + command => "/usr/bin/ceph osd pool create images $osd_pool_default_pg_num", + } +} diff --git a/common/puppet-opnfv/manifests/compute.pp b/common/puppet-opnfv/manifests/compute.pp new file mode 100644 index 000000000..0b8175762 --- /dev/null +++ b/common/puppet-opnfv/manifests/compute.pp @@ -0,0 +1,163 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +#Provides a manifest to configure OpenStack compute node in HA or non-HA +#environment, with Ceph configured as Cinder backend storage. +#ha_flag set to true will use virtual IP addresses (VIPs provided by +#global params) as the provider to the compute node for HA + +class opnfv::compute { + if ($odl_flag != '') and str2bool($odl_flag) { + $ml2_mech_drivers = ['opendaylight'] + $this_agent = 'opendaylight' + } + else { + $ml2_mech_drivers = ['openvswitch','l2population'] + $this_agent = 'ovs' + } + + ##Common Parameters + if !$rbd_secret_uuid { $rbd_secret_uuid = '3b519746-4021-4f72-957e-5b9d991723be' } + if !$private_subnet { fail('private_subnet is empty')} + if !$ceph_public_network { $ceph_public_network = $private_subnet } + if !$ceph_fsid { $ceph_fsid = '904c8491-5c16-4dae-9cc3-6ce633a7f4cc' } + if !$ceph_images_key { $ceph_images_key = 'AQAfHBdUKLnUFxAAtO7WPKQZ8QfEoGqH0CLd7A==' } + if !$ceph_osd_journal_size { $ceph_osd_journal_size = '1000' } + if !$ceph_osd_pool_size { $ceph_osd_pool_size = '1' } + if !$ceph_volumes_key { $ceph_volumes_key = 'AQAfHBdUsFPTHhAAfqVqPq31FFCvyyO7oaOQXw==' } + + + ##Most users will only care about a single user/password for all services + ##so lets create one variable that can be used instead of separate usernames/passwords + if !$single_username { $single_username = 'octopus' } + if !$single_password { $single_password = 'octopus' } + + if !$admin_password { $admin_password = $single_password } + if !$neutron_db_password { $neutron_db_password = $single_password } + if !$neutron_user_password { $neutron_user_password = $single_password } + + if !$ceilometer_user_password { $ceilometer_user_password = $single_password } + if !$ceilometer_metering_secret { $ceilometer_metering_secret = $single_password } + + ##HA Global params + if $ha_flag { + if $private_network == '' { fail('private_network is empty') } + if !$keystone_private_vip { fail('keystone_private_vip is empty') } + if !$glance_private_vip { fail('glance_private_vip is empty') } + if !$nova_private_vip { fail('nova_private_vip is empty') } + if !$nova_db_password { $nova_db_password = $single_password } + if !$nova_user_password { $nova_user_password = $single_password } + if !$controllers_ip_array { fail('controllers_ip_array is empty') } + if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') } + $controllers_ip_array = split($controllers_ip_array, ',') + $controllers_hostnames_array = split($controllers_hostnames_array, ',') + if !$odl_control_ip { $odl_control_ip = $controllers_ip_array[0] } + if !$db_vip { fail('db_vip is empty') } + $mysql_ip = $db_vip + if !$amqp_vip { fail('amqp_vip is empty') } + $amqp_ip = $amqp_vip + if !$amqp_username { $amqp_username = $single_username } + if !$amqp_password { $amqp_password = $single_password } + if !$ceph_mon_initial_members { $ceph_mon_initial_members = $controllers_hostnames_array } + if !$ceph_mon_host { $ceph_mon_host = $controllers_ip_array } + if !$neutron_private_vip { fail('neutron_private_vip is empty') } + + ##Find private interface + $ovs_tunnel_if = get_nic_from_network("$private_network") + + } else { + ##non HA params + if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') } + if !$private_ip { fail('private_ip is empty') } + $keystone_private_vip = $private_ip + $glance_private_vip = $private_ip + $nova_private_vip = $private_ip + $neutron_private_vip = $private_ip + if !$nova_db_password { fail('nova_db_password is empty') } + if !$nova_user_password { fail('nova_user_password is empty') } + if !$odl_control_ip { $odl_control_ip = $private_ip } + if !$mysql_ip { $mysql_ip = $private_ip } + if !$amqp_ip { $amqp_ip = $private_ip } + if !$amqp_username { $amqp_username = 'guest' } + if !$amqp_password { $amqp_password = 'guest' } + if !$ceph_mon_host { $ceph_mon_host= ["$private_ip"] } + if !$ceph_mon_initial_members { $ceph_mon_initial_members = ["$::hostname"] } + } + + class { "quickstack::neutron::compute": + auth_host => $keystone_private_vip, + glance_host => $glance_private_vip, + libvirt_images_rbd_pool => 'volumes', + libvirt_images_rbd_ceph_conf => '/etc/ceph/ceph.conf', + libvirt_inject_password => 'false', + libvirt_inject_key => 'false', + libvirt_images_type => 'rbd', + nova_host => $nova_private_vip, + nova_db_password => $nova_db_password, + nova_user_password => $nova_user_password, + private_network => '', + private_iface => $ovs_tunnel_if, + private_ip => '', + rbd_user => 'volumes', + rbd_secret_uuid => $rbd_secret_uuid, + network_device_mtu => $quickstack::params::network_device_mtu, + + admin_password => $admin_password, + ssl => false, + + mysql_host => $mysql_ip, + mysql_ca => '/etc/ipa/ca.crt', + amqp_host => $amqp_ip, + amqp_username => $amqp_username, + amqp_password => $amqp_password, + + ceilometer => 'false', + ceilometer_metering_secret => $ceilometer_metering_secret, + ceilometer_user_password => $ceilometer_user_password, + + cinder_backend_gluster => $quickstack::params::cinder_backend_gluster, + cinder_backend_rbd => 'true', + glance_backend_rbd => 'true', + ceph_cluster_network => $ceph_public_network, + ceph_fsid => $ceph_fsid, + ceph_images_key => $ceph_images_key, + ceph_mon_host => $ceph_mon_host, + ceph_mon_initial_members => $ceph_mon_initial_members, + ceph_osd_pool_default_size => $ceph_osd_pool_size, + ceph_osd_journal_size => $ceph_osd_journal_size, + ceph_volumes_key => $ceph_volumes_key, + + agent_type => $this_agent, + enable_tunneling => true, + + ml2_mechanism_drivers => $ml2_mech_drivers, + odl_controller_ip => $odl_control_ip, + + neutron_db_password => $neutron_db_password, + neutron_user_password => $neutron_user_password, + neutron_host => $neutron_private_vip, + + ovs_tunnel_iface => $ovs_tunnel_if, + ovs_tunnel_network => '', + ovs_l2_population => 'false', + + tenant_network_type => 'vxlan', + tunnel_id_ranges => '1:1000', + ovs_tunnel_types => ['vxlan'], + + verbose => 'true', + security_group_api => 'neutron', + + } +} diff --git a/common/puppet-opnfv/manifests/controller.pp b/common/puppet-opnfv/manifests/controller.pp new file mode 100644 index 000000000..97b01813f --- /dev/null +++ b/common/puppet-opnfv/manifests/controller.pp @@ -0,0 +1,135 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +class opnfv::controller { + ###use 8081 as a default work around swift service + if $odl_rest_port == '' {$odl_rest_port = '8081'} + + if ($odl_flag != '') and str2bool($odl_flag) { + $ml2_mech_drivers = ['opendaylight'] + } + else { + $ml2_mech_drivers = ['openvswitch','l2population'] + } + + + if $admin_email == '' { fail('admin_email is empty') } + if $admin_password == '' { fail('admin_password is empty') } + + if $public_ip == '' { fail('public_ip is empty') } + if $private_ip == '' { fail('private_ip is empty') } + + if $odl_control_ip == '' { fail('odl_controL_ip is empty, should be the IP of your network node private interface') } + + if $mysql_ip == '' { fail('mysql_ip is empty') } + if $mysql_root_password == '' { fail('mysql_root_password is empty') } + if $amqp_ip == '' { fail('amqp_ip is empty') } + + if $memcache_ip == '' { fail('memcache_ip is empty') } + if $neutron_ip == '' { fail('neutron_ip is empty') } + + if $keystone_admin_token == '' { fail('keystone_admin_token is empty') } + if $keystone_db_password == '' { fail('keystone_db_password is empty') } + + if $horizon_secret_key == '' { fail('horizon_secret_key is empty') } + #if $trystack_db_password == '' { fail('trystack_db_password is empty') } + + if $nova_user_password == '' { fail('nova_user_password is empty') } + if $nova_db_password == '' { fail('nova_db_password is empty') } + + if $cinder_user_password == '' { fail('cinder_user_password is empty') } + if $cinder_db_password == '' { fail('cinder_db_password is empty') } + + if $glance_user_password == '' { fail('glance_user_password is empty') } + if $glance_db_password == '' { fail('glance_db_password is empty') } + + if $neutron_user_password == '' { fail('neutron_user_password is empty') } + if $neutron_db_password == '' { fail('neutron_db_password is empty') } + if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') } + + if $ceilometer_user_password == '' { fail('ceilometer_user_password is empty') } + if $ceilometer_metering_secret == '' { fail('ceilometer_user_password is empty') } + + if $heat_user_password == '' { fail('heat_user_password is empty') } + if $heat_db_password == '' { fail('heat_db_password is empty') } + if $heat_auth_encrypt_key == '' { fail('heat_auth_encrypt_key is empty') } + + if $swift_user_password == '' { fail('swift_user_password is empty') } + if $swift_shared_secret == '' { fail('swift_shared_secret is empty') } + if $swift_admin_password == '' { fail('swift_admin_password is empty') } + + class { "quickstack::neutron::controller": + admin_email => $admin_email, + admin_password => $admin_password, + controller_admin_host => $private_ip, + controller_priv_host => $private_ip, + controller_pub_host => $public_ip, + ssl => false, + #support_profile => $quickstack::params::support_profile, + #freeipa => $quickstack::params::freeipa, + + mysql_host => $mysql_ip, + mysql_root_password => $mysql_root_password, + #amqp_provider => $amqp_provider, + amqp_host => $amqp_ip, + amqp_username => 'guest', + amqp_password => 'guest', + #amqp_nssdb_password => $quickstack::params::amqp_nssdb_password, + + keystone_admin_token => $keystone_admin_token, + keystone_db_password => $keystone_db_password, + + ceilometer_metering_secret => $ceilometer_metering_secret, + ceilometer_user_password => $ceilometer_user_password, + + cinder_backend_gluster => $quickstack::params::cinder_backend_gluster, + cinder_backend_gluster_name => $quickstack::params::cinder_backend_gluster_name, + cinder_gluster_shares => $quickstack::params::cinder_gluster_shares, + cinder_user_password => $cinder_user_password, + cinder_db_password => $cinder_db_password, + + glance_db_password => $glance_db_password, + glance_user_password => $glance_user_password, + + heat_cfn => true, + heat_cloudwatch => true, + heat_db_password => $heat_db_password, + heat_user_password => $heat_user_password, + heat_auth_encrypt_key => $heat_auth_encrypt_key, + + horizon_secret_key => $horizon_secret_key, + horizon_ca => $quickstack::params::horizon_ca, + horizon_cert => $quickstack::params::horizon_cert, + horizon_key => $quickstack::params::horizon_key, + + ml2_mechanism_drivers => $ml2_mech_drivers, + #neutron => true, + neutron_metadata_proxy_secret => $neutron_metadata_shared_secret, + neutron_db_password => $neutron_db_password, + neutron_user_password => $neutron_user_password, + + nova_db_password => $nova_db_password, + nova_user_password => $nova_user_password, + odl_controller_ip => $odl_control_ip, + odl_controller_port => $odl_rest_port, + + swift_shared_secret => $swift_shared_secret, + swift_admin_password => $swift_admin_password, + swift_ringserver_ip => '192.168.203.1', + swift_storage_ips => ["192.168.203.2","192.168.203.3","192.168.203.4"], + swift_storage_device => 'device1', + } + +} diff --git a/common/puppet-opnfv/manifests/controller_networker.pp b/common/puppet-opnfv/manifests/controller_networker.pp new file mode 100644 index 000000000..157bc8f24 --- /dev/null +++ b/common/puppet-opnfv/manifests/controller_networker.pp @@ -0,0 +1,438 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +#Provides HA or non-HA setup for OpenStack Controller with ODL integration +#Mandatory common and HA variables are needed to setup each Controller +#ha_flag set to true will provide OpenStack HA of the following services: +#rabbitmq, galera mariadb, keystone, glance, nova, cinder, horizon, neutron +#includes all sub-services of those features (i.e. neutron-server, neutron-lg-agent, etc) + +class opnfv::controller_networker { + if $odl_rest_port == '' { $odl_rest_port= '8081'} + if ($odl_flag != '') and str2bool($odl_flag) { + $ml2_mech_drivers = ['opendaylight'] + $this_agent = 'opendaylight' + } else { + $ml2_mech_drivers = ['openvswitch','l2population'] + $this_agent = 'ovs' + } + + ##Mandatory Common variables + if $admin_email == '' { fail('admin_email is empty') } + + ##Most users will only care about a single user/password for all services + ##so lets create one variable that can be used instead of separate usernames/passwords + if !$single_username { $single_username = 'octopus' } + if !$single_password { $single_password = 'octopus' } + + if !$keystone_admin_token { $keystone_admin_token = $single_password } + if !$neutron_metadata_shared_secret { $neutron_metadata_shared_secret = $single_password } + if !$mysql_root_password { $mysql_root_password = $single_password } + if !$admin_password { $admin_password = $single_password } + + ##Check for HA, if not leave old functionality alone + if $ha_flag and str2bool($ha_flag) { + ##Mandatory HA variables + if !$controllers_ip_array { fail('controllers_ip_array is empty') } + $controllers_ip_array_str = $controllers_ip_array + $controllers_ip_array = split($controllers_ip_array, ',') + if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') } + $controllers_hostnames_array_str = $controllers_hostnames_array + $controllers_hostnames_array = split($controllers_hostnames_array, ',') + if !