diff --git a/.gitignore b/.gitignore index e723af0493..4f1e56d5d2 100644 --- a/.gitignore +++ b/.gitignore @@ -32,3 +32,7 @@ Gemfile.lock task_graph.png *.log +*-catalog.log.pp +*-spec.log.rb + +.librarian diff --git a/deployment/puppet/openstack/manifests/network.pp b/deployment/puppet/openstack/manifests/network.pp deleted file mode 100644 index 468571e90c..0000000000 --- a/deployment/puppet/openstack/manifests/network.pp +++ /dev/null @@ -1,350 +0,0 @@ -# == Class: openstack::network -# -# Entry points for OpenStack networking services -# -# === Parameters -# -# [*dvr*] -# (optional) Enabled or not Neutron DVR (distributed virtual router) -# Defaults to false -# -# [*l2_population*] -# (optional) Enabled or not ml2 plugin's l2population mechanism driver. -# Defaults to false -# -# [*use_stderr*] -# (optional) Rather or not service should send output to stderr. -# Defaults to true -# -class openstack::network ( - # asdf = {} #Trick to color editor - $network_provider = 'neutron', - $agents = ['ml2-ovs'], # ml2-ovs metadata dhcp l3 - $ha_agents = false, - - $verbose = false, - $debug = false, - $use_syslog = false, - $use_stderr = true, - $syslog_log_facility = 'LOG_USER', - - # ovs - $enable_tunneling = false, - $tunnel_bridge = 'br-tun', - $tunnel_id_ranges = ['20:100'], - $integration_bridge = 'br-int', - $bridge_mappings = [], - $network_vlan_ranges = ['physnet2:1000:2999'], - $local_ip = false, - $tunnel_types = [], - - # dhcp - $net_mtu = undef, - - # ML2 settings - $type_drivers = ['local', 'flat', 'vlan', 'gre', 'vxlan'], - $tenant_network_types = ['flat', 'vlan', 'gre'], - $mechanism_drivers = ['openvswitch', 'linuxbridge'], - $flat_networks = ['*'], - $vxlan_group = '224.0.0.1', - $vni_ranges = ['10:10000'], - - # metadata-agent - $shared_secret, - $metadata_ip = '127.0.0.1', - $isolated_metadata = false, - - # dhcp-agent - $resync_interval = 30, - - # l3-agent - $metadata_port = 8775, - $send_arp_for_ha = 8, - $floating_bridge = 'br-floating', - - # amqp - $queue_provider = 'rabbitmq', - $amqp_user = 'guest', - $amqp_host = ['localhost'], - $amqp_hosts = false, - $amqp_port = '5672', - $amqp_password = 'password', - - # keystone - $admin_password = 'asdf123', - $admin_tenant_name = 'services', - $admin_username = 'neutron', - $auth_uri = 'http://127.0.0.1:5000/v2.0/', - $identity_uri = 'http://127.0.0.1:35357', - $region = 'RegionOne', - $neutron_url = 'http://127.0.0.1:9696', - - # Ceilometer notifications - $ceilometer = false, - - # Nova settings - $private_interface, - $public_interface, - $fixed_range, - $floating_range = false, - $network_manager = 'nova.network.manager.FlatDHCPManager', - $network_config = {}, - $create_networks = true, - $num_networks = 1, - $network_size = 255, - $nameservers = undef, - $enable_nova_net = false, - $integration_bridge = undef, #'br-int' - $nova_neutron = false, #Enable to run nova::network::neutron, usefull for computes and controllers, but not routers - $nova_admin_username = 'nova', - $nova_admin_tenant_name = 'services', - $nova_admin_password = 'secret', - $nova_url = 'http://127.0.0.1:8774/v2', - - # Neutron - $neutron_server = false, - $neutron_db_uri = undef, - $bind_host = '0.0.0.0', - $base_mac = 'fa:16:3e:00:00:00', - $core_plugin = 'neutron.plugins.ml2.plugin.Ml2Plugin', - $service_plugins = ['neutron.services.l3_router.l3_router_plugin.L3RouterPlugin'], - $dvr = false, - $l2_population = false, - $neutron_server_enable = true, - $network_device_mtu = undef, - $service_workers = $::processorcount, - ) -{ - - # All nodes with network functions should have net forwarding. - # Its a requirement for network namespaces to function. - if !defined(Sysctl::Value['net.ipv4.ip_forward']) { - sysctl::value { 'net.ipv4.ip_forward': - value => '1' - } - } else { - Sysctl::Value<| name == 'net.ipv4.ip_forward' |> { - value => '1' - } - } - Sysctl::Value<| name == 'net.ipv4.ip_forward' |> -> Nova_config<||> - - # All nodes with network functions should have these thresholds - # to avoid "Neighbour table overflow" problem - sysctl::value { 'net.ipv4.neigh.default.gc_thresh1': - value => '1024' - } - sysctl::value { 'net.ipv4.neigh.default.gc_thresh2': - value => '2048' - } - sysctl::value { 'net.ipv4.neigh.default.gc_thresh3': - value => '4096' - } - - case $network_provider { - 'nova': { - if is_array($nameservers) { - $nameservers_real = $nameservers - } else { - # Undef to use defaults - $nameservers_real = [undef, undef] - } - class { 'nova::network': - ensure_package => $::openstack_version['nova'], - private_interface => $private_interface, - public_interface => $public_interface, - fixed_range => $fixed_range, - floating_range => $floating_range, - network_manager => $network_manager, - config_overrides => $network_config, # $config_overrides, - create_networks => $create_networks, - num_networks => $num_networks, - network_size => $network_size, - dns1 => $nameservers_real[0], - dns2 => $nameservers_real[1], - enabled => $enable_nova_net, - install_service => $enable_nova_net, - } - #NOTE(aglarendil): lp/1381164 - nova_config {'DEFAULT/force_snat_range': value => '0.0.0.0/0' } - - } # End case nova - - 'neutron': { - - Sysctl::Value<| name == 'net.ipv4.ip_forward' |> -> Neutron_config<||> - class {'::neutron': - verbose => $verbose, - debug => $debug, - use_syslog => $use_syslog, - use_stderr => $use_stderr, - log_facility => $syslog_log_facility, - bind_host => $bind_host, - base_mac => $base_mac, - core_plugin => $core_plugin, - service_plugins => $neutron_server ? {false => undef, default => $service_plugins}, - allow_overlapping_ips => true, - mac_generation_retries => 32, - dhcp_lease_duration => 600, - dhcp_agents_per_network => 2, - report_interval => 10, - rabbit_user => $amqp_user, - rabbit_host => $amqp_host, - rabbit_hosts => $amqp_hosts, - rabbit_port => $amqp_port, - rabbit_password => $amqp_password, - kombu_reconnect_delay => '5.0', - network_device_mtu => $network_device_mtu, - advertise_mtu => true, - } - - if $nova_neutron { - class {'nova::network::neutron': - neutron_admin_password => $admin_password, - neutron_admin_tenant_name => $admin_tenant_name, - neutron_region_name => $region, - neutron_admin_username => $admin_username, - neutron_admin_auth_url => "${identity_uri}/v2.0", - neutron_url => $neutron_url, - neutron_ovs_bridge => $integration_bridge - } - } - - if $neutron_server { - if ! $neutron_db_uri { - fail("You must provide a neutron_db_uri for neutron servers") - } - # Calculating $sync_db in class ::neutron::server: - # $ha_agents for "simple" configurations is false and database should be synced; - # $ha_agents for "HA" configurations may be 'primary' or 'slave'. Database should - # be synced only on primary controller. - class { '::neutron::server': - sync_db => $ha_agents ? {'primary' => true, false => true, default => false}, - - auth_password => $admin_password, - auth_tenant => $admin_tenant_name, - auth_region => $region, - auth_user => $admin_username, - auth_uri => $auth_uri, - identity_uri => $identity_uri, - - database_retry_interval => 2, - database_connection => $neutron_db_uri, - database_max_retries => -1, - - agent_down_time => 30, - allow_automatic_l3agent_failover => true, - - api_workers => $service_workers, - rpc_workers => $service_workers, - - router_distributed => $dvr, - enabled => $neutron_server_enable, - } - - tweaks::ubuntu_service_override { "$::neutron::params::server_service": - package_name => $::neutron::params::server_package ? { - false => $::neutron::params::package_name, - default => $::neutron::params::server_package - } - } - - class { 'neutron::server::notifications': - nova_url => $nova_url, - nova_admin_auth_url => "${identity_uri}/v2.0", - nova_admin_username => $nova_admin_username, - nova_admin_tenant_name => $nova_admin_tenant_name, - nova_admin_password => $nova_admin_password, - nova_region_name => $region, - } - - # In Juno Neutron API ready for answer not yet when server starts. - exec {'waiting-for-neutron-api': - environment => [ - "OS_TENANT_NAME=${admin_tenant_name}", - "OS_USERNAME=${admin_username}", - "OS_PASSWORD=${admin_password}", - "OS_AUTH_URL=${identity_uri}/v2.0", - "OS_REGION_NAME=${region}", - 'OS_ENDPOINT_TYPE=internalURL', - ], - tries => 30, - try_sleep => 4, - command => "bash -c \"neutron net-list --http-timeout=4 \" 2>&1 > /dev/null", - path => '/usr/sbin:/usr/bin:/sbin:/bin', - } - - Service['neutron-server'] -> Exec<| title == 'waiting-for-neutron-api' |> - Exec<| title == 'waiting-for-neutron-api' |> -> Neutron_network<||> - Exec<| title == 'waiting-for-neutron-api' |> -> Neutron_subnet<||> - Exec<| title == 'waiting-for-neutron-api' |> -> Neutron_router<||> - - } - - if $dvr { - $agent_mode = $neutron_server ? { - true => 'dvr_snat', - false => 'dvr', - } - } else { - $agent_mode = 'legacy' - } - - if $use_syslog { - neutron_config { 'DEFAULT/use_syslog_rfc_format': value => true; } - } - - if $ceilometer { - neutron_config { 'DEFAULT/notification_driver': value => 'messaging' } - } - - if $agents { - class {'openstack::network::neutron_agents': - agents => $agents, - ha_agents => $ha_agents, - debug => $debug, - - admin_password => $admin_password, - admin_tenant_name => $admin_tenant_name, - admin_username => $admin_username, - admin_auth_url => "${identity_uri}/v2.0", - auth_region => $region, - - #ovs - tunnel_bridge => $tunnel_bridge, - enable_tunneling => $enable_tunneling, - integration_bridge => $integration_bridge, - tunnel_id_ranges => $tunnel_id_ranges, - tenant_network_types => $tenant_network_types, - network_vlan_ranges => $network_vlan_ranges, - bridge_mappings => $bridge_mappings, - local_ip => $local_ip, - tunnel_types => $tunnel_types, - l2_population => $l2_population, - - #ML2 only - type_drivers => $type_drivers, - mechanism_drivers => $mechanism_drivers, - flat_networks => $flat_networks, - vxlan_group => $vxlan_group, - vni_ranges => $vni_ranges, - - #metadata-agent - shared_secret => $shared_secret, - metadata_ip => $metadata_ip, - isolated_metadata => $isolated_metadata, - - #dhcp-agent - resync_interval => $resync_interval, - net_mtu => $net_mtu, - - #l3-agent - metadata_port => $metadata_port, - send_arp_for_ha => $send_arp_for_ha, - external_network_bridge => $floating_bridge, - agent_mode => $agent_mode, - } - } - } # End case neutron - } # End Case -} diff --git a/deployment/puppet/openstack/manifests/network/create_network.pp b/deployment/puppet/openstack/manifests/network/create_network.pp deleted file mode 100644 index 70cf2a8ce7..0000000000 --- a/deployment/puppet/openstack/manifests/network/create_network.pp +++ /dev/null @@ -1,57 +0,0 @@ -#Not a docstring -define openstack::network::create_network ( - $netdata, - $segmentation_type, - $tenant_name = 'admin', - $fallback_segment_id = 1 - ) -{ - - # FIXME(xarses): clean up sanitization and move business logic to nailgun - - if $segmentation_type in ['vlan', 'gre', 'vxlan'] { - if $netdata['L2']['segment_id'] =~ /^$/ { - $segment_id = $fallback_segment_id - } else { - $segment_id = $netdata['L2']['segment_id'] - } - } - - if $netdata['L3']['floating'] { - $alloc = split($netdata['L3']['floating'], ':') - $allocation_pools = "start=${alloc[0]},end=${alloc[1]}" - } - - if $netdata['L2']['physnet'] { - $physnet = $netdata['L2']['physnet'] - } else { - $physnet = false - } - - notify {"${name} ::: physnet ${physnet}":} - notify {"${name} ::: network_type $segmentation_type":} - notify {"${name} ::: router_ext ${netdata['L2']['router_ext']}":} - notify {"${name} ::: tenant ${netdata['tenant']}":} - notify {"${name} ::: shared ${$netdata['shared']}":} - - neutron_network { $name: - ensure => present, - provider_physical_network => $physnet, - provider_network_type => $segmentation_type, - provider_segmentation_id => $segment_id, - router_external => $netdata['L2']['router_ext'], - tenant_name => $tenant_name, - shared => $netdata['shared'] - } - - neutron_subnet { "${name}__subnet": - ensure => present, - cidr => $netdata['L3']['subnet'], - network_name => $name, - tenant_name => $tenant_name, - gateway_ip => $netdata['L3']['gateway'], - enable_dhcp => $netdata['L3']['enable_dhcp'], - dns_nameservers => $netdata['L3']['nameservers'], - allocation_pools=> $allocation_pools, - } -} diff --git a/deployment/puppet/openstack/manifests/network/create_router.pp b/deployment/puppet/openstack/manifests/network/create_router.pp deleted file mode 100644 index baa05e40a1..0000000000 --- a/deployment/puppet/openstack/manifests/network/create_router.pp +++ /dev/null @@ -1,20 +0,0 @@ -# Not a doc string -define openstack::network::create_router ( - $internal_network, - $external_network, - $tenant_name = 'admin', - $virtual = false, - ) { - - Neutron_subnet <| title == "${external_network}__subnet" |> -> - - neutron_router { $name: - ensure => present, - tenant_name => $tenant_name, - gateway_network_name => $external_network, - } -> - - neutron_router_interface { "${name}:${internal_network}__subnet": - ensure => present, - } -} diff --git a/deployment/puppet/openstack/spec/classes/openstack_compute_spec.rb b/deployment/puppet/openstack/spec/classes/openstack_compute_spec.rb index 45a0ac45c6..94ba0fb32a 100644 --- a/deployment/puppet/openstack/spec/classes/openstack_compute_spec.rb +++ b/deployment/puppet/openstack/spec/classes/openstack_compute_spec.rb @@ -20,7 +20,7 @@ describe 'openstack::compute' do :vncserver_listen => '0.0.0.0', :migration_support => nil, :enabled => true, - :multi_host => false, + :use_vcenter => false, :auto_assign_floating_ip => false, :network_config => [], :public_interface => nil, diff --git a/deployment/puppet/openstack/spec/classes/openstack_network_spec.rb b/deployment/puppet/openstack/spec/classes/openstack_network_spec.rb deleted file mode 100644 index 6a6a1ee8f7..0000000000 --- a/deployment/puppet/openstack/spec/classes/openstack_network_spec.rb +++ /dev/null @@ -1,77 +0,0 @@ -require 'spec_helper' - -describe 'openstack::network' do - - let(:default_params) { { - } } - - let(:params) { { - :auth_uri => 'http://192.168.1.2:5000/v2.0/', - :shared_secret => 'very_secret', - :private_interface => 'eth0', - :public_interface => 'eth1', - :fixed_range => '192.168.1.254/25', - :neutron_server => true, - :neutron_db_uri => 'sqlite:////var/lib/neutron/ovs.sqlite', - :network_provider => 'neutron' - } } - - let :facts do - { :concat_basedir => '/var/lib/puppet/concat', - :fqdn => 'some.host.tld' - } - end - - shared_examples_for 'network configuration' do - let :p do - default_params.merge(params) - end - - - context 'with a default config' do - it 'contains openstack::network' do - should contain_class('openstack::network') - end - # LP#1509007 auth_uri should not be needed if identity_uri provided - it 'contains neutron::server' do - should contain_class('neutron::server').with( - :auth_uri => 'http://192.168.1.2:5000/v2.0/', - ) - end - end - end - - context 'on Debian platforms' do - before do - facts.merge!( - { :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '8', - :hostname => 'hostname.example.com', - :physicalprocessorcount => 2, - :memorysize_mb => 1024, - :openstack_version => {'nova' => 'present' }, - }) - end - - it_configures 'network configuration' - end - - context 'on RedHat platforms' do - before do - facts.merge!( - { :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.6', - :hostname => 'hostname.example.com', - :physicalprocessorcount => 2, - :memorysize_mb => 1024, - :openstack_version => {'nova' => 'present' }, - }) - end - - it_configures 'network configuration' - end - -end - diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/agents/dhcp.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/agents/dhcp.pp new file mode 100644 index 0000000000..2c8a35f872 --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/agents/dhcp.pp @@ -0,0 +1,39 @@ +notice('MODULAR: openstack-network/agents/dhcp.pp') + +$use_neutron = hiera('use_neutron', false) + +class neutron {} +class { 'neutron' :} + +if $use_neutron { + + $debug = hiera('debug', true) + $resync_interval = '30' + $isolated_metadata = try_get_value($neutron_config, 'metadata/isolated_metadata', true) + + $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { }) + $ha_agent = try_get_value($neutron_advanced_config, 'dhcp_agent_ha', true) + + class { 'neutron::agents::dhcp': + debug => $debug, + resync_interval => $resync_interval, + manage_service => true, + enable_isolated_metadata => $isolated_metadata, + dhcp_delete_namespaces => true, + enabled => true, + } + + if $ha_agent { + $primary_controller = hiera('primary_controller') + class { 'cluster::neutron::dhcp' : + primary => $primary_controller, + } + } + + #======================== + package { 'neutron': + name => 'binutils', + ensure => 'installed', + } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/agents/l3.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/agents/l3.pp new file mode 100644 index 0000000000..8a2757686f --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/agents/l3.pp @@ -0,0 +1,59 @@ +notice('MODULAR: openstack-network/agents/l3.pp') + +$use_neutron = hiera('use_neutron', false) + +class neutron {} +class { 'neutron' :} + +$neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { }) +$dvr = pick($neutron_advanced_config['neutron_dvr'], false) + +$role = hiera('role') +$controller = $role in ['controller', 'primary-controller'] +$compute = $role in ['compute'] + +if $use_neutron and ($controller or ($dvr and $compute)) { + $debug = hiera('debug', true) + $metadata_port = '8775' + $network_scheme = hiera('network_scheme', {}) + + if $controller { + if $dvr { + $agent_mode = 'dvr-snat' + } else { + $agent_mode = 'legacy' + } + } else { + # works on copute nodes only if dvr is enabled + $agent_mode = 'dvr' + } + + prepare_network_config($network_scheme) + + $ha_agent = try_get_value($neutron_advanced_config, 'l3_agent_ha', true) + $external_network_bridge = get_network_role_property('neutron/floating', 'interface') + + class { 'neutron::agents::l3': + debug => $debug, + metadata_port => $metadata_port, + external_network_bridge => $external_network_bridge, + manage_service => true, + enabled => true, + router_delete_namespaces => true, + agent_mode => $agent_mode, + } + + if $ha_agent { + $primary_controller = hiera('primary_controller') + cluster::neutron::l3 { 'default-l3' : + primary => $primary_controller, + } + } + + #======================== + package { 'neutron': + name => 'binutils', + ensure => 'installed', + } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/agents/metadata.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/agents/metadata.pp new file mode 100644 index 0000000000..56f24e3a42 --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/agents/metadata.pp @@ -0,0 +1,57 @@ +notice('MODULAR: openstack-network/agents/metadata.pp') + +$use_neutron = hiera('use_neutron', false) + +class neutron {} +class { 'neutron' :} + +if $use_neutron { + $debug = hiera('debug', true) + $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { }) + $ha_agent = try_get_value($neutron_advanced_config, 'metadata_agent_ha', true) + + $auth_region = hiera('region', 'RegionOne') + $service_endpoint = hiera('service_endpoint') + $auth_api_version = 'v2.0' + $admin_identity_uri = "http://${service_endpoint}:35357" + $admin_auth_url = "${admin_identity_uri}/${auth_api_version}" + + $neutron_config = hiera_hash('neutron_config') + + $keystone_user = try_get_value($neutron_config, 'keystone/admin_user', 'neutron') + $keystone_tenant = try_get_value($neutron_config, 'keystone/admin_tenant', 'services') + $neutron_user_password = try_get_value($neutron_config, 'keystone/admin_password') + + $shared_secret = try_get_value($neutron_config, 'metadata/metadata_proxy_shared_secret') + + $management_vip = hiera('management_vip') + $nova_endpoint = hiera('nova_endpoint', $management_vip) + + class { 'neutron::agents::metadata': + debug => $debug, + auth_region => $auth_region, + auth_url => $admin_auth_url, + auth_user => $keystone_user, + auth_tenant => $keystone_tenant, + auth_password => $neutron_user_password, + shared_secret => $shared_secret, + metadata_ip => $nova_endpoint, + manage_service => true, + enabled => true, + + } + + if $ha_agent { + $primary_controller = hiera('primary_controller') + class { 'cluster::neutron::metadata' : + primary => $primary_controller, + } + } + + #======================== + package { 'neutron': + name => 'binutils', + ensure => 'installed', + } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/common-config.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/common-config.pp new file mode 100644 index 0000000000..c1c1bd8282 --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/common-config.pp @@ -0,0 +1,111 @@ +notice('MODULAR: openstack-network/common-config.pp') + +$use_neutron = hiera('use_neutron', false) + +if $use_neutron { + + $openstack_network_hash = hiera_hash('openstack_network', { }) + $neutron_config = hiera_hash('neutron_config') + + $core_plugin = 'neutron.plugins.ml2.plugin.Ml2Plugin' + $service_plugins = [ + 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin', + 'neutron.services.metering.metering_plugin.MeteringPlugin', + ] + + $rabbit_hash = hiera_hash('rabbit_hash', { }) + $ceilometer_hash = hiera_hash('ceilometer', { }) + $network_scheme = hiera_hash('network_scheme') + + $verbose = pick($openstack_network_hash['verbose'], hiera('verbose', true)) + $debug = pick($openstack_network_hash['debug'], hiera('debug', true)) + $use_syslog = hiera('use_syslog', true) + $use_stderr = hiera('use_stderr', false) + $log_facility = hiera('syslog_log_facility_neutron', 'LOG_LOCAL4') + + prepare_network_config($network_scheme) + $bind_host = get_network_role_property('neutron/api', 'ipaddr') + + $base_mac = $neutron_config['L2']['base_mac'] + $use_ceilometer = $ceilometer_hash['enabled'] + $amqp_hosts = split(hiera('amqp_hosts', ''), ',') + $amqp_user = $rabbit_hash['user'] + $amqp_password = $rabbit_hash['password'] + + $segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type') + + $nets = $neutron_config['predefined_networks'] + + if $segmentation_type == 'vlan' { + $net_role_property = 'neutron/private' + $iface = get_network_role_property($net_role_property, 'phys_dev') + $mtu_for_virt_network = pick(get_transformation_property('mtu', $iface[0]), '1500') + $overlay_net_mtu = $mtu_for_virt_network + } else { + $net_role_property = 'neutron/mesh' + $tunneling_ip = get_network_role_property($net_role_property, 'ipaddr') + $iface = get_network_role_property($net_role_property, 'phys_dev') + $physical_net_mtu = pick(get_transformation_property('mtu', $iface[0]), '1500') + + if $segmentation_type == 'gre' { + $mtu_offset = '42' + } else { + # vxlan is the default segmentation type for non-vlan cases + $mtu_offset = '50' + } + + if $physical_net_mtu { + $overlay_net_mtu = $physical_net_mtu - $mtu_offset + } else { + $overlay_net_mtu = '1500' - $mtu_offset + } + + } + + class { 'neutron' : + verbose => $verbose, + debug => $debug, + use_syslog => $use_syslog, + use_stderr => $use_stderr, + log_facility => $log_facility, + bind_host => $bind_host, + base_mac => $base_mac, + core_plugin => $core_plugin, + service_plugins => $service_plugins, + allow_overlapping_ips => true, + mac_generation_retries => '32', + dhcp_lease_duration => '600', + dhcp_agents_per_network => '2', + report_interval => '10', + rabbit_user => $amqp_user, + rabbit_hosts => $amqp_hosts, + rabbit_password => $amqp_password, + kombu_reconnect_delay => '5.0', + network_device_mtu => $overlay_net_mtu, + advertise_mtu => true, + } + + if $use_syslog { + neutron_config { 'DEFAULT/use_syslog_rfc_format': value => true; } + } + + if $use_ceilometer { + neutron_config { 'DEFAULT/notification_driver': value => 'messaging' } + } + +} + +### SYSCTL ### + +# All nodes with network functions should have net forwarding. +# Its a requirement for network namespaces to function. +sysctl::value { 'net.ipv4.ip_forward': value => '1' } + +# All nodes with network functions should have these thresholds +# to avoid "Neighbour table overflow" problem +sysctl::value { 'net.ipv4.neigh.default.gc_thresh1': value => '1024' } +sysctl::value { 'net.ipv4.neigh.default.gc_thresh2': value => '2048' } +sysctl::value { 'net.ipv4.neigh.default.gc_thresh3': value => '4096' } + +Sysctl::Value <| |> -> Nova_config <||> +Sysctl::Value <| |> -> Neutron_config <||> diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/compute-nova.