Updates Swarm Heat Templates to Support Container Network Model

Previously, the Swarm templates did not support the Container Network Model. The templates have been updated to support the Flannel --network-driver. Conditionals have been added to support future --network-drivers. Partially-Implements: blueprint heat-network-refactor Change-Id: Ie90e41568df05055b91764b861e08de6f689d864
8 years ago · f108b46e79
parent 4f4d90376d
commit f108b46e79
6 changed files with 249 additions and 0 deletions
--- a/magnum/templates/swarm/fragments/network-config-service.sh
+++ b/magnum/templates/swarm/fragments/network-config-service.sh
@ -0,0 +1,63 @@
+#!/bin/sh
+
+. /etc/sysconfig/heat-params
+
+if [ "$NETWORK_DRIVER" != "flannel" ]; then
+    exit 0
+fi
+
+FLANNELD_CONFIG=/etc/sysconfig/flanneld
+FLANNEL_CONFIG_BIN=/usr/local/bin/flannel-config
+FLANNEL_CONFIG_SERVICE=/etc/systemd/system/flannel-config.service
+FLANNEL_JSON=/etc/sysconfig/flannel-network.json
+
+sed -i '
+/^FLANNEL_ETCD=/ s|=.*|="http://'"$SWARM_MASTER_IP"':2379"|
+' $FLANNELD_CONFIG
+
+. $FLANNELD_CONFIG
+
+echo "creating $FLANNEL_CONFIG_BIN"
+cat > $FLANNEL_CONFIG_BIN <<EOF
+#!/bin/sh
+
+if ! [ -f "$FLANNEL_JSON" ]; then
+    echo "ERROR: missing network configuration file" >&2
+    exit 1
+fi
+
+if ! [ "$FLANNEL_ETCD" ] && [ "$FLANNEL_ETCD_KEY" ]; then
+    echo "ERROR: missing required configuration" >&2
+    exit 1
+fi
+
+echo "creating flanneld config in etcd"
+while ! curl -sf -L $FLANNEL_ETCD/v2/keys${FLANNEL_ETCD_KEY}/config \
+  -X PUT --data-urlencode value@${FLANNEL_JSON}; do
+    echo "waiting for etcd"
+    sleep 1
+done
+EOF
+
+cat > $FLANNEL_CONFIG_SERVICE <<EOF
+[Unit]
+After=etcd.service
+Requires=etcd.service
+
+[Service]
+Type=oneshot
+EnvironmentFile=/etc/sysconfig/flanneld
+ExecStart=$FLANNEL_CONFIG_BIN
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+chown root:root $FLANNEL_CONFIG_BIN
+chmod 0755 $FLANNEL_CONFIG_BIN
+
+chown root:root $FLANNEL_CONFIG_SERVICE
+chmod 0644 $FLANNEL_CONFIG_SERVICE
+
+systemctl enable flannel-config
+systemctl start --no-block flannel-config
--- a/magnum/templates/swarm/fragments/network-service.sh
+++ b/magnum/templates/swarm/fragments/network-service.sh
@ -0,0 +1,82 @@
+#!/bin/sh
+
+. /etc/sysconfig/heat-params
+
+if [ "$NETWORK_DRIVER" != "flannel" ]; then
+    exit 0
+fi
+
+FLANNELD_CONFIG=/etc/sysconfig/flanneld
+FLANNEL_DOCKER_BRIDGE_BIN=/usr/local/bin/flannel-docker-bridge
+FLANNEL_DOCKER_BRIDGE_SERVICE=/etc/systemd/system/flannel-docker-bridge.service
+DOCKER_FLANNEL_CONF=/etc/systemd/system/docker.service.d/flannel.conf
+FLANNEL_DOCKER_BRIDGE_CONF=/etc/systemd/system/flanneld.service.d/flannel-docker-bridge.conf
+
+mkdir -p /etc/systemd/system/docker.service.d
+mkdir -p /etc/systemd/system/flanneld.service.d
+
+sed -i '
+/^FLANNEL_ETCD=/ s|=.*|="http://'"$SWARM_MASTER_IP"':2379"|
+' $FLANNELD_CONFIG
+