$amqp_vip { fail('amqp_vip is empty') } + if !$private_subnet { fail('private_subnet is empty')} + if !$cinder_admin_vip { fail('cinder_admin_vip is empty') } + if !$cinder_private_vip { fail('cinder_private_vip is empty') } + if !$cinder_public_vip { fail('cinder_public_vip is empty') } + if !$db_vip { fail('db_vip is empty') } + if !$glance_admin_vip { fail('glance_admin_vip is empty') } + if !$glance_private_vip { fail('glance_private_vip is empty') } + if !$glance_public_vip { fail('glance_public_vip is empty') } + if !$horizon_admin_vip { fail('horizon_admin_vip is empty') } + if !$horizon_private_vip { fail('horizon_private_vip is empty') } + if !$horizon_public_vip { fail('horizon_public_vip is empty') } + if !$keystone_admin_vip { fail('keystone_admin_vip is empty') } + if !$keystone_private_vip { fail('keystone_private_vip is empty') } + if !$keystone_public_vip { fail('keystone_public_vip is empty') } + if !$loadbalancer_vip { fail('loadbalancer_vip is empty') } + if !$neutron_admin_vip { fail('neutron_admin_vip is empty') } + if !$neutron_private_vip { fail('neutron_private_vip is empty') } + if !$neutron_public_vip { fail('neutron_public_vip is empty') } + if !$nova_admin_vip { fail('nova_admin_vip is empty') } + if !$nova_private_vip { fail('nova_private_vip is empty') } + if !$nova_public_vip { fail('nova_public_vip is empty') } + if $private_network == '' { fail('private_network is empty') } + if !$heat_admin_vip { fail('heat_admin_vip is empty') } + if !$heat_private_vip { fail('heat_private_vip is empty') } + if !$heat_public_vip { fail('heat_public_vip is empty') } + if !$heat_cfn_admin_vip { fail('heat_cfn_admin_vip is empty') } + if !$heat_cfn_private_vip { fail('heat_cfn_private_vip is empty') } + if !$heat_cfn_public_vip { fail('heat_cfn_public_vip is empty') } + + ##Find private interface + $ovs_tunnel_if = get_nic_from_network("$private_network") + + ##Optional HA variables + if !$amqp_username { $amqp_username = $single_username } + if !$amqp_password { $amqp_password = $single_password } + if !$ceph_fsid { $ceph_fsid = '904c8491-5c16-4dae-9cc3-6ce633a7f4cc' } + if !$ceph_images_key { $ceph_images_key = 'AQAfHBdUKLnUFxAAtO7WPKQZ8QfEoGqH0CLd7A==' } + if !$ceph_mon_host { $ceph_mon_host= $controllers_ip_array } + if !$ceph_mon_initial_members { $ceph_mon_initial_members = $controllers_hostnames_array} + if !$ceph_osd_journal_size { $ceph_osd_journal_size = '1000' } + if !$ceph_osd_pool_size { $ceph_osd_pool_size = '1' } + if !$ceph_public_network { $ceph_public_network = $private_subnet } + if !$ceph_volumes_key { $ceph_volumes_key = 'AQAfHBdUsFPTHhAAfqVqPq31FFCvyyO7oaOQXw==' } + if !$cinder_db_password { $cinder_db_password = $single_password } + if !$cinder_user_password { $cinder_user_password = $single_password } + if !$cluster_control_ip { $cluster_control_ip = $controllers_ip_array[0] } + if !$horizon_secret { $horizon_secret = $single_password } + if !$glance_db_password { $glance_db_password = $single_password } + if !$glance_user_password { $glance_user_password = $single_password } + if !$keystone_db_password { $keystone_db_password = $single_password } + if !$keystone_user_password { $keystone_user_password = $single_password } + if !$lb_backend_server_addrs { $lb_backend_server_addrs = $controllers_ip_array } + if !$lb_backend_server_names { $lb_backend_server_names = $controllers_hostnames_array } + if !$neutron_db_password { $neutron_db_password = $single_password } + if !$neutron_user_password { $neutron_user_password = $single_password } + if !$neutron_metadata_proxy_secret { $neutron_metadata_proxy_secret = $single_password } + if !$nova_db_password { $nova_db_password = $single_password } + if !$nova_user_password { $nova_user_password = $single_password } + if !$pcmk_server_addrs {$pcmk_server_addrs = $controllers_ip_array} + if !$pcmk_server_names {$pcmk_server_names = ["pcmk-${controllers_hostnames_array[0]}", "pcmk-${controllers_hostnames_array[1]}", "pcmk-${controllers_hostnames_array[2]}"] } + if !$rbd_secret_uuid { $rbd_secret_uuid = '3b519746-4021-4f72-957e-5b9d991723be' } + if !$heat_user_password { $heat_user_password = $single_password } + if !$heat_db_password { $heat_db_password = $single_password } + if !$heat_cfn_user_password { $heat_cfn_user_password = $single_password } + if !$heat_auth_encryption_key { $heat_auth_encryption_key = 'octopus1octopus1' } + if !$storage_network { + $storage_iface = $ovs_tunnel_if + } else { + $storage_iface = get_nic_from_network("$storage_network") + } + + ##we assume here that if not provided, the first controller is where ODL will reside + ##this is fine for now as we will replace ODL with ODL HA when it is ready + if $odl_control_ip == '' { $odl_control_ip = $controllers_ip_array[0] } + + ###find interface ip of storage network + $osd_ip = find_ip("", + "$storage_iface", + "") + + if ($external_network_flag != '') and str2bool($external_network_flag) { + class { "opnfv::external_net_presetup": + stage => presetup, + require => Class['opnfv::repo'], + } + } + + class { "opnfv::ceph_deploy": + fsid => $ceph_fsid, + osd_pool_default_size => $ceph_osd_pool_size, + osd_journal_size => $ceph_osd_journal_size, + mon_initial_members => $controllers_hostnames_array_str, + mon_host => $controllers_ip_array_str, + osd_ip => $osd_ip, + public_network => $ceph_public_network, + cluster_network => $ceph_public_network, + images_key => $ceph_images_key, + volumes_key => $ceph_volumes_key, + } + -> + class { "quickstack::openstack_common": } + -> + class { "quickstack::pacemaker::params": + amqp_password => $amqp_password, + amqp_username => $amqp_username, + amqp_vip => $amqp_vip, + ceph_cluster_network => $private_subnet, + ceph_fsid => $ceph_fsid, + ceph_images_key => $ceph_images_key, + ceph_mon_host => $ceph_mon_host, + ceph_mon_initial_members => $ceph_mon_initial_members, + ceph_osd_journal_size => $ceph_osd_journal_size, + ceph_osd_pool_size => $ceph_osd_pool_size, + ceph_public_network => $ceph_public_network, + ceph_volumes_key => $ceph_volumes_key, + cinder_admin_vip => $cinder_admin_vip, + cinder_db_password => $cinder_db_password, + cinder_private_vip => $cinder_private_vip, + cinder_public_vip => $cinder_public_vip, + cinder_user_password => $cinder_user_password, + cluster_control_ip => $cluster_control_ip, + db_vip => $db_vip, + glance_admin_vip => $glance_admin_vip, + glance_db_password => $glance_db_password, + glance_private_vip => $glance_private_vip, + glance_public_vip => $glance_public_vip, + glance_user_password => $glance_user_password, + heat_auth_encryption_key => $heat_auth_encryption_key, + heat_cfn_admin_vip => $heat_cfn_admin_vip, + heat_cfn_private_vip => $heat_cfn_private_vip, + heat_cfn_public_vip => $heat_cfn_public_vip, + heat_cfn_user_password => $heat_cfn_user_password, + heat_cloudwatch_enabled => 'true', + heat_cfn_enabled => 'true', + heat_db_password => $heat_db_password, + heat_admin_vip => $heat_admin_vip, + heat_private_vip => $heat_private_vip, + heat_public_vip => $heat_public_vip, + heat_user_password => $heat_user_password, + horizon_admin_vip => $horizon_admin_vip, + horizon_private_vip => $horizon_private_vip, + horizon_public_vip => $horizon_public_vip, + include_ceilometer => 'false', + include_cinder => 'true', + include_glance => 'true', + include_heat => 'true', + include_horizon => 'true', + include_keystone => 'true', + include_neutron => 'true', + include_nosql => 'false', + include_nova => 'true', + include_swift => 'false', + keystone_admin_vip => $keystone_admin_vip, + keystone_db_password => $keystone_db_password, + keystone_private_vip => $keystone_private_vip, + keystone_public_vip => $keystone_public_vip, + keystone_user_password => $keystone_user_password, + lb_backend_server_addrs => $lb_backend_server_addrs, + lb_backend_server_names => $lb_backend_server_names, + loadbalancer_vip => $loadbalancer_vip, + neutron => 'true', + neutron_admin_vip => $neutron_admin_vip, + neutron_db_password => $neutron_db_password, + neutron_metadata_proxy_secret => $neutron_metadata_proxy_secret, + neutron_private_vip => $neutron_private_vip, + neutron_public_vip => $neutron_public_vip, + neutron_user_password => $neutron_user_password, + nova_admin_vip => $nova_admin_vip, + nova_db_password => $nova_db_password, + nova_private_vip => $nova_private_vip, + nova_public_vip => $nova_public_vip, + nova_user_password => $nova_user_password, + pcmk_iface => $ovs_tunnel_if, + pcmk_server_addrs => $pcmk_server_addrs, + pcmk_server_names => $pcmk_server_names, + private_iface => $ovs_tunnel_if, + } + -> + class { "quickstack::pacemaker::common": } + -> + class { "quickstack::pacemaker::load_balancer": } + -> + class { "quickstack::pacemaker::galera": + mysql_root_password => $mysql_root_password, + wsrep_cluster_members => $controllers_ip_array, + } + -> + class { "quickstack::pacemaker::qpid": } + -> + class { "quickstack::pacemaker::rabbitmq": } + -> + class { "quickstack::pacemaker::keystone": + admin_email => $admin_email, + admin_password => $admin_password, + admin_token => $keystone_admin_token, + cinder => 'true', + heat => 'true', + heat_cfn => 'true', + keystonerc => 'true', + use_syslog => 'true', + verbose => 'true', + } + -> + class { "quickstack::pacemaker::swift": } + -> + class { "quickstack::pacemaker::glance": + backend => 'rbd', + debug => true, + pcmk_fs_manage => 'false', + use_syslog => true, + verbose => true + } + -> + class { "quickstack::pacemaker::nova": + neutron_metadata_proxy_secret => $neutron_metadata_shared_secret, + } + -> + class { "quickstack::pacemaker::cinder": + backend_rbd => true, + rbd_secret_uuid => $rbd_secret_uuid, + use_syslog => true, + verbose => true, + volume => true, + } + -> + class { "quickstack::pacemaker::heat": + use_syslog => true, + verbose => true, + } + -> + class { "quickstack::pacemaker::constraints": } + + class { "quickstack::pacemaker::nosql": } + + class { "quickstack::pacemaker::memcached": } + + class { "quickstack::pacemaker::ceilometer": + ceilometer_metering_secret => $single_password, + } + + class { "quickstack::pacemaker::horizon": + horizon_ca => '/etc/ipa/ca.crt', + horizon_cert => '/etc/pki/tls/certs/PUB_HOST-horizon.crt', + horizon_key => '/etc/pki/tls/private/PUB_HOST-horizon.key', + secret_key => $horizon_secret, + verbose => 'true', + } + + class { "quickstack::pacemaker::neutron": + agent_type => $this_agent, + enable_tunneling => 'true', + ml2_mechanism_drivers => $ml2_mech_drivers, + ml2_network_vlan_ranges => ["physnet1:10:50"], + odl_controller_ip => $odl_control_ip, + odl_controller_port => $odl_rest_port, + ovs_tunnel_iface => $ovs_tunnel_if, + ovs_tunnel_types => ["vxlan"], + verbose => 'true', + } + + if ($external_network_flag != '') and str2bool($external_network_flag) { + class { "opnfv::external_net_setup": } + } + + } else { + if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') } + if $public_ip == '' { fail('public_ip is empty') } + if $private_ip == '' { fail('private_ip is empty') } + + if $odl_control_ip == '' { $odl_control_ip = $private_ip } + + if $mysql_ip == '' { fail('mysql_ip is empty') } + if $mysql_root_password == '' { fail('mysql_root_password is empty') } + if $amqp_ip == '' { fail('amqp_ip is empty') } + + if $memcache_ip == '' { fail('memcache_ip is empty') } + if $neutron_ip == '' { fail('neutron_ip is empty') } + + if $keystone_db_password == '' { fail('keystone_db_password is empty') } + + if $horizon_secret_key == '' { fail('horizon_secret_key is empty') } + + if $nova_user_password == '' { fail('nova_user_password is empty') } + if $nova_db_password == '' { fail('nova_db_password is empty') } + + if $cinder_user_password == '' { fail('cinder_user_password is empty') } + if $cinder_db_password == '' { fail('cinder_db_password is empty') } + + if $glance_user_password == '' { fail('glance_user_password is empty') } + if $glance_db_password == '' { fail('glance_db_password is empty') } + + if $neutron_user_password == '' { fail('neutron_user_password is empty') } + if $neutron_db_password == '' { fail('neutron_db_password is empty') } + if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') } + + if $ceilometer_user_password == '' { fail('ceilometer_user_password is empty') } + if $ceilometer_metering_secret == '' { fail('ceilometer_user_password is empty') } + + if $heat_user_password == '' { fail('heat_user_password is empty') } + if $heat_db_password == '' { fail('heat_db_password is empty') } + if $heat_auth_encrypt_key == '' { fail('heat_auth_encrypt_key is empty') } + + if $swift_user_password == '' { fail('swift_user_password is empty') } + if $swift_shared_secret == '' { fail('swift_shared_secret is empty') } + if $swift_admin_password == '' { fail('swift_admin_password is empty') } + + if !$amqp_username { $amqp_username = $single_username } + if !