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/compute-nova.pp new file mode 100644 index 0000000000..3fdd4b331b --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/compute-nova.pp @@ -0,0 +1,267 @@ +notice('MODULAR: openstack-network/compute-nova.pp') + +$use_neutron = hiera('use_neutron', false) + +if $use_neutron { + include nova::params + $neutron_config = hiera_hash('neutron_config') + $neutron_integration_bridge = 'br-int' + $nova_hash = hiera_hash('nova') + $libvirt_vif_driver = pick($nova_hash['libvirt_vif_driver'], 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver') + + $management_vip = hiera('management_vip') + $service_endpoint = hiera('service_endpoint', $management_vip) + $neutron_endpoint = hiera('neutron_endpoint', $management_vip) + $admin_password = try_get_value($neutron_config, 'keystone/admin_password') + $admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services') + $admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron') + $region_name = hiera('region', 'RegionOne') + $auth_api_version = 'v2.0' + $admin_identity_uri = "http://${service_endpoint}:35357" + $admin_auth_url = "${admin_identity_uri}/${auth_api_version}" + $neutron_url = "http://${neutron_endpoint}:9696" + + service { 'libvirt' : + ensure => 'running', + enable => true, + # Workaround for bug LP #1469308 + # also service name for Ubuntu and Centos is the same. + name => 'libvirtd', + provider => $nova::params::special_service_provider, + } + + exec { 'destroy_libvirt_default_network': + command => 'virsh net-destroy default', + onlyif => 'virsh net-info default | grep -qE "Active:.* yes"', + path => [ '/bin', '/sbin', '/usr/bin', '/usr/sbin' ], + tries => 3, + require => Service['libvirt'], + } + + exec { 'undefine_libvirt_default_network': + command => 'virsh net-undefine default', + onlyif => 'virsh net-info default 2>&1 > /dev/null', + path => [ '/bin', '/sbin', '/usr/bin', '/usr/sbin' ], + tries => 3, + require => Exec['destroy_libvirt_default_network'], + } + + Service['libvirt'] ~> Exec['destroy_libvirt_default_network'] + + # script called by qemu needs to manipulate the tap device + file_line { 'clear_emulator_capabilities': + path => '/etc/libvirt/qemu.conf', + line => 'clear_emulator_capabilities = 0', + notify => Service['libvirt'] + } + + file_line { 'no_qemu_selinux': + path => '/etc/libvirt/qemu.conf', + line => 'security_driver = "none"', + notify => Service['libvirt'] + } + + class { 'nova::compute::neutron': + libvirt_vif_driver => $libvirt_vif_driver, + } + + nova_config { + 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver'; + 'DEFAULT/linuxnet_ovs_integration_bridge': value => $neutron_integration_bridge; + 'DEFAULT/network_device_mtu': value => '65000'; + } + + class { 'nova::network::neutron' : + neutron_admin_password => $admin_password, + neutron_admin_tenant_name => $admin_tenant_name, + neutron_region_name => $region_name, + neutron_admin_username => $admin_username, + neutron_admin_auth_url => $admin_auth_url, + neutron_url => $neutron_url, + neutron_ovs_bridge => $neutron_integration_bridge, + } + + augeas { 'sysctl-net.bridge.bridge-nf-call-arptables': + context => '/files/etc/sysctl.conf', + changes => "set net.bridge.bridge-nf-call-arptables '1'", + before => Service['libvirt'], + } + augeas { 'sysctl-net.bridge.bridge-nf-call-iptables': + context => '/files/etc/sysctl.conf', + changes => "set net.bridge.bridge-nf-call-iptables '1'", + before => Service['libvirt'], + } + augeas { 'sysctl-net.bridge.bridge-nf-call-ip6tables': + context => '/files/etc/sysctl.conf', + changes => "set net.bridge.bridge-nf-call-ip6tables '1'", + before => Service['libvirt'], + } + + # We need to restart nova-compute service in orderto apply new settings + # nova-compute must not be restarted until integration bridge is created by + # Neutron L2 agent. + # The reason is described here https://bugs.launchpad.net/fuel/+bug/1477475 + exec { 'wait-for-int-br': + command => "ovs-vsctl br-exists $neutron_integration_bridge", + path => [ '/sbin', '/bin', '/usr/bin', '/usr/sbin' ], + try_sleep => 6, + tries => 10, + } + Exec['wait-for-int-br'] -> Service['nova-compute'] + service { 'nova-compute': + ensure => 'running', + name => $::nova::params::compute_service_name, + } + Nova_config<| |> ~> Service['nova-compute'] + + if($::operatingsystem == 'Ubuntu') { + tweaks::ubuntu_service_override { 'nova-network': + package_name => 'nova-network', + } + } + +} else { + + $network_scheme = hiera('network_scheme', { }) + prepare_network_config($network_scheme) + + $nova_hash = hiera_hash('nova_hash', { }) + $bind_address = get_network_role_property('nova/api', 'ipaddr') + $public_int = get_network_role_property('public/vip', 'interface') + $private_interface = get_network_role_property('nova/private', 'interface') + $public_interface = $public_int ? { undef=>'', default => $public_int } + $auto_assign_floating_ip = hiera('auto_assign_floating_ip', false) + $nova_rate_limits = hiera('nova_rate_limits') + $network_size = hiera('network_size', undef) + $network_manager = hiera('network_manager', undef) + $network_config = hiera('network_config', { }) + $create_networks = true + $num_networks = hiera('num_networks', '1') + $novanetwork_params = hiera('novanetwork_parameters') + $fixed_range = hiera('fixed_network_range') + $use_vcenter = hiera('use_vcenter', false) + $enabled_apis = 'metadata' + $dns_nameservers = hiera_array('dns_nameservers', []) + + if ! $fixed_range { + fail('Must specify the fixed range when using nova-networks') + } + + if $use_vcenter { + $enable_nova_net = false + nova_config { + 'DEFAULT/multi_host': value => 'False'; + 'DEFAULT/send_arp_for_ha': value => 'False'; + } + } else { + include keystone::python + + Nova_config<| |> -> Service['nova-network'] + + case $::osfamily { + 'RedHat': { + $pymemcache_package_name = 'python-memcached' + } + 'Debian': { + $pymemcache_package_name = 'python-memcache' + } + default: { + fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem},\ + module ${module_name} only support osfamily RedHat and Debian") + } + } + + if !defined(Package[$pymemcache_package_name]) { + package { $pymemcache_package_name: + ensure => 'present', + } -> + Nova::Generic_service <| title == 'api' |> + } + + class { 'nova::api': + ensure_package => 'installed', + enabled => true, + admin_tenant_name => $admin_tenant_name, + admin_user => 'nova', + admin_password => $nova_hash['user_password'], + enabled_apis => $enabled_apis, + api_bind_address => $bind_address, + ratelimits => $nova_rate_limits, + # NOTE(bogdando) 1 api worker for compute node is enough + osapi_compute_workers => '1', + } + + if $::operatingsystem == 'Ubuntu' { + tweaks::ubuntu_service_override { 'nova-api': + package_name => 'nova-api', + } + } + + nova_config { + 'DEFAULT/multi_host' : value => 'True'; + 'DEFAULT/send_arp_for_ha' : value => 'True'; + 'DEFAULT/metadata_host' : value => $bind_address; + } + + if ! $public_interface { + fail('public_interface must be defined for multi host compute nodes') + } + + $enable_nova_net = true + + if $auto_assign_floating_ip { + nova_config { 'DEFAULT/auto_assign_floating_ip': value => 'True' } + } + } + +# Stub for networking-refresh that is needed by Nova::Network/Nova::Generic_service[network] +# We do not need it due to l23network is doing all stuff +# BTW '/sbin/ifdown -a ; /sbin/ifup -a' does not work on CentOS + exec { 'networking-refresh': + command => '/bin/echo "networking-refresh has been refreshed"', + refreshonly => true, + } + +# Stubs for nova_paste_api_ini + exec { 'post-nova_config': + command => '/bin/echo "Nova config has changed"', + refreshonly => true, + } + +# Stubs for nova_network + file { '/etc/nova/nova.conf': + ensure => 'present', + } + +# Stubs for nova-api + package { 'nova-common': + name => 'binutils', + ensure => 'installed', + } + + if $::operatingsystem == 'Ubuntu' { + tweaks::ubuntu_service_override { 'nova-network': + package_name => 'nova-network', + } + } + + class { 'nova::network': + ensure_package => 'installed', + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + floating_range => false, + network_manager => $network_manager, + config_overrides => $network_config, + create_networks => $create_networks, + num_networks => $num_networks, + network_size => $network_size, + dns1 => $dns_nameservers[0], + dns2 => $dns_nameservers[1], + enabled => $enable_nova_net, + install_service => $enable_nova_net, + } +#NOTE(aglarendil): lp/1381164 + nova_config { 'DEFAULT/force_snat_range': value => '0.0.0.0/0' } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/db.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/db.pp index 626ce08a16..8cdbae15b8 100644 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/db.pp +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/db.pp @@ -46,11 +46,13 @@ if $use_neutron and $db_create { } Class['galera::client'] -> - Class['osnailyfacter::mysql_access'] -> - Class['neutron::db::mysql'] + Class['osnailyfacter::mysql_access'] -> + Class['neutron::db::mysql'] } +# =========================================================================== + class mysql::config {} include mysql::config class mysql::server {} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/networks.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/networks.pp new file mode 100644 index 0000000000..0973bdb5c8 --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/networks.pp @@ -0,0 +1,89 @@ +notice('MODULAR: openstack-network/networks.pp') + +$use_neutron = hiera('use_neutron', false) + +if $use_neutron { + + $access_hash = hiera('access', { }) + $keystone_admin_tenant = $access_hash['tenant'] + $neutron_config = hiera_hash('neutron_config') + $segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type') + + $nets = $neutron_config['predefined_networks'] + + if $segmentation_type == 'vlan' { + $network_type = 'vlan' + $segmentation_id_range = split(try_get_value($neutron_config, 'L2/phys_nets/physnet2/vlan_range', ''), ':') + } elsif $segmentation_type == 'gre' { + $network_type = 'gre' + $segmentation_id_range = split(try_get_value($neutron_config, 'L2/tunnel_id_ranges', ''), ':') + } else { + $network_type = 'vxlan' + $segmentation_id_range = split(try_get_value($neutron_config, 'L2/tunnel_id_ranges', ''), ':') + } + + $fallback_segment_id = $segmentation_id_range[0] + + $net04_ext_segment_id = try_get_value($nets, 'net04_ext/L2/segment_id', $fallback_segment_id) + $net04_segment_id = try_get_value($nets, 'net04/L2/segment_id', $fallback_segment_id) + + $net04_ext_floating_range = split(try_get_value($nets, 'net04_ext/L3/floating', ''), ':') + $net04_floating_range = split(try_get_value($nets, 'net04/L3/floating', ''), ':') + + if !empty($net04_ext_floating_range) { + $net04_ext_floating_range_start = $net04_ext_floating_range[0] + $net04_ext_floating_range_end = $net04_ext_floating_range[1] + $net04_ext_allocation_pool = "start=${net04_ext_floating_range_start},end=${net04_ext_floating_range_end}" + } + + $net04_ext_physnet = try_get_value($nets, 'net04_ext/L2/physnet', false) + $net04_physnet = try_get_value($nets, 'net04/L2/physnet', false) + + $net04_ext_router_external = try_get_value($nets, 'net04_ext/L2/router_ext') + $net04_router_external = false + + $net04_ext_shared = try_get_value($nets, 'net04_ext/shared', false) + $net04_shared = false + + $tenant_name = try_get_value($access_hash, 'tenant', 'admin') + + neutron_network { 'net04_ext' : + ensure => 'present', + provider_physical_network => $net04_ext_physnet, + provider_network_type => 'local', + router_external => $net04_ext_router_external, + tenant_name => $tenant_name, + shared => $net04_ext_shared + } -> + + neutron_subnet { 'net04_ext__subnet' : + ensure => 'present', + cidr => try_get_value($nets, 'net04_ext/L3/subnet'), + network_name => 'net04_ext', + tenant_name => $tenant_name, + gateway_ip => try_get_value($nets, 'net04_ext/L3/gateway'), + enable_dhcp => false, + allocation_pools => $net04_ext_allocation_pool, + } + + neutron_network { 'net04' : + ensure => 'present', + provider_physical_network => $net04_physnet, + provider_network_type => $network_type, + provider_segmentation_id => $net04_segment_id, + router_external => $net04_router_external, + tenant_name => $tenant_name, + shared => $net04_shared + } -> + + neutron_subnet { 'net04__subnet' : + ensure => 'present', + cidr => try_get_value($nets, 'net04/L3/subnet'), + network_name => 'net04', + tenant_name => $tenant_name, + gateway_ip => try_get_value($nets, 'net04/L3/gateway'), + enable_dhcp => true, + dns_nameservers => try_get_value($nets, 'net04/L3/nameservers'), + } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp deleted file mode 100644 index 7693239e4c..0000000000 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp +++ /dev/null @@ -1,422 +0,0 @@ -notice('MODULAR: openstack-network-compute.pp') - -$network_scheme = hiera('network_scheme', {}) -prepare_network_config($network_scheme) -$use_neutron = hiera('use_neutron', false) -$nova_hash = hiera_hash('nova_hash', {}) -$bind_address = get_network_role_property('nova/api', 'ipaddr') -$management_vip = hiera('management_vip') -$service_endpoint = hiera('service_endpoint') -$public_int = get_network_role_property('ex', 'interface') # will be removed eventually with nova-network code -$auto_assign_floating_ip = hiera('auto_assign_floating_ip', false) -$rabbit_hash = hiera_hash('rabbit_hash', {}) -$neutron_endpoint = hiera('neutron_endpoint', $management_vip) -$region = hiera('region', 'RegionOne') -$openstack_network_hash = hiera_hash('openstack_network', {}) - -$floating_hash = {} - -if $use_neutron { - $network_provider = 'neutron' - $novanetwork_params = {} - $neutron_config = hiera_hash('quantum_settings') - $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', {}) - $neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret'] - $base_mac = $neutron_config['L2']['base_mac'] - # Neutron Keystone settings - $neutron_user_password = $neutron_config['keystone']['admin_password'] - $keystone_user = pick($neutron_config['keystone']['admin_user'], 'neutron') - $keystone_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services') -} else { - $network_provider = 'nova' - $floating_ips_range = hiera('floating_network_range') - $neutron_config = {} - $novanetwork_params = hiera('novanetwork_parameters') -} -$fixed_range = $use_neutron ? { true=>false, default=>hiera('fixed_network_range')} - -if hiera('use_vcenter', false) { - $multi_host = false -} else { - $multi_host = true -} - -$openstack_version = { - 'keystone' => 'installed', - 'glance' => 'installed', - 'horizon' => 'installed', - 'nova' => 'installed', - 'novncproxy' => 'installed', - 'cinder' => 'installed', -} - -$enabled_apis = 'metadata' -$public_interface = $public_int ? { undef=>'', default=>$public_int} -$libvirt_vif_driver = pick($nova_hash['libvirt_vif_driver'], 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver') -$neutron_integration_bridge = 'br-int' -$neutron_settings = $neutron_config - -# if the compute node should be configured as a multi-host -# compute installation -if $network_provider == 'nova' { - - if ! $fixed_range { - fail('Must specify the fixed range when using nova-networks') - } - - if $multi_host { - include keystone::python - - Nova_config<| |> -> Service['nova-network'] - - case $::osfamily { - 'RedHat': { - $pymemcache_package_name = 'python-memcached' - } - 'Debian': { - $pymemcache_package_name = 'python-memcache' - } - default: { - fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem},\ - module ${module_name} only support osfamily RedHat and Debian") - } - } - if !defined(Package[$pymemcache_package_name]) { - package { $pymemcache_package_name: - ensure => present, - } -> - Nova::Generic_service <| title == 'api' |> - } - - class { 'nova::api': - ensure_package => $openstack_version['nova'], - enabled => true, - admin_tenant_name => 'services', - admin_user => 'nova', - admin_password => $nova_hash[user_password], - enabled_apis => $enabled_apis, - api_bind_address => $bind_address, - ratelimits => hiera('nova_rate_limits'), - # NOTE(bogdando) 1 api worker for compute node is enough - osapi_compute_workers => 1, - } - - if($::operatingsystem == 'Ubuntu') { - tweaks::ubuntu_service_override { 'nova-api': - package_name => 'nova-api', - } - } - - nova_config { - 'DEFAULT/multi_host': value => 'True'; - 'DEFAULT/send_arp_for_ha': value => 'True'; - 'DEFAULT/metadata_host': value => $bind_address; - } - - if ! $public_interface { - fail('public_interface must be defined for multi host compute nodes') - } - - $enable_network_service = true - - if $auto_assign_floating_ip { - nova_config { 'DEFAULT/auto_assign_floating_ip': value => 'True' } - } - } else { - $enable_network_service = false - - nova_config { - 'DEFAULT/multi_host': value => 'False'; - 'DEFAULT/send_arp_for_ha': value => 'False'; - } - } - - # From legacy network.pp - # I don't think this is applicable to Folsom... - # If it is, the details will need changed. -jt - if hiera('network_manager', undef) == 'nova.network.neutron.manager.NeutronManager' { - $parameters = { fixed_range => $fixed_range, - public_interface => $public_interface, - } - $resource_parameters = merge($_config_overrides, $parameters) - $neutron_resource = { 'nova::network::neutron' => $resource_parameters } - create_resources('class', $neutron_resource) - } - - # Stub for networking-refresh that is needed by Nova::Network/Nova::Generic_service[network] - # We do not need it due to l23network is doing all stuff - # BTW '/sbin/ifdown -a ; /sbin/ifup -a' does not work on CentOS - exec { 'networking-refresh': - command => '/bin/echo "networking-refresh has been refreshed"', - refreshonly => true, - } - - # Stubs for nova_paste_api_ini - exec { 'post-nova_config': - command => '/bin/echo "Nova config has changed"', - refreshonly => true, - } - # Stubs for nova_network - file { '/etc/nova/nova.conf': - ensure => 'present', - } - # Stubs for nova-api - package { 'nova-common': - name => 'binutils', - ensure => 'installed', - } - -} else { - # Neutron - include ::nova::params - - service { 'libvirt' : - ensure => running, - enable => true, - # Workaround for bug LP #1469308 - # also service name for Ubuntu and Centos is the same. - name => 'libvirtd', - provider => $::nova::params::special_service_provider, - } - - exec { 'destroy_libvirt_default_network': - command => 'virsh net-destroy default', - onlyif => 'virsh net-info default | grep -qE "Active:.* yes"', - path => [ '/bin', '/sbin', '/usr/bin', '/usr/sbin' ], - tries => 3, - require => Service['libvirt'], - } - - exec { 'undefine_libvirt_default_network': - command => 'virsh net-undefine default', - onlyif => 'virsh net-info default 2>&1 > /dev/null', - path => [ '/bin', '/sbin', '/usr/bin', '/usr/sbin' ], - tries => 3, - require => Exec['destroy_libvirt_default_network'], - } - - Service['libvirt'] ~> Exec['destroy_libvirt_default_network'] - - # script called by qemu needs to manipulate the tap device - file_line { 'clear_emulator_capabilities': - path => '/etc/libvirt/qemu.conf', - line => 'clear_emulator_capabilities = 0', - notify => Service['libvirt'] - } - - file_line { 'no_qemu_selinux': - path => '/etc/libvirt/qemu.conf', - line => 'security_driver = "none"', - notify => Service['libvirt'] - } - - class { 'nova::compute::neutron': - libvirt_vif_driver => $libvirt_vif_driver, - } - - nova_config { - 'DEFAULT/linuxnet_interface_driver': value => 'nova.network.linux_net.LinuxOVSInterfaceDriver'; - 'DEFAULT/linuxnet_ovs_integration_bridge': value => $neutron_integration_bridge; - 'DEFAULT/network_device_mtu': value => '65000'; - } - - augeas { 'sysctl-net.bridge.bridge-nf-call-arptables': - context => '/files/etc/sysctl.conf', - changes => "set net.bridge.bridge-nf-call-arptables '1'", - before => Service['libvirt'], - } - augeas { 'sysctl-net.bridge.bridge-nf-call-iptables': - context => '/files/etc/sysctl.conf', - changes => "set net.bridge.bridge-nf-call-iptables '1'", - before => Service['libvirt'], - } - augeas { 'sysctl-net.bridge.bridge-nf-call-ip6tables': - context => '/files/etc/sysctl.conf', - changes => "set net.bridge.bridge-nf-call-ip6tables '1'", - before => Service['libvirt'], - } - - # We need to restart nova-compute service in orderto apply new settings - service { 'nova-compute': - ensure => 'running', - name => $::nova::params::compute_service_name, - } - Nova_config<| |> ~> Service['nova-compute'] -} - -####### Disable upstart startup on install ####### -if($::operatingsystem == 'Ubuntu') { - tweaks::ubuntu_service_override { 'nova-network': - package_name => 'nova-network', - } -} - -######## [Nova|Neutron] Network ######## -if $network_provider == 'neutron' { - - # FIXME(xarses) Nearly everything between here and the class - # should be moved into osnaily or nailgun but will stay here - # in the interim. - - $pnets = $neutron_settings['L2']['phys_nets'] - if $pnets['physnet1'] { - $physnet1 = "physnet1:${pnets['physnet1']['bridge']}" - notify{ $physnet1:} - } - if $pnets['physnet2'] { - $physnet2 = "physnet2:${pnets['physnet2']['bridge']}" - notify{ $physnet2:} - if $pnets['physnet2']['vlan_range'] { - $vlan_range = ["physnet2:${pnets['physnet2']['vlan_range']}"] - $fallback = split($pnets['physnet2']['vlan_range'], ':') - notify{ $vlan_range:} - } - } else { - $vlan_range = [] - } - - if $physnet1 and $physnet2 { - $bridge_mappings = [$physnet1, $physnet2] - } elsif $physnet1 { - $bridge_mappings = [$physnet1] - } elsif $physnet2 { - $bridge_mappings = [$physnet2] - } else { - $bridge_mappings = [] - } - - $floating_bridge = get_network_role_property('neutron/floating', 'interface') - $segmentation_type = $neutron_settings['L2']['segmentation_type'] - - if $segmentation_type != 'vlan' { - # tunneling_mode - $net_role_property = 'neutron/mesh' - $tunneling_ip = get_network_role_property($net_role_property, 'ipaddr') - $iface = get_network_role_property($net_role_property, 'phys_dev') - $phys_net_mtu = get_transformation_property('mtu', $iface[0]) - $enable_tunneling = true - if $segmentation_type == 'gre' { - $network_type = 'gre' - $mtu_offset = 42 - } else { - $network_type = 'vxlan' - $mtu_offset = 50 - } - if $phys_net_mtu { - $overlay_net_mtu = $phys_net_mtu - $mtu_offset - } else { - $overlay_net_mtu = 1500 - $mtu_offset - } - $tunnel_types = [$network_type] - $tenant_network_types = ['flat', 'vlan', $network_type] - $tunnel_id_ranges = [$neutron_config['L2']['tunnel_id_ranges']] - } else { - # vlan_mode - $net_role_property = 'neutron/private' - $iface = get_network_role_property($net_role_property, 'phys_dev') - $phys_net_mtu = get_transformation_property('mtu', $iface[0]) - $overlay_net_mtu = pick($phys_net_mtu, 1500) - $enable_tunneling = false - $network_type = 'vlan' - $tenant_network_types = ['flat', 'vlan'] - $tunnel_types = [] - $tunneling_ip = false - $tunnel_id_ranges = [] - } - - notify{ $tunnel_id_ranges:} - if $neutron_settings['L2']['mechanism_drivers'] { - $mechanism_drivers = split($neutron_settings['L2']['mechanism_drivers'], ',') - } else { - $mechanism_drivers = ['openvswitch', 'l2population'] - } - - # by default we use ML2 plugin - $core_plugin = 'neutron.plugins.ml2.plugin.Ml2Plugin' - $agent = 'ml2-ovs' - - $dvr = pick($neutron_advanced_config['neutron_dvr'], false) - $l2_population = pick($neutron_advanced_config['neutron_l2_pop'], false) - - if $dvr { - $agents = [$agent, 'l3' , 'metadata'] - } - else { - $agents = [$agent] - } - - exec { 'wait-for-int-br': - command => "ovs-vsctl br-exists $neutron_integration_bridge", - path => [ '/sbin', '/bin', '/usr/bin', '/usr/sbin' ], - try_sleep => 5, - tries => 10, - } - - Class['Openstack::Network'] -> Exec['wait-for-int-br'] -> Service['nova-compute'] -} - -class { 'openstack::network': - network_provider => $network_provider, - agents => $agents, - nova_neutron => true, - net_mtu => pick($phys_net_mtu, 1500), - network_device_mtu => $overlay_net_mtu, - - base_mac => $base_mac, - core_plugin => $core_plugin, - service_plugins => undef, - dvr => $dvr, - l2_population => $l2_population, - - # ovs - mechanism_drivers => $mechanism_drivers, - local_ip => $tunneling_ip, - bridge_mappings => $bridge_mappings, - network_vlan_ranges => $vlan_range, - enable_tunneling => $enable_tunneling, - tunnel_id_ranges => $tunnel_id_ranges, - vni_ranges => $tunnel_id_ranges, - tunnel_types => $tunnel_types, - tenant_network_types => $tenant_network_types, - - verbose => pick($openstack_network_hash['verbose'], true), - debug => pick($openstack_network_hash['debug'], hiera('debug', true)), - use_syslog => hiera('use_syslog', true), - use_stderr => hiera('use_stderr', false), - syslog_log_facility => hiera('syslog_log_facility_neutron', 'LOG_LOCAL4'), - - floating_bridge => $floating_bridge, - - # queue settings - queue_provider => hiera('queue_provider', 'rabbitmq'), - amqp_hosts => split(hiera('amqp_hosts', ''), ','), - amqp_user => $rabbit_hash['user'], - amqp_password => $rabbit_hash['password'], - - # keystone - admin_password => $neutron_user_password, - identity_uri => "http://${service_endpoint}:35357", - neutron_url => "http://${neutron_endpoint}:9696", - admin_tenant_name => $keystone_tenant, - admin_username => $keystone_user, - region => $region, - - # metadata - shared_secret => $neutron_metadata_proxy_secret, - metadata_ip => $service_endpoint, - - integration_bridge => $neutron_integration_bridge, - - # nova settings - private_interface => $use_neutron ? { true=>false, default=>hiera('private_int')}, - public_interface => hiera('public_int', undef), - fixed_range => $use_neutron ? { true =>false, default =>hiera('fixed_network_range')}, - floating_range => $use_neutron ? { true =>$floating_hash, default =>false}, - network_manager => hiera('network_manager', undef), - network_config => hiera('network_config', {}), - create_networks => $create_networks, - num_networks => hiera('num_networks', undef), - network_size => hiera('network_size', undef), - nameservers => hiera('dns_nameservers', undef), - enable_nova_net => $enable_network_service, -} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute_post.rb b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute_post.rb deleted file mode 100644 index 039be1bd5b..0000000000 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute_post.rb +++ /dev/null @@ -1,3 +0,0 @@ -require File.join File.dirname(__FILE__), '../test_common.rb' - -#TODO: test for neutron or nova-network processes depending on network provider diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute_pre.rb b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute_pre.rb deleted file mode 100644 index 50752d1569..0000000000 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute_pre.rb +++ /dev/null @@ -1,8 +0,0 @@ -require File.join File.dirname(__FILE__), '../test_common.rb' - -class OpenStackNetworkComputePreTest < Test::Unit::TestCase - def test_keystone_backend_online - assert TestCommon::HAProxy.backend_up?