+cat >> $FLANNEL_DOCKER_BRIDGE_BIN <<EOF
+#!/bin/sh
+
+if ! [ "\$FLANNEL_SUBNET" ] && [ "\$FLANNEL_MTU" ] ; then
+    echo "ERROR: missing required environment variables." >&2
+    exit 1
+fi
+
+mkdir -p /run/flannel/
+cat > /run/flannel/docker <<EOF
+DOCKER_NETWORK_OPTIONS="--bip=\$FLANNEL_SUBNET --mtu=\$FLANNEL_MTU"
+EOF
+
+chown root:root $FLANNEL_DOCKER_BRIDGE_BIN
+chmod 0755 $FLANNEL_DOCKER_BRIDGE_BIN
+
+cat >> $FLANNEL_DOCKER_BRIDGE_SERVICE <<EOF
+[Unit]
+After=flanneld.service
+Before=docker.service
+Requires=flanneld.service
+
+[Service]
+Type=oneshot
+EnvironmentFile=/run/flannel/subnet.env
+ExecStart=/usr/local/bin/flannel-docker-bridge
+
+[Install]
+WantedBy=docker.service
+EOF
+
+chown root:root $FLANNEL_DOCKER_BRIDGE_SERVICE
+chmod 0644 $FLANNEL_DOCKER_BRIDGE_SERVICE
+
+cat >> $DOCKER_FLANNEL_CONF <<EOF
+[Unit]
+Requires=flannel-docker-bridge.service
+After=flannel-docker-bridge.service
+
+[Service]
+EnvironmentFile=/run/flannel/docker
+EOF
+
+chown root:root $DOCKER_FLANNEL_CONF
+chmod 0644 $DOCKER_FLANNEL_CONF
+
+cat >> $FLANNEL_DOCKER_BRIDGE_CONF <<EOF
+[Unit]
+Requires=flannel-docker-bridge.service
+Before=flannel-docker-bridge.service
+
+[Install]
+Also=flannel-docker-bridge.service
+EOF
+
+chown root:root $FLANNEL_DOCKER_BRIDGE_CONF
+chmod 0644 $FLANNEL_DOCKER_BRIDGE_CONF
+
+echo "activating service flanneld"
+systemctl enable flanneld
+systemctl --no-block start flanneld
--- a/magnum/templates/swarm/fragments/write-heat-params.yaml
+++ b/magnum/templates/swarm/fragments/write-heat-params.yaml
@ -16,3 +16,7 @@ write_files:
      USER_TOKEN="$USER_TOKEN"
      MAGNUM_URL="$MAGNUM_URL"
      TLS_DISABLED="$TLS_DISABLED"
+      NETWORK_DRIVER="$NETWORK_DRIVER"
+      FLANNEL_NETWORK_CIDR="$FLANNEL_NETWORK_CIDR"
+      FLANNEL_NETWORK_SUBNETLEN="$FLANNEL_NETWORK_SUBNETLEN"
+      FLANNEL_USE_VXLAN="$FLANNEL_USE_VXLAN"
--- a/magnum/templates/swarm/fragments/write-network-config.sh
+++ b/magnum/templates/swarm/fragments/write-network-config.sh
@ -0,0 +1,37 @@
+#!/bin/sh
+
+. /etc/sysconfig/heat-params
+
+if [ "$NETWORK_DRIVER" != "flannel" ]; then
+    exit 0
+fi
+
+FLANNEL_JSON=/etc/sysconfig/flannel-network.json
+FLANNEL_NETWORK_CIDR="$FLANNEL_NETWORK_CIDR"
+FLANNEL_NETWORK_SUBNETLEN="$FLANNEL_NETWORK_SUBNETLEN"
+FLANNEL_USE_VXLAN="$FLANNEL_USE_VXLAN"
+
+if [ "$FLANNEL_USE_VXLAN" == "true" ]; then
+    use_vxlan=1
+fi
+
+# Generate a flannel configuration that we will
+# store into etcd using curl.
+cat > $FLANNEL_JSON <<EOF
+{
+  "Network": "$FLANNEL_NETWORK_CIDR",
+  "Subnetlen": $FLANNEL_NETWORK_SUBNETLEN
+EOF
+
+if [ "$use_vxlan" = 1 ]; then
+cat >> $FLANNEL_JSON <<EOF
+  ,
+  "Backend": {
+    "Type": "vxlan"
+  }
+EOF
+fi
+
+cat >> $FLANNEL_JSON <<EOF
+}
+EOF
--- a/magnum/templates/swarm/swarm.yaml
+++ b/magnum/templates/swarm/swarm.yaml
@ -92,6 +92,30 @@ parameters:
    description: whether or not to enable TLS
    default: False