$amqp_password { $amqp_password = $single_password } + + + class { "quickstack::neutron::controller_networker": + admin_email => $admin_email, + admin_password => $admin_password, + agent_type => $this_agent, + enable_tunneling => true, + ovs_tunnel_iface => $ovs_tunnel_if, + ovs_tunnel_network => '', + ovs_tunnel_types => ['vxlan'], + ovs_l2_population => 'True', + external_network_bridge => 'br-ex', + tenant_network_type => 'vxlan', + tunnel_id_ranges => '1:1000', + controller_admin_host => $private_ip, + controller_priv_host => $private_ip, + controller_pub_host => $public_ip, + ssl => false, + #support_profile => $quickstack::params::support_profile, + #freeipa => $quickstack::params::freeipa, + + mysql_host => $mysql_ip, + mysql_root_password => $mysql_root_password, + #amqp_provider => $amqp_provider, + amqp_host => $amqp_ip, + amqp_username => $amqp_username, + amqp_password => $amqp_password, + #amqp_nssdb_password => $quickstack::params::amqp_nssdb_password, + + keystone_admin_token => $keystone_admin_token, + keystone_db_password => $keystone_db_password, + + ceilometer_metering_secret => $ceilometer_metering_secret, + ceilometer_user_password => $ceilometer_user_password, + + cinder_backend_gluster => $quickstack::params::cinder_backend_gluster, + cinder_backend_gluster_name => $quickstack::params::cinder_backend_gluster_name, + cinder_gluster_shares => $quickstack::params::cinder_gluster_shares, + cinder_user_password => $cinder_user_password, + cinder_db_password => $cinder_db_password, + + glance_db_password => $glance_db_password, + glance_user_password => $glance_user_password, + + heat_cfn => true, + heat_cloudwatch => true, + heat_db_password => $heat_db_password, + heat_user_password => $heat_user_password, + heat_auth_encrypt_key => $heat_auth_encrypt_key, + + horizon_secret_key => $horizon_secret_key, + horizon_ca => $quickstack::params::horizon_ca, + horizon_cert => $quickstack::params::horizon_cert, + horizon_key => $quickstack::params::horizon_key, + + ml2_mechanism_drivers => $ml2_mech_drivers, + + #neutron => true, + neutron_metadata_proxy_secret => $neutron_metadata_shared_secret, + neutron_db_password => $neutron_db_password, + neutron_user_password => $neutron_user_password, + + nova_db_password => $nova_db_password, + nova_user_password => $nova_user_password, + + odl_controller_ip => $odl_control_ip, + odl_controller_port => $odl_rest_port, + + swift_shared_secret => $swift_shared_secret, + swift_admin_password => $swift_admin_password, + swift_ringserver_ip => '192.168.203.1', + swift_storage_ips => ["192.168.203.2","192.168.203.3","192.168.203.4"], + swift_storage_device => 'device1', + } + + } +} diff --git a/common/puppet-opnfv/manifests/external_net_presetup.pp b/common/puppet-opnfv/manifests/external_net_presetup.pp new file mode 100644 index 000000000..b7c7c5f07 --- /dev/null +++ b/common/puppet-opnfv/manifests/external_net_presetup.pp @@ -0,0 +1,102 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +class opnfv::external_net_presetup { + + if $public_gateway == '' { fail('public_gateway is empty') } + if $public_dns == '' { fail('public_dns is empty') } + if $public_network == '' { fail('public_network is empty') } + if $public_subnet == '' { fail('public_subnet is empty') } + if $public_allocation_start == '' { fail('public_allocation_start is empty') } + if $public_allocation_end == '' { fail('public_allocation_end is empty') } + if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') } + $controllers_hostnames_array_str = $controllers_hostnames_array + $controllers_hostnames_array = split($controllers_hostnames_array, ',') + + #find public NIC + $public_nic = get_nic_from_network("$public_network") + $public_nic_ip = get_ip_from_nic("$public_nic") + $public_nic_netmask = get_netmask_from_nic("$public_nic") + + if ($public_nic == '') or ($public_nic_ip == '') or ($public_nic == "br-ex") or ($public_nic == "br_ex") { + notify {"Skipping augeas, public_nic ${public_nic}, public_nic_ip ${public_nic_ip}":} + + exec {'ovs-vsctl -t 10 -- --may-exist add-br br-ex': + path => ["/usr/sbin/", "/usr/bin/"], + unless => 'ip addr show br-ex | grep "inet "', + before => Exec['restart-network-public-nic-ip'], + } + ~> + exec {'systemctl restart network': + path => ["/usr/sbin/", "/usr/bin/"], + refreshonly => 'true', + } + + exec {'restart-network-public-nic-ip': + command => 'systemctl restart network', + path => ["/usr/sbin/", "/usr/bin/"], + onlyif => 'ip addr show | grep $(ip addr show br-ex | grep -Eo "inet [\.0-9]+" | cut -d " " -f2) | grep -v br-ex', + } + + } else { + #reconfigure public interface to be ovsport + augeas { "main-$public_nic": + context => "/files/etc/sysconfig/network-scripts/ifcfg-$public_nic", + changes => [ + "rm IPADDR", + "rm NETMASK", + "rm GATEWAY", + "rm DNS1", + "rm BOOTPROTO", + "rm DEFROUTE", + "rm IPV6_DEFROUTE", + "rm IPV6_PEERDNS", + "rm IPV6_PEERROUTES", + "rm PEERROUTES", + "set PEERDNS no", + "set BOOTPROTO static", + "set IPV6INIT no", + "set IPV6_AUTOCONF no", + "set ONBOOT yes", + "set TYPE OVSPort", + "set OVS_BRIDGE br-ex", + "set PROMISC yes" + + ], + before => Class["quickstack::pacemaker::params"], + require => Service["openvswitch"], + } + + -> + #create br-ex interface + file { 'external_bridge': + path => '/etc/sysconfig/network-scripts/ifcfg-br-ex', + owner => 'root', + group => 'root', + mode => '0644', + content => template('trystack/br_ex.erb'), + before => Class["quickstack::pacemaker::params"], + } + -> + exec {'ovs-vsctl -t 10 -- --may-exist add-br br-ex': + path => ["/usr/sbin/", "/usr/bin/"], + } + ~> + exec {'systemctl restart network': + path => ["/usr/sbin/", "/usr/bin/"], + refreshonly => 'true', + } + + } +} diff --git a/common/puppet-opnfv/manifests/external_net_setup.pp b/common/puppet-opnfv/manifests/external_net_setup.pp new file mode 100644 index 000000000..af00f203e --- /dev/null +++ b/common/puppet-opnfv/manifests/external_net_setup.pp @@ -0,0 +1,85 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +class opnfv::external_net_setup { + + if $public_gateway == '' { fail('public_gateway is empty') } + if $public_dns == '' { fail('public_dns is empty') } + if $public_network == '' { fail('public_network is empty') } + if $public_subnet == '' { fail('public_subnet is empty') } + if $public_allocation_start == '' { fail('public_allocation_start is empty') } + if $public_allocation_end == '' { fail('public_allocation_end is empty') } + if !