('keystone-1'), 'Haproxy keystone-1 backend is down!' - assert TestCommon::HAProxy.backend_up?('keystone-2'), 'Haproxy keystone-2 backend is down!' - end -end diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp deleted file mode 100644 index dc2beb4ec0..0000000000 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp +++ /dev/null @@ -1,314 +0,0 @@ -notice('MODULAR: openstack-network-controller.pp') - -$use_neutron = hiera('use_neutron', false) -$primary_controller = hiera('primary_controller') -$access_hash = hiera('access', {}) -$rabbit_hash = hiera_hash('rabbit_hash', {}) -$management_vip = hiera('management_vip') -$service_endpoint = hiera('service_endpoint') -$nova_hash = hiera_hash('nova', {}) -$ceilometer_hash = hiera('ceilometer',{}) -$network_scheme = hiera('network_scheme', {}) -$nova_endpoint = hiera('nova_endpoint', $management_vip) -$neutron_endpoint = hiera('neutron_endpoint', $management_vip) -$region = hiera('region', 'RegionOne') -$openstack_network_hash = hiera_hash('openstack_network', {}) - -$floating_hash = {} - -if $use_neutron { - $network_provider = 'neutron' - $novanetwork_params = {} - $neutron_config = hiera_hash('quantum_settings') - $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', {}) - $neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret'] - #todo(sv): default value set to false as soon as Nailgun/UI part be ready - $isolated_metadata = pick($neutron_config['metadata']['isolated_metadata'], true) - $neutron_agents = pick($neutron_config['neutron_agents'], ['metadata', 'dhcp', 'l3']) - $neutron_server_enable = pick($neutron_config['neutron_server_enable'], true) - $conf_nova = pick($neutron_config['conf_nova'], true) - $service_workers = pick($neutron_config['workers'], - min(max($::processorcount, 2), 16)) - $neutron_private_net = pick($neutron_config['default_private_net'], - 'net04') - $neutron_floating_net = pick($neutron_config['default_floating_net'], - 'net04_ext') - $neutron_default_router = pick($neutron_config['default_router'], 'router04') - - # Neutron Keystone settings - $neutron_user_password = $neutron_config['keystone']['admin_password'] - $keystone_user = pick($neutron_config['keystone']['admin_user'], 'neutron') - $keystone_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services') - # Neutron DB settings - $neutron_db_password = $neutron_config['database']['passwd'] - $neutron_db_user = pick($neutron_config['database']['user'], 'neutron') - $neutron_db_name = pick($neutron_config['database']['name'], 'neutron') - $neutron_db_host = pick($neutron_config['database']['host'], hiera('database_vip')) - $base_mac = $neutron_config['L2']['base_mac'] -} else { - $network_provider = 'nova' - $floating_ips_range = hiera('floating_network_range') - $neutron_config = {} - $novanetwork_params = hiera('novanetwork_parameters') - $isolated_metadata = false -} - -$keystone_admin_tenant = $access_hash[tenant] - -$openstack_version = { - 'keystone' => 'installed', - 'glance' => 'installed', - 'horizon' => 'installed', - 'nova' => 'installed', - 'novncproxy' => 'installed', - 'cinder' => 'installed', -} - -if $network_provider == 'neutron' { - # Required to use get_network_role_property - prepare_network_config($network_scheme) - - $neutron_db_uri = "mysql://${neutron_db_user}:${neutron_db_password}@${neutron_db_host}/${neutron_db_name}?&read_timeout=60" - $neutron_server = true - $neutron_local_address_for_bind = get_network_role_property('neutron/api', 'ipaddr') - $floating_bridge = get_network_role_property('neutron/floating', 'interface') - $segmentation_type = $neutron_config['L2']['segmentation_type'] - - if $segmentation_type != 'vlan' { - # tunneling_mode - $net_role_property = 'neutron/mesh' - $tunneling_ip = get_network_role_property($net_role_property, 'ipaddr') - $iface = get_network_role_property($net_role_property, 'phys_dev') - $phys_net_mtu = get_transformation_property('mtu', $iface[0]) - $enable_tunneling = true - if $segmentation_type =='gre' { - $network_type = 'gre' - $mtu_offset = 42 - } else { - $network_type = 'vxlan' - $mtu_offset = 50 - } - if $phys_net_mtu { - $overlay_net_mtu = $phys_net_mtu - $mtu_offset - } else { - $overlay_net_mtu = 1500 - $mtu_offset - } - $tunnel_types = [$network_type] - $tenant_network_types = ['flat', 'vlan', $network_type] - $tunnel_id_ranges = [$neutron_config['L2']['tunnel_id_ranges']] - $alt_fallback = split($neutron_config['L2']['tunnel_id_ranges'], ':') - Openstack::Network::Create_network { - tenant_name => $keystone_admin_tenant, - fallback_segment_id => $alt_fallback[0] - } - - } else { - # vlan_mode - $net_role_property = 'neutron/private' - $iface = get_network_role_property($net_role_property, 'phys_dev') - $mtu_for_virt_network = get_transformation_property('mtu', $iface[0]) - $overlay_net_mtu = pick($mtu_for_virt_network, 1500) - $enable_tunneling = false - $network_type = 'vlan' - $tenant_network_types = ['flat', 'vlan'] - $tunnel_types = [] - $tunneling_ip = false - $tunnel_id_ranges = [] - } - - # We need to restart nova-api after making changes via nova_config - # so we need to declare the service and notify it - if ($conf_nova){ - include ::nova::params - service { 'nova-api': - ensure => 'running', - name => $::nova::params::api_service_name, - } - - nova_config {'DEFAULT/default_floating_pool': - value => $neturon_floating_net - } - Nova_config<| |> ~> Service['nova-api'] - } - - # FIXME(xarses) Nearly everything between here and the class - # should be moved into osnaily or nailgun but will stay here - # in the interum. - $nets = $neutron_config['predefined_networks'] - - if $primary_controller and $nets and !empty($nets) { - - Service<| title == 'neutron-server' |> -> - Openstack::Network::Create_network <||> - - Service<| title == 'neutron-server' |> -> - Openstack::Network::Create_router <||> - - openstack::network::create_network{$neutron_private_net: - netdata => $nets[$neutron_private_net], - segmentation_type => $network_type, - } -> - openstack::network::create_network{$neutron_floating_net: - netdata => $nets[$neutron_floating_net], - segmentation_type => 'local', - } -> - openstack::network::create_router{$neutron_default_router: - internal_network => $neutron_private_net, - external_network => $neutron_floating_net, - tenant_name => $keystone_admin_tenant - } - - } - - $pnets = $neutron_config['L2']['phys_nets'] - if $pnets['physnet1'] { - $physnet1 = "physnet1:${pnets['physnet1']['bridge']}" - notify{ $physnet1:} - } - if $pnets['physnet2'] { - $physnet2 = "physnet2:${pnets['physnet2']['bridge']}" - notify{ $physnet2:} - if $pnets['physnet2']['vlan_range'] { - $vlan_range = ["physnet2:${pnets['physnet2']['vlan_range']}"] - $fallback = split($pnets['physnet2']['vlan_range'], ':') - Openstack::Network::Create_network { - tenant_name => $keystone_admin_tenant, - fallback_segment_id => $fallback[1] - } - notify{ $vlan_range:} - } - } else { - $vlan_range = [] - } - - if $physnet1 and $physnet2 { - $bridge_mappings = [$physnet1, $physnet2] - } elsif $physnet1 { - $bridge_mappings = [$physnet1] - } elsif $physnet2 { - $bridge_mappings = [$physnet2] - } else { - $bridge_mappings = [] - } - - if $neutron_config['L2']['mechanism_drivers'] { - $mechanism_drivers = split($neutron_config['L2']['mechanism_drivers'], ',') - } else { - $mechanism_drivers = ['openvswitch', 'l2population'] - } - - $core_plugin = 'neutron.plugins.ml2.plugin.Ml2Plugin' - $service_plugins = ['neutron.services.l3_router.l3_router_plugin.L3RouterPlugin','neutron.services.metering.metering_plugin.MeteringPlugin'] - $agent = 'ml2-ovs' - - - $dvr = pick($neutron_advanced_config['neutron_dvr'], false) - $l2_population = pick($neutron_advanced_config['neutron_l2_pop'], false) - -} else { - $neutron_server = false - $neutron_db_uri = undef - $neutron_local_address_for_bind = undef - $floating_bridge = undef - - case hiera('network_manager', undef) { - 'nova.network.manager.VlanManager': { - Class['nova::network::vlan'] -> Nova::Manage::Network <||> - } - 'nova.network.manager.FlatDHCPManager': { - Class['nova::network::flatdhcp'] -> Nova::Manage::Network <||> - } - 'nova.network.manager.FlatManager': { - Class['nova::network::flat'] -> Nova::Manage::Network <||> - } - - } - - # Stubs for nova::network - file { '/etc/nova/nova.conf': - ensure => 'present', - } -} - - -class { 'openstack::network': - network_provider => $network_provider, - agents => flatten([$agent, $neutron_agents]), - ha_agents => $neutron_config['ha_agents'] ? { - default => $neutron_config['ha_agents'], - undef => $primary_controller ? {true => 'primary', default => 'slave'}, - }, - verbose => pick($openstack_network_hash['verbose'], true), - debug => pick($openstack_network_hash['debug'], hiera('debug', true)), - use_syslog => hiera('use_syslog', true), - use_stderr => hiera('use_stderr', false), - syslog_log_facility => hiera('syslog_log_facility_neutron', 'LOG_LOCAL4'), - - neutron_server => $neutron_server, - neutron_server_enable => $neutron_server_enable, - neutron_db_uri => $neutron_db_uri, - nova_neutron => $conf_nova, - base_mac => $base_mac, - core_plugin => $core_plugin, - service_plugins => $service_plugins, - net_mtu => pick($phys_net_mtu, 1500), - network_device_mtu => $overlay_net_mtu, - bind_host => $neutron_local_address_for_bind, - dvr => $dvr, - l2_population => $l2_population, - service_workers => $service_workers, - - #ovs - mechanism_drivers => $mechanism_drivers, - local_ip => $tunneling_ip, - bridge_mappings => $bridge_mappings, - network_vlan_ranges => $vlan_range, - enable_tunneling => $enable_tunneling, - tunnel_id_ranges => $tunnel_id_ranges, - vni_ranges => $tunnel_id_ranges, - tunnel_types => $tunnel_types, - tenant_network_types => $tenant_network_types, - - floating_bridge => $floating_bridge, - - #Queue settings - queue_provider => hiera('queue_provider', 'rabbitmq'), - amqp_hosts => split(hiera('amqp_hosts', ''), ','), - - amqp_user => $rabbit_hash['user'], - amqp_password => $rabbit_hash['password'], - - # keystone - admin_password => $neutron_user_password, - auth_uri => "http://${service_endpoint}:5000/v2.0/", - identity_uri => "http://${service_endpoint}:35357", - neutron_url => "http://${neutron_endpoint}:9696", - admin_tenant_name => $keystone_tenant, - admin_username => $keystone_user, - region => $region, - - # Ceilometer notifications - ceilometer => $ceilometer_hash['enabled'], - - #metadata - shared_secret => $neutron_metadata_proxy_secret, - metadata_ip => $nova_endpoint, - isolated_metadata => $isolated_metadata, - - #nova settings - private_interface => $use_neutron ? { true=>false, default=>hiera('private_int', undef)}, - public_interface => hiera('public_int', undef), - fixed_range => $use_neutron ? { true =>false, default =>hiera('fixed_network_range', undef)}, - floating_range => $use_neutron ? { true =>$floating_hash, default =>false}, - network_manager => hiera('network_manager', undef), - network_config => hiera('network_config', {}), - create_networks => $primary_controller, - num_networks => hiera('num_networks', undef), - network_size => hiera('network_size', undef), - nameservers => hiera('dns_nameservers', undef), - enable_nova_net => false, # just setup networks, but don't start nova-network service on controllers - nova_admin_username => $nova_hash['user'], - nova_admin_tenant_name => $nova_hash['tenant'], - nova_admin_password => $nova_hash['user_password'], - nova_url => "http://${nova_endpoint}:8774/v2", -} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller_post.rb b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller_post.rb deleted file mode 100644 index 039be1bd5b..0000000000 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller_post.rb +++ /dev/null @@ -1,3 +0,0 @@ -require File.join File.dirname(__FILE__), '../test_common.rb' - -#TODO: test for neutron or nova-network processes depending on network provider diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller_pre.rb b/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller_pre.rb deleted file mode 100644 index 43039f2d34..0000000000 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller_pre.rb +++ /dev/null @@ -1,8 +0,0 @@ -require File.join File.dirname(__FILE__), '../test_common.rb' - -class OpenStackNetworkControllerPreTest < Test::Unit::TestCase - def test_keystone_backend_online - assert TestCommon::HAProxy.backend_up?