Octavia scenario

Configure glance to only use file to avoid swift, etc.

Depends-On: I7b8a2314a23281a4369d431aba280e0c0dc66f22

Change-Id: I6054f754d2671beacd83d3a0fe950d49fa221342

etc/openstack_deploy/conf.d/trove.yml.aio

@@ -1,87 +1,3 @@
-cidr_networks:
-  dbaas: 172.29.232.0/22
-  container: 172.29.236.0/22
-  tunnel: 172.29.240.0/22
-  storage: 172.29.244.0/22
-
-used_ips:
-  - "172.29.232.1,172.29.232.50"
-  - "172.29.232.100"
-  - "172.29.233.100,172.29.233.210"
-  - "172.29.236.1,172.29.236.50"
-  - "172.29.236.100"
-  - "172.29.240.1,172.29.240.50"
-  - "172.29.240.100"
-  - "172.29.244.1,172.29.244.50"
-  - "172.29.244.100"
-  - "172.29.248.1,172.29.248.50"
-  - "172.29.248.100"
-
-global_overrides:
-  provider_networks:
-    - network:
-        container_bridge: "br-mgmt"
-        container_type: "veth"
-        container_interface: "eth1"
-        ip_from_q: "container"
-        type: "raw"
-        group_binds:
-          - all_containers
-          - hosts
-        is_container_address: true
-        is_ssh_address: true
-    - network:
-        container_bridge: "br-vxlan"
-        container_type: "veth"
-        container_interface: "eth10"
-        ip_from_q: "tunnel"
-        type: "vxlan"
-        range: "1:1000"
-        net_name: "vxlan"
-        group_binds:
-          - neutron_linuxbridge_agent
-    - network:
-        container_bridge: "br-vlan"
-        container_type: "veth"
-        container_interface: "eth12"
-        host_bind_override: "eth12"
-        type: "flat"
-        net_name: "flat"
-        group_binds:
-          - neutron_linuxbridge_agent
-    - network:
-        container_bridge: "br-dbaas"
-        container_type: "veth"
-        container_interface: "eth13"
-        host_bind_override: "eth13"
-        ip_from_q: "dbaas"
-        type: "flat"
-        net_name: "flat-db"
-        group_binds:
-          - neutron_linuxbridge_agent
-          - rabbitmq
-    - network:
-        container_bridge: "br-vlan"
-        container_type: "veth"
-        container_interface: "eth11"
-        type: "vlan"
-        range: "1:1"
-        net_name: "vlan"
-        group_binds:
-          - neutron_linuxbridge_agent
-    - network:
-        container_bridge: "br-storage"
-        container_type: "veth"
-        container_interface: "eth2"
-        ip_from_q: "storage"
-        type: "raw"
-        group_binds:
-          - glance_api
-          - cinder_api
-          - cinder_volume
-          - nova_compute
-          - swift_proxy
-
 trove-infra_hosts:
   aio1:
     ip: 172.29.236.100

etc/openstack_deploy/openstack_user_config.yml.aio

@@ -1,10 +1,16 @@
 ---
 cidr_networks:
+  dbaas: 172.29.232.0/22
+  lbaas: 172.29.252.0/22
   container: 172.29.236.0/22
   tunnel: 172.29.240.0/22
   storage: 172.29.244.0/22
 
 used_ips:
+  - "172.29.232.1,172.29.232.50"
+  - "172.29.232.100"
+  - "172.29.252.1,172.29.252.50"
+  - "172.29.252.100"
   - "172.29.236.1,172.29.236.50"
   - "172.29.236.100"
   - "172.29.240.1,172.29.240.50"
@@ -43,6 +49,30 @@ global_overrides:
         net_name: "vxlan"
         group_binds:
           - neutron_linuxbridge_agent
+    - network:
+        container_bridge: "br-dbaas"
+        container_type: "veth"
+        container_interface: "eth13"
+        host_bind_override: "eth13"
+        ip_from_q: "dbaas"
+        type: "flat"
+        net_name: "flat-db"
+        group_binds:
+          - neutron_linuxbridge_agent
+          - rabbitmq
+    - network:
+        container_bridge: "br-lbaas"
+        container_type: "veth"
+        container_interface: "eth14"
+        host_bind_override: "eth14"
+        ip_from_q: "lbaas"
+        type: "flat"
+        net_name: "lbaas"
+        group_binds:
+          - neutron_linuxbridge_agent
+          - octavia-worker
+          - octavia-housekeeping
+          - octavia-health-manager
     - network:
         container_bridge: "br-vlan"
         container_type: "veth"