$controllers_hostnames_array { fail('controllers_hostnames_array is empty') } + $controllers_hostnames_array_str = $controllers_hostnames_array + $controllers_hostnames_array = split($controllers_hostnames_array, ',') + + #find public NIC + $public_nic = get_nic_from_network("$public_network") + $public_nic_ip = get_ip_from_nic("$public_nic") + $public_nic_netmask = get_netmask_from_nic("$public_nic") + + Anchor[ 'neutron configuration anchor end' ] + -> + #update bridge-mappings to physnet1 + file_line { 'ovs': + ensure => present, + path => '/etc/neutron/plugin.ini', + line => '[ovs]', + } + -> + #update bridge-mappings to physnet1 + file_line { 'bridge_mapping': + ensure => present, + path => '/etc/neutron/plugin.ini', + line => 'bridge_mappings = physnet1:br-ex', + } + -> + Exec["pcs-neutron-server-set-up"] + +##this way we only let controller1 create the neutron resources +##controller1 should be the active neutron-server at provisioining time + + if $hostname == $controllers_hostnames_array[0] { + Exec["all-neutron-nodes-are-up"] + -> + neutron_network { 'provider_network': + ensure => present, + name => 'provider_network', + admin_state_up => true, + provider_network_type => flat, + provider_physical_network => 'physnet1', + router_external => true, + tenant_name => 'admin', + } + -> + neutron_subnet { 'provider_subnet': + ensure => present, + name => provider_subnet, + cidr => $public_subnet, + gateway_ip => $public_gateway, + allocation_pools => [ "start=${public_allocation_start},end=${public_allocation_end}" ], + dns_nameservers => $public_dns, + network_name => 'provider_network', + tenant_name => 'admin', + } + -> + neutron_router { 'provider_router': + ensure => present, + name => 'provider_router', + admin_state_up => true, + gateway_network_name => 'provider_network', + tenant_name => 'admin', + } + } +} diff --git a/common/puppet-opnfv/manifests/init.pp b/common/puppet-opnfv/manifests/init.pp new file mode 100644 index 000000000..7b68df57a --- /dev/null +++ b/common/puppet-opnfv/manifests/init.pp @@ -0,0 +1,44 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +class opnfv { + if $::osfamily == 'Fuel' { + include opnfv::resolver + include opnfv::ntp + include opnfv::add_packages + include opnfv::odl_docker + include opnfv::opncheck + } + + if $::osfamily == 'RedHat' { + + include stdlib + stage { 'presetup': + before => Stage['setup'], + } + + class { '::ntp': + stage => presetup, + } + + class { "opnfv::repo": + stage => presetup, + } + -> + package { "python-rados": + ensure => latest, + } + } +} diff --git a/common/puppet-opnfv/manifests/network.pp b/common/puppet-opnfv/manifests/network.pp new file mode 100644 index 000000000..91e769378 --- /dev/null +++ b/common/puppet-opnfv/manifests/network.pp @@ -0,0 +1,77 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +class opnfv::network { + ###use 8081 as a default work around swift service + if $odl_rest_port == '' {$odl_rest_port = '8081'} + + if ($odl_flag != '') and str2bool($odl_flag) { + $ml2_mech_drivers = ['opendaylight'] + $this_agent = 'opendaylight' + class {"opendaylight": + odl_rest_port => $odl_rest_port, + extra_features => ['odl-base-all', 'odl-aaa-authn', 'odl-restconf', 'odl-nsf-all', 'odl-adsal-northbound', 'odl-mdsal-apidocs', 'odl-ovsdb-openstack', 'odl-ovsdb-northbound', 'odl-dlux-core'], + } + } + else { + $ml2_mech_drivers = ['openvswitch','l2population'] + $this_agent = 'ovs' + } + + + + if $ovs_tunnel_if == '' { fail('ovs_tunnel_if is empty') } + if $private_ip == '' { fail('private_ip is empty') } + + if $odl_control_ip == '' { fail('odl_controL_ip is empty, should be the IP of your network node private interface') } + + if $mysql_ip == '' { fail('mysql_ip is empty') } + if $amqp_ip == '' { fail('amqp_ip is empty') } + + if $nova_user_password == '' { fail('nova_user_password is empty') } + if $nova_db_password == '' { fail('nova_db_password is empty') } + + if $neutron_user_password == '' { fail('neutron_user_password is empty') } + if $neutron_db_password == '' { fail('neutron_db_password is empty') } + if $neutron_metadata_shared_secret == '' { fail('neutron_metadata_shared_secret is empty') } + + class { "quickstack::neutron::networker": + agent_type => $this_agent, + neutron_metadata_proxy_secret => $neutron_metadata_shared_secret, + neutron_db_password => $neutron_db_password, + neutron_user_password => $neutron_user_password, + nova_db_password => $nova_db_password, + nova_user_password => $nova_user_password, + + controller_priv_host => $private_ip, + + enable_tunneling => true, + ovs_tunnel_iface => $ovs_tunnel_if, + ovs_tunnel_network => '', + ovs_l2_population => 'True', + ovs_tunnel_types => ['vxlan'], + external_network_bridge => 'br-ex', + tenant_network_type => 'vxlan', + tunnel_id_ranges => '1:1000', + + mysql_host => $mysql_ip, + amqp_host => $amqp_ip, + amqp_username => 'guest', + amqp_password => 'guest', + + ml2_mechanism_drivers => $ml2_mech_drivers, + odl_controller_ip => $odl_control_ip, + } +} diff --git a/common/puppet-opnfv/manifests/ntp.pp b/common/puppet-opnfv/manifests/ntp.pp new file mode 100644 index 000000000..c27175ece --- /dev/null +++ b/common/puppet-opnfv/manifests/ntp.pp @@ -0,0 +1,72 @@ +############################################################################## +# Copyright (c) 2015 Ericsson AB and others. +# stefan.k.berg@ericsson.com +# jonas.bjurel@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +# Class: Ntp +# +# Add Ntp content passed through astute.yaml into ntp.conf depending on the role +# +# Suitable yaml content: +# +# opnfv: +# ntp: +# controller: | +# line 1 +# line 2 +# compute: | +# line 1 +# line 2 +# +# +# +# + +class opnfv::ntp( + $file='/etc/ntp.conf' +) { + + if $::fuel_settings['role'] { + if ($::fuel_settings['opnfv'] and + $::fuel_settings['opnfv']['ntp']) { + case $::fuel_settings['role'] { + /controller/: { + if $::fuel_settings['opnfv']['ntp']['controller'] { + $template = 'opnfv/ntp.conf.controller.erb' + $file_content = $::fuel_settings['opnfv']['ntp']['controller'] + } + } + /compute/: { + if $::fuel_settings['opnfv']['ntp']['compute'] { + $template = 'opnfv/ntp.conf.compute.erb' + $file_content = $::fuel_settings['opnfv']['ntp']['compute'] + } + } + } + } + } + + if $file_content { + package { 'ntp': + ensure => installed, + } + + file { $file: + content => template($template), + notify => Service['ntp'], + } + + service { 'ntp': + ensure => running, + enable => true, + require => [ Package['ntp'], File[$file]] + } + } +} + + diff --git a/common/puppet-opnfv/manifests/odl_docker.pp b/common/puppet-opnfv/manifests/odl_docker.pp new file mode 100644 index 000000000..6e70ba077 --- /dev/null +++ b/common/puppet-opnfv/manifests/odl_docker.pp @@ -0,0 +1,50 @@ +############################################################################## +# Copyright (c) 2015 Ericsson AB and others. +# daniel.smith@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +class opnfv::odl_docker +{ + case $::fuel_settings['role'] { + /controller/: { + + file { "/opt": + ensure => "directory", + } + + file { "/opt/opnfv": + ensure => "directory", + owner => "root", + group => "root", + mode => 777, + } + + file { "/opt/opnfv/odl": + ensure => "directory", + } + + file { "/opt/opnfv/odl/odl_docker_image.tar": + ensure => present, + source => "/etc/puppet/modules/opnfv/odl_docker/odl_docker_image.tar", + mode => 750, + } + + file { "/opt/opnfv/odl/docker-latest": + ensure => present, + source => "/etc/puppet/modules/opnfv/odl_docker/docker-latest", + mode => 750, + } + + file { "/opt/opnfv/odl/start_odl_conatiner.sh": + ensure => present, + source => "/etc/puppet/modules/opnfv/scripts/start_odl_container.sh", + mode => 750, + } + } + } +} + diff --git a/common/puppet-opnfv/manifests/odl_service.pp b/common/puppet-opnfv/manifests/odl_service.pp new file mode 100644 index 000000000..bbe8218f8 --- /dev/null +++ b/common/puppet-opnfv/manifests/odl_service.pp @@ -0,0 +1,24 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +#Class installs opendaylight with a default rest port of 8081 +#This is to work around OpenStack Swift which also uses common port 8080 + +class opnfv::odl_service { + if !