From 75c464b5bdeac188902d17576981c8074624ddf0 Mon Sep 17 00:00:00 2001 From: Alexandru Avadanii Date: Sat, 5 Aug 2017 02:25:38 +0200 Subject: maas: region: credentials workaround, force sync Workaround the issues described in [1], stating that salt-formula-maas package cannot set an autogenerated PostgreSQL password, respectively the known error thrown during initial setup. FIXME: These should be reverted later, after fixing the MaaS password update and initial artifact sync in the salt formula / scripts. [1] https://docs.mirantis.com/mcp/1.0/mcp-deployment-guide/\ install-base-infra/set-up-bare-metal-provisioner/configure-maas-vm.html Change-Id: I8b37f55d3caa4119c64f9549578850dd4eb9e3ad Signed-off-by: Alexandru Avadanii --- .../0001-opendaylight-formula-neutron.patch | 144 +++++++++++++++++++++ .../0002-maas-region-skip-credentials-update.patch | 30 +++++ .../0002-opendaylight-formula-neutron.patch | 144 --------------------- .../0003-maas-region-force-artifact-download.patch | 39 ++++++ mcp/patches/patches.list | 4 +- 5 files changed, 216 insertions(+), 145 deletions(-) create mode 100644 mcp/patches/0001-opendaylight-formula-neutron.patch create mode 100644 mcp/patches/0002-maas-region-skip-credentials-update.patch delete mode 100644 mcp/patches/0002-opendaylight-formula-neutron.patch create mode 100644 mcp/patches/0003-maas-region-force-artifact-download.patch (limited to 'mcp/patches') diff --git a/mcp/patches/0001-opendaylight-formula-neutron.patch b/mcp/patches/0001-opendaylight-formula-neutron.patch new file mode 100644 index 000000000..e52d315a5 --- /dev/null +++ b/mcp/patches/0001-opendaylight-formula-neutron.patch @@ -0,0 +1,144 @@ +From: Michael Polenchuk +Date: Thu, 29 Jun 2017 12:05:25 +0400 +Subject: [PATCH] Bring in opendaylight support + +Change-Id: Ie9073fafccba336f94b1996bd85c98d7a7f5060b + +diff --git a/neutron/files/ocata/dhcp_agent.ini b/neutron/files/ocata/dhcp_agent.ini +index d327e64..ba5f933 100644 +--- a/neutron/files/ocata/dhcp_agent.ini ++++ b/neutron/files/ocata/dhcp_agent.ini +@@ -1,3 +1,8 @@ ++{%- if pillar.neutron.gateway is defined %} ++{%- from "neutron/map.jinja" import gateway as neutron with context %} ++{%- else %} ++{%- from "neutron/map.jinja" import compute as neutron with context %} ++{%- endif %} + [DEFAULT] + + # +@@ -48,6 +53,7 @@ enable_isolated_metadata = True + # this value will force the DHCP server to append specific host routes to the DHCP request. If this option is set, then the metadata service + # will be activated for all the networks. (boolean value) + #force_metadata = false ++{% if neutron.backend.get('router', 'False') %}force_metadata = True{% endif %} + + # Allows for serving metadata requests coming from a dedicated metadata access network whose CIDR is 169.254.169.254/16 (or larger prefix), + # and is connected to a Neutron router from which the VMs send metadata:1 request. In this case DHCP Option 121 will not be injected in VMs, +diff --git a/neutron/files/ocata/ml2_conf.ini b/neutron/files/ocata/ml2_conf.ini +index 0d48951..347eb15 100644 +--- a/neutron/files/ocata/ml2_conf.ini ++++ b/neutron/files/ocata/ml2_conf.ini +@@ -269,3 +269,11 @@ enable_security_group = True + # Use ipset to speed-up the iptables based security groups. Enabling ipset + # support requires that ipset is installed on L2 agent node. (boolean value) + #enable_ipset = true ++ ++{%- if server.backend.engine == "opendaylight" %} ++[ml2_odl] ++port_binding_controller = network-topology ++url = http://{{ server.backend.host }}:{{ server.backend.rest_api_port }}/controller/nb/v2/neutron ++username = {{ server.backend.user }} ++password = {{ server.backend.password }} ++{%- endif %} +diff --git a/neutron/files/ocata/neutron-generic.conf.Debian b/neutron/files/ocata/neutron-generic.conf.Debian +index 0dde78f..05ac805 100644 +--- a/neutron/files/ocata/neutron-generic.conf.Debian ++++ b/neutron/files/ocata/neutron-generic.conf.Debian +@@ -33,11 +33,11 @@ state_path = /var/lib/neutron + #auth_strategy = keystone + auth_strategy = keystone + +-{% if neutron.backend.engine == "ml2" %} ++{% if neutron.backend.engine in ["ml2", "opendaylight"] %} + + core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin + +-service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.metering.metering_plugin.MeteringPlugin ++service_plugins = {{ neutron.backend.get('router', 'router')}},metering + + {% endif %} + +@@ -2073,3 +2073,8 @@ heartbeat_rate = 2 + # Sets the list of available ciphers. value should be a string in the OpenSSL + # cipher list format. (string value) + #ciphers = ++ ++{%- if neutron.backend.engine == "opendaylight" %} ++[ovs] ++ovsdb_connection = {{ neutron.backend.ovsdb_connection }} ++{%- endif %} +diff --git a/neutron/files/ocata/neutron-server b/neutron/files/ocata/neutron-server +index 54f6ceb..1682ee0 100644 +--- a/neutron/files/ocata/neutron-server ++++ b/neutron/files/ocata/neutron-server +@@ -7,7 +7,7 @@ + # neutron.conf + #NEUTRON_PLUGIN_CONFIG="/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini" + +-{%- if server.backend.engine == "ml2" %} ++{%- if server.backend.engine in ["ml2", "opendaylight"] %} + NEUTRON_PLUGIN_CONFIG="/etc/neutron/plugins/ml2/ml2_conf.ini" + {%- endif %} + +diff --git a/neutron/files/ocata/neutron-server.conf.Debian b/neutron/files/ocata/neutron-server.conf.Debian +index 229d342..ac8bdff 100644 +--- a/neutron/files/ocata/neutron-server.conf.Debian ++++ b/neutron/files/ocata/neutron-server.conf.Debian +@@ -39,11 +39,11 @@ api_extensions_path = extensions:/usr/lib/python2.7/dist-packages/neutron_plugin + core_plugin = neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2 + + service_plugins = neutron_plugin_contrail.plugins.opencontrail.loadbalancer.v2.plugin.LoadBalancerPluginV2 +-{% elif server.backend.engine == "ml2" %} ++{% elif server.backend.engine in ["ml2", "opendaylight"] %} + + core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin + +-service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.metering.metering_plugin.MeteringPlugin ++service_plugins = {{ server.backend.get('router', 'router')}},metering + {%- if server.lbaas is defined -%},lbaasv2{%- endif -%} + {%- if server.get('qos', 'True') -%},neutron.services.qos.qos_plugin.QoSPlugin{%- endif -%} + {%- if server.get('vlan_aware_vms', False) -%},trunk{%- endif -%} +@@ -835,7 +835,7 @@ allow_headers = {{ server.cors.allow_headers }} + # Deprecated group/name - [DEFAULT]/sql_connection + # Deprecated group/name - [DATABASE]/sql_connection + # Deprecated group/name - [sql]/connection +-{% if server.backend.engine == "ml2" %} ++{% if server.backend.engine in ["ml2", "opendaylight"] %} + connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}?charset=utf8 + {% else %} + connection = sqlite:////var/lib/neutron/neutron.sqlite +@@ -2198,3 +2198,8 @@ service_provider = LOADBALANCERV2:Opencontrail:neutron_plugin_contrail.plugins.o + {% include "neutron/files/"+server.version+"/ContrailPlugin.ini" %} + + {% endif %} ++ ++{%- if server.backend.engine == "opendaylight" %} ++[ovs] ++ovsdb_connection = {{ server.backend.ovsdb_connection }} ++{%- endif %} +diff --git a/neutron/gateway.sls b/neutron/gateway.sls +index a6e6586..ab4bb85 100644 +--- a/neutron/gateway.sls ++++ b/neutron/gateway.sls +@@ -27,6 +27,7 @@ neutron_gateway_packages: + /etc/neutron/dhcp_agent.ini: + file.managed: + - source: salt://neutron/files/{{ gateway.version }}/dhcp_agent.ini ++ - template: jinja + - require: + - pkg: neutron_gateway_packages + +diff --git a/neutron/server.sls b/neutron/server.sls +index 0b3a6be..7a6bd23 100644 +--- a/neutron/server.sls ++++ b/neutron/server.sls +@@ -64,7 +64,7 @@ neutron_server_service: + + {%- endif %} + +-{% if server.backend.engine == "ml2" %} ++{% if server.backend.engine in ["ml2", "opendaylight"] %} + + /etc/neutron/plugins/ml2/ml2_conf.ini: + file.managed: diff --git a/mcp/patches/0002-maas-region-skip-credentials-update.patch b/mcp/patches/0002-maas-region-skip-credentials-update.patch new file mode 100644 index 000000000..f2104e51f --- /dev/null +++ b/mcp/patches/0002-maas-region-skip-credentials-update.patch @@ -0,0 +1,30 @@ +From: Alexandru Avadanii +Date: Sat, 5 Aug 2017 02:03:01 +0200 +Subject: [PATCH] maas: region: skip credentials update + +Password update for maas psql database breaks ulterior acesses +to maas-region syncdb. +For now, limit regiond.conf changes to maas_url, and skip +updating credentials. + +Signed-off-by: Alexandru Avadanii +--- + +diff --git a/maas/region.sls b/maas/region.sls +index d3227ca..8a2243d 100644 +--- a/maas/region.sls ++++ b/maas/region.sls +@@ -6,10 +6,9 @@ + - names: {{ region.pkgs }} + + /etc/maas/regiond.conf: +- file.managed: +- - source: salt://maas/files/regiond.conf +- - template: jinja +- - group: maas ++ file.replace: ++ - pattern: ^maas_url.*$ ++ - repl: "maas_url: http://{{ region.bind.host }}/MAAS" + - require: + - pkg: maas_region_packages + diff --git a/mcp/patches/0002-opendaylight-formula-neutron.patch b/mcp/patches/0002-opendaylight-formula-neutron.patch deleted file mode 100644 index e52d315a5..000000000 --- a/mcp/patches/0002-opendaylight-formula-neutron.patch +++ /dev/null @@ -1,144 +0,0 @@ -From: Michael Polenchuk -Date: Thu, 29 Jun 2017 12:05:25 +0400 -Subject: [PATCH] Bring in opendaylight support - -Change-Id: Ie9073fafccba336f94b1996bd85c98d7a7f5060b - -diff --git a/neutron/files/ocata/dhcp_agent.ini b/neutron/files/ocata/dhcp_agent.ini -index d327e64..ba5f933 100644 ---- a/neutron/files/ocata/dhcp_agent.ini -+++ b/neutron/files/ocata/dhcp_agent.ini -@@ -1,3 +1,8 @@ -+{%- if pillar.neutron.gateway is defined %} -+{%- from "neutron/map.jinja" import gateway as neutron with context %} -+{%- else %} -+{%- from "neutron/map.jinja" import compute as neutron with context %} -+{%- endif %} - [DEFAULT] - - # -@@ -48,6 +53,7 @@ enable_isolated_metadata = True - # this value will force the DHCP server to append specific host routes to the DHCP request. If this option is set, then the metadata service - # will be activated for all the networks. (boolean value) - #force_metadata = false -+{% if neutron.backend.get('router', 'False') %}force_metadata = True{% endif %} - - # Allows for serving metadata requests coming from a dedicated metadata access network whose CIDR is 169.254.169.254/16 (or larger prefix), - # and is connected to a Neutron router from which the VMs send metadata:1 request. In this case DHCP Option 121 will not be injected in VMs, -diff --git a/neutron/files/ocata/ml2_conf.ini b/neutron/files/ocata/ml2_conf.ini -index 0d48951..347eb15 100644 ---- a/neutron/files/ocata/ml2_conf.ini -+++ b/neutron/files/ocata/ml2_conf.ini -@@ -269,3 +269,11 @@ enable_security_group = True - # Use ipset to speed-up the iptables based security groups. Enabling ipset - # support requires that ipset is installed on L2 agent node. (boolean value) - #enable_ipset = true -+ -+{%- if server.backend.engine == "opendaylight" %} -+[ml2_odl] -+port_binding_controller = network-topology -+url = http://{{ server.backend.host }}:{{ server.backend.rest_api_port }}/controller/nb/v2/neutron -+username = {{ server.backend.user }} -+password = {{ server.backend.password }} -+{%- endif %} -diff --git a/neutron/files/ocata/neutron-generic.conf.Debian b/neutron/files/ocata/neutron-generic.conf.Debian -index 0dde78f..05ac805 100644 ---- a/neutron/files/ocata/neutron-generic.conf.Debian -+++ b/neutron/files/ocata/neutron-generic.conf.Debian -@@ -33,11 +33,11 @@ state_path = /var/lib/neutron - #auth_strategy = keystone - auth_strategy = keystone - --{% if neutron.backend.engine == "ml2" %} -+{% if neutron.backend.engine in ["ml2", "opendaylight"] %} - - core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin - --service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.metering.metering_plugin.MeteringPlugin -+service_plugins = {{ neutron.backend.get('router', 'router')}},metering - - {% endif %} - -@@ -2073,3 +2073,8 @@ heartbeat_rate = 2 - # Sets the list of available ciphers. value should be a string in the OpenSSL - # cipher list format. (string value) - #ciphers = -+ -+{%- if neutron.backend.engine == "opendaylight" %} -+[ovs] -+ovsdb_connection = {{ neutron.backend.ovsdb_connection }} -+{%- endif %} -diff --git a/neutron/files/ocata/neutron-server b/neutron/files/ocata/neutron-server -index 54f6ceb..1682ee0 100644 ---- a/neutron/files/ocata/neutron-server -+++ b/neutron/files/ocata/neutron-server -@@ -7,7 +7,7 @@ - # neutron.conf - #NEUTRON_PLUGIN_CONFIG="/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini" - --{%- if server.backend.engine == "ml2" %} -+{%- if server.backend.engine in ["ml2", "opendaylight"] %} - NEUTRON_PLUGIN_CONFIG="/etc/neutron/plugins/ml2/ml2_conf.ini" - {%- endif %} - -diff --git a/neutron/files/ocata/neutron-server.conf.Debian b/neutron/files/ocata/neutron-server.conf.Debian -index 229d342..ac8bdff 100644 ---- a/neutron/files/ocata/neutron-server.conf.Debian -+++ b/neutron/files/ocata/neutron-server.conf.Debian -@@ -39,11 +39,11 @@ api_extensions_path = extensions:/usr/lib/python2.7/dist-packages/neutron_plugin - core_plugin = neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2 - - service_plugins = neutron_plugin_contrail.plugins.opencontrail.loadbalancer.v2.plugin.LoadBalancerPluginV2 --{% elif server.backend.engine == "ml2" %} -+{% elif server.backend.engine in ["ml2", "opendaylight"] %} - - core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin - --service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.metering.metering_plugin.MeteringPlugin -+service_plugins = {{ server.backend.get('router', 'router')}},metering - {%- if server.lbaas is defined -%},lbaasv2{%- endif -%} - {%- if server.get('qos', 'True') -%},neutron.services.qos.qos_plugin.QoSPlugin{%- endif -%} - {%- if server.get('vlan_aware_vms', False) -%},trunk{%- endif -%} -@@ -835,7 +835,7 @@ allow_headers = {{ server.cors.allow_headers }} - # Deprecated group/name - [DEFAULT]/sql_connection - # Deprecated group/name - [DATABASE]/sql_connection - # Deprecated group/name - [sql]/connection --{% if server.backend.engine == "ml2" %} -+{% if server.backend.engine in ["ml2", "opendaylight"] %} - connection = {{ server.database.engine }}+pymysql://{{ server.database.user }}:{{ server.database.password }}@{{ server.database.host }}/{{ server.database.name }}?charset=utf8 - {% else %} - connection = sqlite:////var/lib/neutron/neutron.sqlite -@@ -2198,3 +2198,8 @@ service_provider = LOADBALANCERV2:Opencontrail:neutron_plugin_contrail.plugins.o - {% include "neutron/files/"+server.version+"/ContrailPlugin.ini" %} - - {% endif %} -+ -+{%- if server.backend.engine == "opendaylight" %} -+[ovs] -+ovsdb_connection = {{ server.backend.ovsdb_connection }} -+{%- endif %} -diff --git a/neutron/gateway.sls b/neutron/gateway.sls -index a6e6586..ab4bb85 100644 ---- a/neutron/gateway.sls -+++ b/neutron/gateway.sls -@@ -27,6 +27,7 @@ neutron_gateway_packages: - /etc/neutron/dhcp_agent.ini: - file.managed: - - source: salt://neutron/files/{{ gateway.version }}/dhcp_agent.ini -+ - template: jinja - - require: - - pkg: neutron_gateway_packages - -diff --git a/neutron/server.sls b/neutron/server.sls -index 0b3a6be..7a6bd23 100644 ---- a/neutron/server.sls -+++ b/neutron/server.sls -@@ -64,7 +64,7 @@ neutron_server_service: - - {%- endif %} - --{% if server.backend.engine == "ml2" %} -+{% if server.backend.engine in ["ml2", "opendaylight"] %} - - /etc/neutron/plugins/ml2/ml2_conf.ini: - file.managed: diff --git a/mcp/patches/0003-maas-region-force-artifact-download.patch b/mcp/patches/0003-maas-region-force-artifact-download.patch new file mode 100644 index 000000000..72114bb48 --- /dev/null +++ b/mcp/patches/0003-maas-region-force-artifact-download.patch @@ -0,0 +1,39 @@ +From: Alexandru Avadanii +Date: Sat, 5 Aug 2017 02:03:01 +0200 +Subject: [PATCH] maas: region: force artifact download + +MaaS configuration fails until all required artifacts are in place, +including bootloaders and target images. + +Hack around this by forcing an explicit artifact sync. + +NOTE: This is probably achievable through existing maas salt custom +module (py) and/or minor rework on that. +This fixup should be temporary at best. + +Signed-off-by: Alexandru Avadanii +--- + +diff --git a/maas/region.sls b/maas/region.sls +index d3227ca..8a2243d 100644 +--- a/maas/region.sls ++++ b/maas/region.sls +@@ -109,11 +109,17 @@ + cmd.run: + - name: "maas-region apikey --username {{ region.admin.username }} > /var/lib/maas/.maas_credentials" + ++maas_force_artifact_sync: ++ cmd.run: ++ - name: "maas login {{ region.admin.username }} http://{{ region.bind.host }}/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && while ! grep -qzE '(Unable to probe for DHCP servers|DHCP probe complete).*Rack controller' /var/log/maas/rackd.log; do sleep 5; echo -n '.'; done && maas opnfv boot-resources import && while maas opnfv boot-resources is-importing | grep -q -e 'true'; do sleep 5; echo -n '.'; done && maas opnfv rack-controllers import-boot-images && while ! test -d /var/lib/maas/boot-resources/current/ubuntu; do sleep 5; echo -n '.'; done" ++ - require: ++ - cmd: maas_login_admin ++ + maas_config: + module.run: + - name: maas.process_maas_config + - require: +- - cmd: maas_login_admin ++ - cmd: maas_force_artifact_sync + + maas_commissioning_scripts: + module.run: diff --git a/mcp/patches/patches.list b/mcp/patches/patches.list index 0542433c7..e55e67984 100644 --- a/mcp/patches/patches.list +++ b/mcp/patches/patches.list @@ -1 +1,3 @@ -/usr/share/salt-formulas/env: 0002-opendaylight-formula-neutron.patch +/usr/share/salt-formulas/env: 0001-opendaylight-formula-neutron.patch +/usr/share/salt-formulas/env: 0002-maas-region-skip-credentials-update.patch +/usr/share/salt-formulas/env: 0003-maas-region-force-artifact-download.patch -- cgit 1.2.3-korg