('keystone-1'), 'Haproxy keystone-1 backend is down!' - assert TestCommon::HAProxy.backend_up?('keystone-2'), 'Haproxy keystone-2 backend is down!' - end -end diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/plugins/ml2.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/plugins/ml2.pp new file mode 100644 index 0000000000..f67a152e49 --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/plugins/ml2.pp @@ -0,0 +1,162 @@ +notice('MODULAR: openstack-network/plugins/ml2.pp') + +$use_neutron = hiera('use_neutron', false) + +class neutron {} +class { 'neutron' :} + +if $use_neutron { + include ::neutron::params + + $role = hiera('role') + $controller = $role in ['controller', 'primary-controller'] + $primary_controller = $role in ['primary-controller'] + $compute = $role in ['compute'] + + $neutron_config = hiera_hash('neutron_config') + $neutron_server_enable = pick($neutron_config['neutron_server_enable'], true) + + $management_vip = hiera('management_vip') + $service_endpoint = hiera('service_endpoint', $management_vip) + $auth_api_version = 'v2.0' + $identity_uri = "http://${service_endpoint}:5000" + $auth_url = "${identity_uri}/${auth_api_version}" + $auth_password = $neutron_config['keystone']['admin_password'] + $auth_user = pick($neutron_config['keystone']['admin_user'], 'neutron') + $auth_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services') + $auth_region = hiera('region', 'RegionOne') + $auth_endpoint_type = 'internalURL' + + $network_scheme = hiera_hash('network_scheme') + prepare_network_config($network_scheme) + + $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { }) + $l2_population = try_get_value($neutron_advanced_config, 'neutron_l2_pop', false) + $dvr = try_get_value($neutron_advanced_config, 'neutron_dvr', false) + $segmentation_type = try_get_value($neutron_config, 'L2/segmentation_type') + + if $segmentation_type == 'vlan' { + $net_role_property = 'neutron/private' + $iface = get_network_role_property($net_role_property, 'phys_dev') + $physical_net_mtu = pick(get_transformation_property('mtu', $iface[0]), '1500') + $overlay_net_mtu = $physical_net_mtu + $enable_tunneling = false + $network_vlan_ranges_physnet2 = try_get_value($neutron_config, 'L2/phys_nets/physnet2/vlan_range') + $network_vlan_ranges = ["physnet2:${$network_vlan_ranges_physnet2}"] + $physnet2_bridge = try_get_value($neutron_config, 'L2/phys_nets/physnet2/bridge') + $physnet2 = "physnet2:${physnet2_bridge}" + $bridge_mappings = [$physnet2] + $physical_network_mtus = ["physnet2:${physical_net_mtu}"] + $tunnel_id_ranges = [] + $network_type = 'vlan' + } else { + $net_role_property = 'neutron/mesh' + $tunneling_ip = get_network_role_property($net_role_property, 'ipaddr') + $iface = get_network_role_property($net_role_property, 'phys_dev') + $physical_net_mtu = pick(get_transformation_property('mtu', $iface[0]), '1500') + $tunnel_id_ranges = [try_get_value($neutron_config, 'L2/tunnel_id_ranges')] + $network_vlan_ranges = [] + $physical_network_mtus = [] + + if $segmentation_type == 'gre' { + $mtu_offset = '42' + $network_type = 'gre' + } else { + # vxlan is the default segmentation type for non-vlan cases + $mtu_offset = '50' + $network_type = 'vxlan' + } + + if $physical_net_mtu { + $overlay_net_mtu = $physical_net_mtu - $mtu_offset + } else { + $overlay_net_mtu = '1500' - $mtu_offset + } + + $enable_tunneling = true + $tunnel_types = [$network_type] + } + + $type_drivers = ['local', 'flat', 'vlan', 'gre', 'vxlan'] + $tenant_network_types = ['flat', $network_type] + $mechanism_drivers = split(try_get_value($neutron_config, 'L2/mechanism_drivers', 'openvswitch,l2population'), ',') + $flat_networks = ['*'] + $vxlan_group = '224.0.0.1' + + class { 'neutron::plugins::ml2': + type_drivers => $type_drivers, + tenant_network_types => $tenant_network_types, + mechanism_drivers => $mechanism_drivers, + flat_networks => $flat_networks, + network_vlan_ranges => $network_vlan_ranges, + tunnel_id_ranges => $tunnel_id_ranges, + vxlan_group => $vxlan_group, + vni_ranges => $tunnel_id_ranges, + physical_network_mtus => $physical_network_mtus, + path_mtu => $overlay_net_mtu, + } + + class { 'neutron::agents::ml2::ovs': + bridge_mappings => $bridge_mappings, + enable_tunneling => $enable_tunneling, + local_ip => $tunneling_ip, + tunnel_types => $tunnel_types, + enable_distributed_routing => $dvr, + l2_population => $l2_population, + arp_responder => $l2_population, + manage_vswitch => false, + manage_service => true, + enabled => true, + } + + # Synchronize database after plugin was configured + if $primary_controller { + include ::neutron::db::sync + } + + if ! $compute { + if $neutron_server_enable { + $service_ensure = 'running' + } else { + $service_ensure = 'stopped' + } + service { 'neutron-server': + name => $::neutron::params::server_service, + enable => $neutron_server_enable, + ensure => $service_ensure, + hasstatus => true, + hasrestart => true, + tag => 'neutron-service', + } -> + exec { 'waiting-for-neutron-api': + environment => [ + "OS_TENANT_NAME=${auth_tenant}", + "OS_USERNAME=${auth_user}", + "OS_PASSWORD=${auth_password}", + "OS_AUTH_URL=${auth_url}", + "OS_REGION_NAME=${auth_region}", + "OS_ENDPOINT_TYPE=${auth_endpoint_type}", + ], + path => '/usr/sbin:/usr/bin:/sbin:/bin', + tries => '30', + try_sleep => '4', + command => 'neutron net-list --http-timeout=4 2>&1 > /dev/null', + provider => 'shell' + } + + $ha_agent = try_get_value($neutron_advanced_config, 'l2_agent_ha', true) + if $ha_agent { + #Exec<| title == 'waiting-for-neutron-api' |> -> + class { 'cluster::neutron::ovs' : + primary => $primary_controller, + } + } + } + + # Stub for upstream neutron manifests + package { 'neutron': + name => 'binutils', + ensure => 'installed', + } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/routers.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/routers.pp new file mode 100644 index 0000000000..145bef58f3 --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/routers.pp @@ -0,0 +1,21 @@ +notice('MODULAR: openstack-network/routers.pp') + +$use_neutron = hiera('use_neutron', false) + +if $use_neutron { + + $access_hash = hiera('access', { }) + $keystone_admin_tenant = pick($access_hash['tenant'], 'admin') + + neutron_router { 'router04': + ensure => 'present', + gateway_network_name => 'net04_ext', + name => 'router04', + tenant_name => $keystone_admin_tenant, + } -> + + neutron_router_interface { 'router04:net04__subnet': + ensure => 'present', + } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/run_neutron_granular_noops.sh b/deployment/puppet/osnailyfacter/modular/openstack-network/run_neutron_granular_noops.sh new file mode 100755 index 0000000000..4ea51f6edb --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/run_neutron_granular_noops.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +for yaml in \ + novanet-compute.yaml \ + neut_vlan.ceph.ceil-primary-controller.yaml \ + neut_vxlan.murano.sahara-primary-controller.yaml \ + novanet-primary-controller.yaml \ + ; do + for spec in \ + openstack-network/compute-nova_spec.rb \ + openstack-network/common-config_spec.rb \ + openstack-network/server_spec.rb \ + openstack-network/server-nova_spec.rb \ + openstack-network/agents/dhcp_spec.rb \ + openstack-network/agents/l3_spec.rb \ + openstack-network/agents/metadata_spec.rb \ + openstack-network/agents/l2_spec.rb \ + openstack-network/networks_spec.rb \ + openstack-network/routers_spec.rb \ + ; do + echo ./utils/jenkins/fuel_noop_tests.rb -y "${yaml}" -s "${spec}" -C -D ${@} + done +done diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/server-config.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/server-config.pp new file mode 100644 index 0000000000..7ac049078a --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/server-config.pp @@ -0,0 +1,96 @@ +notice('MODULAR: openstack-network/server-config.pp') + +$use_neutron = hiera('use_neutron', false) + +class neutron { } +class { 'neutron' : } + +if $use_neutron { + + $neutron_config = hiera_hash('neutron_config') + $neutron_server_enable = pick($neutron_config['neutron_server_enable'], true) + $database_vip = hiera('database_vip') + $management_vip = hiera('management_vip') + $service_endpoint = hiera('service_endpoint', $management_vip) + $nova_endpoint = hiera('nova_endpoint', $management_vip) + $nova_hash = hiera_hash('nova', { }) + $primary_controller = hiera('primary_controller', false) + + $neutron_db_password = $neutron_config['database']['passwd'] + $neutron_db_user = try_get_value($neutron_config, 'database/user', 'neutron') + $neutron_db_name = try_get_value($neutron_config, 'database/name', 'neutron') + $neutron_db_host = try_get_value($neutron_config, 'database/host', $database_vip) + + $neutron_db_uri = "mysql://${neutron_db_user}:${neutron_db_password}@${neutron_db_host}/${neutron_db_name}?&read_timeout=60" + + $auth_password = $neutron_config['keystone']['admin_password'] + $auth_user = pick($neutron_config['keystone']['admin_user'], 'neutron') + $auth_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services') + $auth_region = hiera('region', 'RegionOne') + $auth_endpoint_type = 'internalURL' + + $auth_api_version = 'v2.0' + $identity_uri = "http://${service_endpoint}:5000/" + #$auth_url = "${identity_uri}${auth_api_version}" + $nova_admin_auth_url = "http://${service_endpoint}:35357/${auth_api_version}/" + $nova_url = "http://${nova_endpoint}:8774/v2" + + $service_workers = pick($neutron_config['workers'], min(max($::processorcount, 2), 16)) + + $neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { }) + $dvr = pick($neutron_advanced_config['neutron_dvr'], false) + + $nova_auth_user = $nova_hash['user'] + $nova_auth_password = $nova_hash['user_password'] + $nova_auth_tenant = $nova_hash['tenant'] + $nova_auth_region = hiera('region', 'RegionOne') + + class { 'neutron::server': + sync_db => false, + + auth_password => $auth_password, + auth_tenant => $auth_tenant, + auth_region => $auth_region, + auth_user => $auth_user, + identity_uri => $identity_uri, + auth_uri => $identity_uri, + + database_retry_interval => '2', + database_connection => $neutron_db_uri, + database_max_retries => '-1', + + agent_down_time => '30', + allow_automatic_l3agent_failover => true, + + api_workers => $service_workers, + rpc_workers => $service_workers, + + router_distributed => $dvr, + enabled => false, #$neutron_server_enable, + manage_service => true, + } + + include neutron::params + tweaks::ubuntu_service_override { "$::neutron::params::server_service": + package_name => $neutron::params::server_package ? { + false => $neutron::params::package_name, + default => $neutron::params::server_package + } + } + + class { 'neutron::server::notifications': + nova_url => $nova_url, + nova_admin_auth_url => $nova_admin_auth_url, + nova_admin_username => $nova_auth_user, + nova_admin_tenant_name => $nova_auth_tenant, + nova_admin_password => $nova_auth_password, + nova_region_name => $nova_auth_region, + } + + # Stub for Nuetron package + package { 'neutron': + name => 'binutils', + ensure => 'installed', + } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/server-nova.pp b/deployment/puppet/osnailyfacter/modular/openstack-network/server-nova.pp new file mode 100644 index 0000000000..6eecb1db9c --- /dev/null +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/server-nova.pp @@ -0,0 +1,80 @@ +notice('MODULAR: openstack-network/server-nova.pp') + +$use_neutron = hiera('use_neutron', false) + +if $use_neutron { + $neutron_config = hiera_hash('neutron_config') + $management_vip = hiera('management_vip') + $service_endpoint = hiera('service_endpoint', $management_vip) + $neutron_endpoint = hiera('neutron_endpoint', $management_vip) + $admin_password = try_get_value($neutron_config, 