+  network_driver:
+    type: string
+    description: network driver to use for instantiating container networks
+    default: None
+
+  flannel_network_cidr:
+    type: string
+    description: network range for flannel overlay network
+    default: 10.100.0.0/16
+
+  flannel_network_subnetlen:
+    type: string
+    description: size of subnet assigned to each master
+    default: 24
+
+  flannel_use_vxlan:
+    type: string
+    description: >
+      if true use the vxlan backend, otherwise use the default
+      udp backend
+    default: "false"
+    constraints:
+      - allowed_values: ["true", "false"]
+
 resources:

  cloud_init_wait_handle:
@ -209,6 +233,28 @@ resources:
            "$USER_TOKEN": {get_param: user_token}
            "$MAGNUM_URL": {get_param: magnum_url}
            "$TLS_DISABLED": {get_param: tls_disabled}
+            "$NETWORK_DRIVER": {get_param: network_driver}
+            "$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr}
+            "$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
+            "$FLANNEL_USE_VXLAN": {get_param: flannel_use_vxlan}
+
+  write_network_config:
+    type: "OS::Heat::SoftwareConfig"
+    properties:
+      group: ungrouped
+      config: {get_file: fragments/write-network-config.sh}
+
+  network_config_service:
+    type: "OS::Heat::SoftwareConfig"
+    properties:
+      group: ungrouped
+      config: {get_file: fragments/network-config-service.sh}
+
+  network_service:
+    type: "OS::Heat::SoftwareConfig"
+    properties:
+      group: ungrouped
+      config: {get_file: fragments/network-service.sh}

  configure_swarm:
    type: "OS::Heat::SoftwareConfig"
@ -334,6 +380,9 @@ resources:
        - config: {get_resource: remove_docker_key}
        - config: {get_resource: write_heat_params}
        - config: {get_resource: make_cert}
+        - config: {get_resource: write_network_config}
+        - config: {get_resource: network_config_service}
+        - config: {get_resource: network_service}
        - config: {get_resource: configure_docker_storage}
        - config: {get_resource: write_swarm_agent_failure_service}
        - config: {get_resource: write_swarm_manager_failure_service}
@ -415,6 +464,7 @@ resources:
          user_token: {get_param: user_token}
          magnum_url: {get_param: magnum_url}
          tls_disabled: {get_param: tls_disabled}
+          network_driver: {get_param: network_driver}

  ######################################################################
  #
--- a/magnum/templates/swarm/swarmnode.yaml
+++ b/magnum/templates/swarm/swarmnode.yaml
@ -40,6 +40,11 @@ parameters:
    type: string
    description: Subnet from which to allocate fixed addresses.

+  network_driver:
+    type: string
+    description: network driver to use for instantiating container networks
+    default: None
+
  discovery_url:
    type: string
    description: url provided for node discovery
@ -143,6 +148,7 @@ resources:
            "$USER_TOKEN": {get_param: user_token}
            "$MAGNUM_URL": {get_param: magnum_url}
            "$TLS_DISABLED": {get_param: tls_disabled}
+            "$NETWORK_DRIVER": {get_param: network_driver}

  configure_swarm:
    type: "OS::Heat::SoftwareConfig"
@ -180,6 +186,12 @@ resources:
      group: ungrouped
      config: {get_file: fragments/write-docker-socket.yaml}

+  network_service:
+    type: "OS::Heat::SoftwareConfig"
+    properties:
+      group: ungrouped
+      config: {get_file: fragments/network-service.sh}
+
  write_swarm_agent_failure_service:
    type: "OS::Heat::SoftwareConfig"
    properties:
@ -242,6 +254,7 @@ resources:
        - config: {get_resource: remove_docker_key}
        - config: {get_resource: write_heat_params}
        - config: {get_resource: make_cert}
+        - config: {get_resource: network_service}
        - config: {get_resource: configure_docker_storage}
        - config: {get_resource: write_swarm_agent_failure_service}
        - config: {get_resource: write_swarm_agent_service}