$odl_rest_port { $odl_rest_port = '8081'} + class {"opendaylight": + extra_features => ['odl-base-all', 'odl-aaa-authn', 'odl-restconf', 'odl-nsf-all', 'odl-adsal-northbound', 'odl-mdsal-apidocs', 'odl-ovsdb-openstack', 'odl-ovsdb-northbound', 'odl-dlux-core'], + odl_rest_port => $odl_rest_port, + } +} diff --git a/common/puppet-opnfv/manifests/repo.pp b/common/puppet-opnfv/manifests/repo.pp new file mode 100644 index 000000000..fe8930565 --- /dev/null +++ b/common/puppet-opnfv/manifests/repo.pp @@ -0,0 +1,67 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +class opnfv::repo { + if $::osfamily == 'RedHat' { + if $proxy_address != '' { + $myline= "proxy=${proxy_address}" + include stdlib + file_line { 'yumProxy': + ensure => present, + path => '/etc/yum.conf', + line => $myline, + before => Yumrepo['openstack-juno'], + } + } + + yumrepo { "openstack-juno": + baseurl => "http://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/", + descr => "RDO Community repository", + enabled => 1, + gpgcheck => 0, + } + + exec {'disable selinux': + command => '/usr/sbin/setenforce 0', + unless => '/usr/sbin/getenforce | grep Permissive', + } + -> + service { "network": + ensure => "running", + enable => "true", + hasrestart => true, + restart => '/usr/bin/systemctl restart network', + } + -> + service { 'NetworkManager': + ensure => "stopped", + enable => "false", + } + ~> + exec { 'restart-network-presetup': + command => 'systemctl restart network', + path => ["/usr/sbin/", "/usr/bin/"], + refreshonly => 'true', + } + -> + package { 'openvswitch': + ensure => installed, + } + -> + service {'openvswitch': + ensure => 'running', + } + } +} diff --git a/common/puppet-opnfv/manifests/resolver.pp b/common/puppet-opnfv/manifests/resolver.pp new file mode 100644 index 000000000..2951f7e1f --- /dev/null +++ b/common/puppet-opnfv/manifests/resolver.pp @@ -0,0 +1,62 @@ +############################################################################## +# Copyright (c) 2015 Ericsson AB and others. +# stefan.k.berg@ericsson.com +# jonas.bjurel@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +# Class: opnfv::resolver +# +# Add resolver content passed through astute.yaml into resolv.conf +# depending on the role +# +# Suitable yaml content: +# +# opnfv: +# dns: +# compute: +# - 100.100.100.2 +# - 100.100.100.3 +# controller: +# - 100.100.100.102 +# - 100.100.100.104 +# +# +# +# + +class opnfv::resolver() +{ + if $::fuel_settings['role'] { + if $::fuel_settings['role'] == 'primary-controller' { + $role = 'controller' + } else { + $role = $::fuel_settings['role'] + } + + if ($::fuel_settings['opnfv'] + and $::fuel_settings['opnfv']['dns'] + and $::fuel_settings['opnfv']['dns'][$role]) { + $nameservers=$::fuel_settings['opnfv']['dns'][$role] + + file { '/etc/resolv.conf': + owner => root, + group => root, + mode => '0644', + content => template('opnfv/resolv.conf.erb'), + } +# /etc/resolv.conf is re-generated at each boot by resolvconf, so we +# need to store there as well. + file { '/etc/resolvconf/resolv.conf.d/head': + owner => root, + group => root, + mode => '0644', + content => template('opnfv/resolv.conf.erb'), + } + } + } +} + diff --git a/common/puppet-opnfv/manifests/tempest.pp b/common/puppet-opnfv/manifests/tempest.pp new file mode 100644 index 000000000..86f4212a9 --- /dev/null +++ b/common/puppet-opnfv/manifests/tempest.pp @@ -0,0 +1,27 @@ +#Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +#The required package for tempest is missing in Khaleesi along with EPEL for CentOS. +#This is a workaround for now since we require EPEL with Foreman/Puppet +#Also is a good place to put anything additional that we wish to install on the tempest node. + +class opnfv::tempest { + + if $::osfamily == 'RedHat' { + package { 'subunit-filters': + ensure => present, + } + } +} diff --git a/common/puppet-opnfv/manifests/templates/dockerfile/Dockerfile b/common/puppet-opnfv/manifests/templates/dockerfile/Dockerfile new file mode 100644 index 000000000..80a92d8c5 --- /dev/null +++ b/common/puppet-opnfv/manifests/templates/dockerfile/Dockerfile @@ -0,0 +1,82 @@ +#################################################################### +# Copyright (c) 2015 Ericsson AB and others. +# daniel.smith@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# DOCKERFILE TO CREATE ODL IN CONTAINER AND EXPOSE DLUX AND OVSDB TO ODL +# +############################################################################# + + +#Set the base image - note: the current release of Karaf is using Jdk7 and alot of 12.04, so we will use it rather than 14.04 and backport a ton of stuff +FROM ubuntu:12.04 + +# Maintainer Info +MAINTAINER Daniel Smith + + +#Run apt-get update one start just to check for updates when building +RUN echo "Updating APT" +RUN apt-get update +RUN echo "Adding wget" +RUN apt-get install -y wget +RUN apt-get install -y net-tools +RUN apt-get install -y openjdk-7-jre +RUN apt-get install -y openjdk-7-jdk +RUN apt-get install -y openssh-server +RUN apt-get install -y vim +RUN apt-get install -y expect +RUN apt-get install -y daemontools +RUN mkdir -p /opt/odl_source +RUN bash -c 'echo "export JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64" >> ~/.bashrc' + + + +#Now lets got and fetch the ODL distribution +RUN echo "Fetching ODL" +RUN wget https://nexus.opendaylight.org/content/groups/public/org/opendaylight/integration/distribution-karaf/0.2.3-Helium-SR3/distribution-karaf-0.2.3-Helium-SR3.tar.gz -O /opt/odl_source/distribution-karaf-0.2.3-Helium-SR3.tar.gz + +RUN echo "Untarring ODL inplace" +RUN mkdir -p /opt/odl +RUN tar zxvf /opt/odl_source/distribution-karaf-0.2.3-Helium-SR3.tar.gz -C /opt/odl + +RUN echo "Installing DLUX and other features into ODL" +#COPY dockerfile/container_scripts/start_odl_docker.sh /etc/init.d/start_odl_docker.sh +COPY container_scripts/start_odl_docker_container.sh /etc/init.d/ +COPY container_scripts/speak.sh /etc/init.d/ +#COPY