'keystone/admin_password') + $admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services') + $admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron') + $region_name = hiera('region', 'RegionOne') + $auth_api_version = 'v2.0' + $admin_identity_uri = "http://${service_endpoint}:35357" + $admin_auth_url = "${admin_identity_uri}/${auth_api_version}" + $neutron_url = "http://${neutron_endpoint}:9696" + $neutron_ovs_bridge = 'br-int' + $conf_nova = pick($neutron_config['conf_nova'], true) + + class { 'nova::network::neutron' : + neutron_admin_password => $admin_password, + neutron_admin_tenant_name => $admin_tenant_name, + neutron_region_name => $region_name, + neutron_admin_username => $admin_username, + neutron_admin_auth_url => $admin_auth_url, + neutron_url => $neutron_url, + neutron_ovs_bridge => $neutron_ovs_bridge, + } + + if $conf_nova { + include nova::params + service { 'nova-api': + ensure => 'running', + name => $nova::params::api_service_name, + } + + nova_config { 'DEFAULT/default_floating_pool': value => 'net04_ext' } + Nova_config<| |> ~> Service['nova-api'] + } + +} else { + + $ensure_package = 'installed' + $private_interface = hiera('private_int', undef) + $public_interface = hiera('public_int', undef) + $fixed_range = hiera('fixed_network_range', undef) + $network_manager = hiera('network_manager', undef) + $network_config = hiera('network_config', { }) + $create_networks = true + $num_networks = hiera('num_networks', undef) + $network_size = hiera('network_size', undef) + $nameservers = hiera('dns_nameservers', undef) + $enable_nova_net = false + + class { 'nova::network' : + ensure_package => $ensure_package, + private_interface => $private_interface, + public_interface => $public_interface, + fixed_range => $fixed_range, + floating_range => false, + network_manager => $network_manager, + config_overrides => $network_config, + create_networks => $create_networks, + num_networks => $num_networks, + network_size => $network_size, + dns1 => $nameservers[0], + dns2 => $nameservers[1], + enabled => $enable_nova_net, + install_service => false, # bacause controller + } + + # NOTE(aglarendil): lp/1381164 + nova_config { 'DEFAULT/force_snat_range' : value => '0.0.0.0/0' } + +# ========================================================================= + + file { '/etc/nova/nova.conf' : ensure => 'present' } + +} diff --git a/deployment/puppet/osnailyfacter/modular/openstack-network/tasks.yaml b/deployment/puppet/osnailyfacter/modular/openstack-network/tasks.yaml index aa7d9e9781..592bc67ba5 100644 --- a/deployment/puppet/osnailyfacter/modular/openstack-network/tasks.yaml +++ b/deployment/puppet/osnailyfacter/modular/openstack-network/tasks.yaml @@ -1,31 +1,3 @@ -- id: openstack-network - type: puppet - groups: [primary-controller, controller] - required_for: [deploy_end] - requires: [openstack-controller] - parameters: - puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-controller.pp - puppet_modules: /etc/puppet/modules - timeout: 3600 - test_pre: - cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-controller_pre.rb - test_post: - cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-controller_post.rb - -- id: openstack-network-compute - type: puppet - groups: [compute] - required_for: [deploy_end] - requires: [top-role-compute] - parameters: - puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-compute.pp - puppet_modules: /etc/puppet/modules - timeout: 3600 - test_pre: - cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-compute_pre.rb - test_post: - cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-compute_post.rb - - id: neutron-db type: puppet groups: [primary-controller] @@ -45,3 +17,114 @@ puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/keystone.pp puppet_modules: /etc/puppet/modules timeout: 1800 + +- id: openstack-network-common-config + type: puppet + groups: [primary-controller,controller,compute] + required_for: [openstack-network] + requires: [neutron-keystone, neutron-db, netconfig, openstack-controller, top-role-compute] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/common-config.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-server-config + type: puppet + groups: [primary-controller,controller] + required_for: [openstack-network] + requires: [openstack-network-common-config] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/server-config.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-plugins-l2 + type: puppet + groups: [primary-controller,controller,compute] + required_for: [openstack-network] + requires: [openstack-network-common-config,openstack-network-server-config,netconfig] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/plugins/ml2.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-networks + type: puppet + groups: [primary-controller] + required_for: [openstack-network] + requires: [openstack-network-server-config,openstack-network-plugins-l2] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/networks.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-routers + type: puppet + groups: [primary-controller] + required_for: [openstack-network] + requires: [openstack-network-plugins-l2,openstack-network-networks] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/routers.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-agents-l3 + type: puppet + groups: [primary-controller,controller,compute] + required_for: [openstack-network] + requires: [openstack-network-routers,openstack-network-plugins-l2,netconfig] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/agents/l3.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-server-nova + type: puppet + groups: [primary-controller,controller] + required_for: [openstack-network] + requires: [openstack-network-agents-l3] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/server-nova.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-agents-dhcp + type: puppet + groups: [primary-controller,controller] + required_for: [openstack-network] + requires: [openstack-network-common-config,openstack-network-server-nova,netconfig,openstack-network-agents-l3] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/agents/dhcp.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-agents-metadata + type: puppet + groups: [primary-controller,controller] + required_for: [openstack-network] + requires: [openstack-network-common-config,openstack-network-server-nova,netconfig,openstack-network-agents-l3,openstack-network-agents-dhcp] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/agents/metadata.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +- id: openstack-network-compute-nova + type: puppet + groups: [compute] + required_for: [openstack-network] + requires: [openstack-network-common-config,openstack-network-agents-l3] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/compute-nova.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 + +# Anchor (empty task) for another tasks, say 'tenant network FW setup done' +- id: openstack-network + type: puppet + groups: [primary-controller,controller,compute] + required_for: [deploy_end] + requires: [] + parameters: + puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/hiera/hiera.pp + puppet_modules: /etc/puppet/modules + timeout: 1800 diff --git a/logs/.gitkeep b/logs/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/tests/noop/astute.yaml/neut_gre.murano.sahara-primary-controller.yaml b/tests/noop/astute.yaml/neut_vxlan.murano.sahara-primary-controller.yaml similarity index 99% rename from tests/noop/astute.yaml/neut_gre.murano.sahara-primary-controller.yaml rename to tests/noop/astute.yaml/neut_vxlan.murano.sahara-primary-controller.yaml index d93223e91a..5bfc164512 100644 --- a/tests/noop/astute.yaml/neut_gre.murano.sahara-primary-controller.yaml +++ b/tests/noop/astute.yaml/neut_vxlan.murano.sahara-primary-controller.yaml @@ -575,7 +575,7 @@ quantum_settings: predefined_networks: net04: L2: - network_type: gre + network_type: vxlan physnet: null router_ext: false segment_id: null diff --git a/tests/noop/spec/hosts/openstack-network/agents/dhcp_spec.rb b/tests/noop/spec/hosts/openstack-network/agents/dhcp_spec.rb new file mode 100644 index 0000000000..572f1186ca --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/agents/dhcp_spec.rb @@ -0,0 +1,8 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/agents/dhcp.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end + diff --git a/tests/noop/spec/hosts/openstack-network/agents/l3_spec.rb b/tests/noop/spec/hosts/openstack-network/agents/l3_spec.rb new file mode 100644 index 0000000000..046cc5b0ce --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/agents/l3_spec.rb @@ -0,0 +1,8 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/agents/l3.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end + diff --git a/tests/noop/spec/hosts/openstack-network/agents/metadata_spec.rb b/tests/noop/spec/hosts/openstack-network/agents/metadata_spec.rb new file mode 100644 index 0000000000..4ac2fc9f10 --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/agents/metadata_spec.rb @@ -0,0 +1,8 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/agents/metadata.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end + diff --git a/tests/noop/spec/hosts/openstack-network/common-config_spec.rb b/tests/noop/spec/hosts/openstack-network/common-config_spec.rb new file mode 100644 index 0000000000..f050b9f7e3 --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/common-config_spec.rb @@ -0,0 +1,8 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/common-config.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end + diff --git a/tests/noop/spec/hosts/openstack-network/compute-nova_spec.rb b/tests/noop/spec/hosts/openstack-network/compute-nova_spec.rb new file mode 100644 index 0000000000..48e4363080 --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/compute-nova_spec.rb @@ -0,0 +1,122 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/compute-nova.pp' + +describe manifest do + shared_examples 'catalog' do + use_neutron = Noop.hiera('use_neutron', false) + use_vcenter = Noop.hiera('use_vcenter', false) + + let(:nova_hash) do + Noop.hiera_hash 'nova' + end + + let(:nova_user_password) do + nova_hash['user_password'] + end + + let(:network_scheme) do + Noop.hiera_hash 'network_scheme' + end + + let(:prepare_network_config) do + Noop.puppet_function 'prepare_network_config', network_scheme + end + + let(:bind_address) do + Noop.puppet_function 'get_network_role_property', 'nova/api', 'ipaddr' + end + + let(:nova_rate_limits) do + Noop.hiera_hash 'nova_rate_limits' + end + + let(:public_interface) do + Noop.puppet_function('get_network_role_property', 'public/vip', 'interface') || '' + end + + let(:private_interface) do + Noop.puppet_function 'get_network_role_property', 'nova/private', 'interface' + end + + let(:fixed_network_range) do + Noop.hiera 'fixed_network_range' + end + + let(:network_size) do + Noop.hiera 'network_size', nil + end + + let(:num_networks) do + Noop.hiera 'num_networks', nil + end + + let(:network_config) do + Noop.hiera('network_config', {}) + end + + let(:dns_nameservers) do + Noop.hiera_array('dns_nameservers', []) + end + + let(:use_vcenter) do + Noop.hiera 'use_vcenter', false + end + + context 'if Neutron is used', :if => use_neutron do + # TODO: neutron tests + end + + context 'if Nova-network is used', :if => (not use_neutron) do + context 'if VCenter is not used', :if => (not use_vcenter and not use_neutron) do + it { + expect(subject).to contain_nova_config('DEFAULT/multi_host').with(:value => 'True') + } + it { + expect(subject).to contain_nova_config('DEFAULT/send_arp_for_ha').with(:value => 'True') + } + + #it { expect(subject).to contain_nova_config('DEFAULT/metadata_host').with(:value => bind_address) } + + it do + expect(subject).to contain_class('Nova::Api').with( + :ensure_package => "installed", + :enabled => true, + :admin_tenant_name => "services", + :admin_user => "nova", + :admin_password => nova_user_password, + :enabled_apis => "metadata", + :api_bind_address => bind_address, + :ratelimits => nova_rate_limits, + ) + end + end + + it { + expect(subject).to contain_nova_config('DEFAULT/force_snat_range').with(:value => '0.0.0.0/0') + } + + it do + expect(subject).to contain_class('Nova::Network').with( + :ensure_package => "installed", + :public_interface => public_interface, + :private_interface => private_interface, + :fixed_range => fixed_network_range, + :floating_range => false, + :network_manager => "nova.network.manager.FlatDHCPManager", + :config_overrides => network_config, + :create_networks => true, + :num_networks => num_networks, + :network_size => network_size, + :dns1 => dns_nameservers[0], + :dns2 => dns_nameservers[1], + :enabled => true, + :install_service => true, + ) + end + end + + end + test_ubuntu_and_centos manifest +end + diff --git a/tests/noop/spec/hosts/openstack-network/networks_spec.rb b/tests/noop/spec/hosts/openstack-network/networks_spec.rb new file mode 100644 index 0000000000..037010492f --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/networks_spec.rb @@ -0,0 +1,7 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/networks.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end diff --git a/tests/noop/spec/hosts/openstack-network/openstack-network-controller_spec.rb b/tests/noop/spec/hosts/openstack-network/openstack-network-controller_spec.rb deleted file mode 100644 index 17aa489d51..0000000000 --- a/tests/noop/spec/hosts/openstack-network/openstack-network-controller_spec.rb +++ /dev/null @@ -1,224 +0,0 @@ -require 'spec_helper' -require 'shared-examples' -manifest = 'openstack-network/openstack-network-controller.pp' - -describe manifest do - shared_examples 'catalog' do - - # TODO All this stuff should be moved to shared examples controller* tests. - - use_neutron = Noop.hiera 'use_neutron' - ceilometer_enabled = Noop.hiera_structure 'ceilometer/enabled' - service_endpoint = Noop.hiera 'service_endpoint' - - it 'should declare openstack::network with use_stderr disabled' do - should contain_class('openstack::network').with( - 'use_stderr' => 'false', - ) - end - - it 'should apply kernel tweaks for connections' do - should contain_sysctl__value('net.ipv4.neigh.default.gc_thresh1').with_value('1024') - should contain_sysctl__value('net.ipv4.neigh.default.gc_thresh2').with_value('2048') - should contain_sysctl__value('net.ipv4.neigh.default.gc_thresh3').with_value('4096') - end - - # Network - if use_neutron - it 'should declare openstack::network with neutron enabled' do - should contain_class('openstack::network').with( - 'neutron_server' => 'true', - ) - end - - it 'should declare neutron with advertise_mtu enabled' do - should contain_class('neutron').with( - 'advertise_mtu' => 'true', - ) - end - - it 'should declare neutron::agents::ml2::ovs with manage_service enabled' do - should contain_class('neutron::agents::ml2::ovs').with( - 'manage_service' => 'true', - ) - end - - it 'should declare neutron::agents::ml2::ovs with manage_vswitch disabled' do - should contain_class('neutron::agents::ml2::ovs').with( - 'manage_vswitch' => 'false', - ) - end - - it 'should declare neutron::agents::dhcp with isolated metadata enabled' do - should contain_class('neutron::agents::dhcp').with( - 'enable_isolated_metadata' => 'true', - ) - end - - it 'should declare neutron::agents::l3 with router_delete_namespaces enabled' do - should contain_class('neutron::agents::l3').with( - 'router_delete_namespaces' => 'true', - ) - end - - it 'should declare neutron::agents::dhcp with dhcp_delete_namespaces enabled' do - should contain_class('neutron::agents::dhcp').with( - 'dhcp_delete_namespaces' => 'true', - ) - end - - it 'should declare neutron::agents::ml2::ovs with drop_flows_on_start disabled' do - should contain_class('neutron::agents::ml2::ovs').with( - 'drop_flows_on_start' => 'false', - ) - end - - it 'should pass auth region to openstack::network' do - should contain_class('openstack::network').with( - 'region' => 'RegionOne', - ) - end - - it 'should configure auth region for neutron-server' do - should contain_class('neutron::server').with( - 'auth_region' => 'RegionOne', - ) - end - - it 'should configure auth region for neutron-server-notifications' do - should contain_class('neutron::server::notifications').with( - 'nova_region_name' => 'RegionOne', - ) - end - - it 'should configure auth region for neutron-agents' do - should contain_class('openstack::network::neutron_agents').with( - 'auth_region' => 'RegionOne', - ) - end - - it 'should configure agent_down_time for neutron-server' do - should contain_class('neutron::server').with( - 'agent_down_time' => '30', - ) - end - - it 'should configure report_interval for neutron' do - should contain_class('neutron').with( - 'report_interval' => '10', - ) - end - - it 'should configure identity uri for neutron' do - should contain_class('openstack::network').with( - 'identity_uri' => "http://#{service_endpoint}:35357", - ) - end - - neutron_config = Noop.hiera_structure 'quantum_settings' - neutron_advanced_config = Noop.hiera_structure 'neutron_advanced_configuration' - - if neutron_advanced_config && neutron_advanced_config.has_key?('neutron_dvr') - dvr = neutron_advanced_config['neutron_dvr'] - it 'should configure neutron DVR' do - should contain_class('openstack::network').with( - 'dvr' => dvr, - ) - end - if dvr - it 'should set dvr_snat mode for neutron l3 agent' do - should contain_class('openstack::network::neutron_agents').with( - 'agent_mode' => 'dvr_snat', - ) - end - else - it 'should set legacy mode for neutron l3 agent' do - should contain_class('openstack::network::neutron_agents').with( - 'agent_mode' => 'legacy', - ) - end - end - end - - if neutron_advanced_config && neutron_advanced_config.has_key?('neutron_l2_pop') - l2_pop = neutron_advanced_config['neutron_l2_pop'] - it 'should configure neutron L2 population' do - should contain_class('openstack::network').with( - 'l2_population' => l2_pop, - ) - should contain_class('neutron::agents::ml2::ovs').with( - 'arp_responder' => l2_pop, - ) - end - end - - if neutron_config && neutron_config.has_key?('L2') && neutron_config['L2']['segmentation_type'] != 'vlan' - tunnel_id_ranges = [neutron_config['L2']['tunnel_id_ranges']] - if neutron_config['L2']['segmentation_type'] == 'gre' - tenant_network_types = ['flat', 'vlan', 'gre'] - tunnel_types = ['gre'] - else - tenant_network_types = ['flat', 'vlan', 'vxlan'] - tunnel_types = ['vxlan'] - end - it 'should configure tunnel_types for neutron and set net_mtu' do - should contain_class('openstack::network').with( - 'tunnel_types' => tunnel_types, - 'tunnel_id_ranges' => tunnel_id_ranges, - 'vni_ranges' => tunnel_id_ranges, - 'tenant_network_types' => tenant_network_types, - 'net_mtu' => 1500, - 'network_device_mtu' => 1450, - ) - should contain_class('neutron::plugins::ml2').with( - 'tunnel_id_ranges' => tunnel_id_ranges, - 'vni_ranges' => tunnel_id_ranges, - 'tenant_network_types' => tenant_network_types, - ) - should contain_class('neutron::agents::ml2::ovs').with( - 'tunnel_types' => tunnel_types ? tunnel_types.join(",") : "", - ) - end - else - it 'should declare openstack::network with tunnel_types set to [] and set net_mtu' do - should contain_class('openstack::network').with( - 'tunnel_types' => [], - 'net_mtu' => 1500, - 'network_device_mtu' => 1500, - ) - end - end - else - it 'should declare openstack::network with neutron disabled' do - should contain_class('openstack::network').with( - 'neutron_server' => 'false', - ) - end - end - - # Ceilometer - if ceilometer_enabled and use_neutron - it 'should configure notification_driver for neutron' do - should contain_neutron_config('DEFAULT/notification_driver').with( - 'value' => 'messaging', - ) - end - end - - if !use_neutron - nameservers = Noop.hiera 'dns_nameservers' - if nameservers and nameservers.is_a? Array - it 'should declare nova::network with nameservers' do - should contain_class('nova::network').with( - 'dns1' => nameservers[0], - 'dns2' => nameservers[1], - ) - end - end - end - - end # end of shared_examples - - test_ubuntu_and_centos manifest -end - diff --git a/tests/noop/spec/hosts/openstack-network/plugins/ml2_spec.rb b/tests/noop/spec/hosts/openstack-network/plugins/ml2_spec.rb new file mode 100644 index 0000000000..dd6a5c80eb --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/plugins/ml2_spec.rb @@ -0,0 +1,8 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/plugins/ml2.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end + diff --git a/tests/noop/spec/hosts/openstack-network/routers_spec.rb b/tests/noop/spec/hosts/openstack-network/routers_spec.rb new file mode 100644 index 0000000000..595ba860bd --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/routers_spec.rb @@ -0,0 +1,7 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/routers.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end diff --git a/tests/noop/spec/hosts/openstack-network/server-config_spec.rb b/tests/noop/spec/hosts/openstack-network/server-config_spec.rb new file mode 100644 index 0000000000..cdac05c68a --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/server-config_spec.rb @@ -0,0 +1,8 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/server-config.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end + diff --git a/tests/noop/spec/hosts/openstack-network/server-nova_spec.rb b/tests/noop/spec/hosts/openstack-network/server-nova_spec.rb new file mode 100644 index 0000000000..06c5f8d2f3 --- /dev/null +++ b/tests/noop/spec/hosts/openstack-network/server-nova_spec.rb @@ -0,0 +1,8 @@ +require 'spec_helper' +require 'shared-examples' +manifest = 'openstack-network/server-nova.pp' + +describe manifest do + test_ubuntu_and_centos manifest +end + diff --git a/tests/noop/spec/hosts/openstack/openstack_network_neutron_agents_spec.rb b/tests/noop/spec/hosts/openstack/openstack_network_neutron_agents_spec.rb deleted file mode 100644 index 7a2a40d7a9..0000000000 --- a/tests/noop/spec/hosts/openstack/openstack_network_neutron_agents_spec.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'spec_helper' -require 'shared-examples' -manifest = 'openstack/network/neutron_agents.pp' - -describe manifest do - shared_examples 'catalog' do - - net_mtu = 9000 - - if net_mtu - physical_network_mtus = "physnet2:#{net_mtu}" - else - physical_network_mtus = "" - end - - it 'should declare neutron::plugins::ml2 class' do - should contain_class('neutron::plugins::ml2').with( - 'physical_network_mtus' => physical_network_mtus, - 'path_mtu' => net_mtu, - ) - end - - end - test_ubuntu_and_centos manifest -end diff --git a/tests/noop/spec/shared-examples.rb b/tests/noop/spec/shared-examples.rb index a0ebac558b..a07fa852f7 100644 --- a/tests/noop/spec/shared-examples.rb +++ b/tests/noop/spec/shared-examples.rb @@ -73,13 +73,13 @@ end shared_examples 'debug' do it 'shows catalog contents' do - Noop.show_catalog subject + Noop.show_catalog subject, example end end shared_examples 'generate' do it 'shows catalog contents' do - Noop.catalog_to_spec subject + Noop.catalog_to_spec subject, example end end diff --git a/tests/noop/spec/spec_helper.rb b/tests/noop/spec/spec_helper.rb index a0ff08671f..421b0c32a0 100644 --- a/tests/noop/spec/spec_helper.rb +++ b/tests/noop/spec/spec_helper.rb @@ -371,15 +371,26 @@ module Noop ## Catalog helpers ## # TODO: move to Utils - def self.show_catalog(subject) + def self.show_catalog(subject, example) catalog = subject catalog = subject.call if subject.is_a? Proc - puts '===== catalog show start =====' + text = '' + text += "# ===== catalog show start =====\n" catalog.resources.each do |resource| - puts '=' * 70 - puts resource.to_manifest + text += '# ' + ('=' * 60) + "\n" + text += resource.to_manifest + "\n" end - puts '===== catalog show end =====' + text += "# ===== catalog show end =====\n" + if self.puppet_logs_dir + catalog_file = File.join self.puppet_logs_dir, "#{File.basename self.astute_yaml_base}-#{File.basename self.current_spec example}-catalog.log.pp" + puts "Dumping catalog to: '#{catalog_file}'" + File.open(catalog_file, 'w') do |file| + file.puts text + end + else + puts text + end + text end def self.resource_test_template(binding) @@ -397,16 +408,25 @@ module Noop ERB.new(template, nil, '-').result(binding) end - def self.catalog_to_spec(subject) - puts '===== spec generate start =====' + def self.catalog_to_spec(subject, example) + text = "# ===== spec generate start =====\n" catalog = subject catalog = subject.call if subject.is_a? Proc catalog.resources.each do |resource| next if %w(Stage Anchor).include? resource.type next if resource.type == 'Class' and %w(Settings main).include? resource.title.to_s - puts resource_test_template binding + text += resource_test_template(binding) + end + text += "# ===== spec generate end =====\n" + if self.puppet_logs_dir + spec_file = File.join self.puppet_logs_dir, "#{File.basename self.astute_yaml_base}-#{File.basename self.current_spec example}-spec.log.rb" + puts "Dumping spec to: '#{spec_file}'" + File.open(spec_file, 'w') do |file| + file.puts text + end + else + puts text end - puts '===== spec generate end =====' end # extract a parameter value from a resource in the catalog