dockerfile/container_scripts/speak.sh /etc/init.d/speak.sh +RUN chmod 777 /etc/init.d/start_odl_docker_container.sh +RUN chmod 777 /etc/init.d/speak.sh + + + +# Expose the ports + +# PORTS FOR BASE SYSTEM AND DLUX +EXPOSE 8101 +EXPOSE 6633 +EXPOSE 1099 +EXPOSE 43506 +EXPOSE 8181 +EXPOSE 8185 +EXPOSE 9000 +EXPOSE 39378 +EXPOSE 33714 +EXPOSE 44444 +EXPOSE 6653 + +# PORTS FOR OVSDB AND ODL CONTROL +EXPOSE 12001 +EXPOSE 6640 +EXPOSE 8080 +EXPOSE 7800 +EXPOSE 55130 +EXPOSE 52150 +EXPOSE 36826 + +# set the ENTRYPOINT - An entry point allows us to run this container as an exectuable +CMD ["/etc/init.d/start_odl_docker_container.sh"] diff --git a/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/check_feature.sh b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/check_feature.sh new file mode 100644 index 000000000..533942eb3 --- /dev/null +++ b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/check_feature.sh @@ -0,0 +1,18 @@ +############################################################################## +# Copyright (c) 2015 Ericsson AB and others. +# daniel.smith@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +#!/usr/bin/expect +spawn /opt/odl/distribution-karaf-0.2.3-Helium-SR3/bin/client +expect "root>" +send "feature:list | grep -i odl-restconf\r" +send "\r\r\r" +expect "root>" +send "logout\r" + + diff --git a/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/speak.sh b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/speak.sh new file mode 100644 index 000000000..95bbaf4e6 --- /dev/null +++ b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/speak.sh @@ -0,0 +1,20 @@ +#!/usr/bin/expect +############################################################################## +# Copyright (c) 2015 Ericsson AB and others. +# daniel.smith@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# Simple expect script to start up ODL client and load feature set for DLUX and OVSDB +# NOTE: THIS WILL BE REPLACED WITH A PROGRAMATIC METHOD SHORTLY +################################################################################# + +spawn /opt/odl/distribution-karaf-0.2.3-Helium-SR3/bin/client +expect "root>" +send "feature:install odl-base-all odl-aaa-authn odl-restconf odl-nsf-all odl-adsal-northbound odl-mdsal-apidocs odl-ovsdb-openstack odl-ovsdb-northbound odl-dlux-core" +send "\r\r\r" +expect "root>" +send "logout\r" diff --git a/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/start_odl_docker_container.sh b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/start_odl_docker_container.sh new file mode 100644 index 000000000..8ae05f7bc --- /dev/null +++ b/common/puppet-opnfv/manifests/templates/dockerfile/container_scripts/start_odl_docker_container.sh @@ -0,0 +1,48 @@ +#!/bin/bash +############################################################################## +# Copyright (c) 2015 Ericsson AB and others. +# daniel.smith@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# +# Simple expect script to start up ODL client and load feature set for DLUX and OVSDB +# NOTE: THIS WILL BE REPLACED WITH A PROGRAMATIC METHOD SHORTLY +################################################################################# +# Start up script for calling karaf / ODL inside a docker container. +# +# This script will also call a couple expect scripts to load the feature set that we want + + +#ENV +export JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64 + +#MAIN +echo "Starting up the da Sheilds..." +/opt/odl/distribution-karaf-0.2.3-Helium-SR3/bin/karaf server & +echo "Sleeping 5 bad hack" +sleep 10 +echo "should see stuff listening now" +netstat -na +echo " should see proess running for karaf" +ps -efa +echo " Starting the packages we want" +/etc/init.d/speak.sh +echo "Printout the status - if its right, you should see 8181 appear now" +netstat -na +ps -efa + + + +## This is a loop that keeps our container going currently, prinout the "status of karaf" to the docker logs every minute +## Cheap - but effective +while true; +do + echo "Checking status of ODL:" + /opt/odl/distribution-karaf-0.2.3-Helium-SR3/bin/status + sleep 60 +done + + diff --git a/common/puppet-opnfv/manifests/templates/ntp.conf.compute.erb b/common/puppet-opnfv/manifests/templates/ntp.conf.compute.erb new file mode 100644 index 000000000..ac6529314 --- /dev/null +++ b/common/puppet-opnfv/manifests/templates/ntp.conf.compute.erb @@ -0,0 +1,22 @@ +############################################################################## +# Copyright (c) 2015 Ericsson AB and others. +# stefan.k.berg@ericsson.com +# jonas.bjurel@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +tinker panic 0 +driftfile /var/lib/ntp/ntp.drift +statistics loopstats peerstats clockstats +filegen loopstats file loopstats type day enable +filegen peerstats file peerstats type day enable +filegen clockstats file clockstats type day enable +restrict -4 default kod notrap nomodify nopeer noquery +restrict -6 default kod notrap nomodify nopeer noquery +restrict 127.0.0.1 +restrict ::1 +<%= @file_content %> + diff --git a/common/puppet-opnfv/manifests/templates/ntp.conf.controller.erb b/common/puppet-opnfv/manifests/templates/ntp.conf.controller.erb new file mode 100644 index 000000000..ac6529314 --- /dev/null +++ b/common/puppet-opnfv/manifests/templates/ntp.conf.controller.erb @@ -0,0 +1,22 @@ +############################################################################## +# Copyright (c) 2015 Ericsson AB and others. +# stefan.k.berg@ericsson.com +# jonas.bjurel@ericsson.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +tinker panic 0 +driftfile /var/lib/ntp/ntp.drift +statistics loopstats peerstats clockstats +filegen loopstats file loopstats type day enable +filegen peerstats file peerstats type day enable +filegen clockstats file clockstats type day enable +restrict -4 default kod notrap nomodify nopeer noquery +restrict -6 default kod notrap nomodify nopeer noquery +restrict 127.0.0.1 +restrict ::1 +<%= @file_content %> + diff --git a/common/puppet-opnfv/templates/br_ex.erb b/common/puppet-opnfv/templates/br_ex.erb new file mode 100644 index 000000000..6c0e7e7f0 --- /dev/null +++ b/common/puppet-opnfv/templates/br_ex.erb @@ -0,0 +1,10 @@ +DEVICE=br-ex +DEVICETYPE=ovs +IPADDR=<%= @public_nic_ip %> +NETMASK=<%= @public_nic_netmask %> +GATEWAY=<%= @public_gateway %> +BOOTPROTO=static +ONBOOT=yes +TYPE=OVSBridge +PROMISC=yes +PEERDNS=no diff --git a/common/tools/README.md b/common/tools/README.md new file mode 100644 index 000000000..e407dd23a --- /dev/null +++ b/common/tools/README.md @@ -0,0 +1,17 @@ + +# Tools +This directory contains tools which are common to OPNFV (i.e. independent from the various installer approaches). -- cgit 1.2.3-korg