etc/openstack_deploy/openstack_user_config.yml.aio.j2

@@ -0,0 +1,134 @@
+---
+cidr_networks:
+{% if bootstrap_host_scenario == "translations" %}
+  dbaas: 172.29.232.0/22
+{% endif %}
+{% if bootstrap_host_scenario in ["translations", "octavia"] %}
+  lbaas: 172.29.252.0/22
+{% endif %}
+  container: 172.29.236.0/22
+  tunnel: 172.29.240.0/22
+  storage: 172.29.244.0/22
+
+used_ips:
+{% if bootstrap_host_scenario == "translations" %}
+  - "172.29.232.1,172.29.232.50"
+  - "172.29.232.100"
+{% endif %}
+{% if bootstrap_host_scenario in ["translations", "octavia"] %}
+  - "172.29.252.1,172.29.252.50"
+  - "172.29.252.100"
+{% endif %}
+  - "172.29.236.1,172.29.236.50"
+  - "172.29.236.100"
+  - "172.29.240.1,172.29.240.50"
+  - "172.29.240.100"
+  - "172.29.244.1,172.29.244.50"
+  - "172.29.244.100"
+  - "172.29.248.1,172.29.248.50"
+  - "172.29.248.100"
+
+global_overrides:
+  internal_lb_vip_address: 172.29.236.100
+  # The external IP is quoted simply to ensure that the .aio file can be used as input
+  # dynamic inventory testing.
+  external_lb_vip_address: "{{ bootstrap_host_public_address | default(ansible_default_ipv4.address) }}"
+  tunnel_bridge: "br-vxlan"
+  management_bridge: "br-mgmt"
+  provider_networks:
+    - network:
+        container_bridge: "br-mgmt"
+        container_type: "veth"
+        container_interface: "eth1"
+        ip_from_q: "container"
+        type: "raw"
+        group_binds:
+          - all_containers
+          - hosts
+        is_container_address: true
+        is_ssh_address: true
+    - network:
+        container_bridge: "br-vxlan"
+        container_type: "veth"
+        container_interface: "eth10"
+        ip_from_q: "tunnel"
+        type: "vxlan"
+        range: "1:1000"
+        net_name: "vxlan"
+        group_binds:
+          - neutron_linuxbridge_agent
+{% if bootstrap_host_scenario == "translations" %}
+    - network:
+        container_bridge: "br-dbaas"
+        container_type: "veth"
+        container_interface: "eth13"
+        host_bind_override: "eth13"
+        ip_from_q: "dbaas"
+        type: "flat"
+        net_name: "flat-db"
+        group_binds:
+          - neutron_linuxbridge_agent
+          - rabbitmq
+{% endif %}
+{% if bootstrap_host_scenario in ["translations", "octavia"] %}
+    - network:
+        container_bridge: "br-lbaas"
+        container_type: "veth"
+        container_interface: "eth14"
+        host_bind_override: "eth14"
+        ip_from_q: "lbaas"
+        type: "flat"
+        net_name: "lbaas"
+        group_binds:
+          - neutron_linuxbridge_agent
+          - octavia-worker
+          - octavia-housekeeping
+          - octavia-health-manager
+{% endif %}
+    - network:
+        container_bridge: "br-vlan"
+        container_type: "veth"
+        container_interface: "eth12"
+        host_bind_override: "eth12"
+        type: "flat"
+        net_name: "flat"
+        group_binds:
+          - neutron_linuxbridge_agent
+    - network:
+        container_bridge: "br-vlan"
+        container_type: "veth"
+        container_interface: "eth11"
+        type: "vlan"
+        range: "1:1"
+        net_name: "vlan"
+        group_binds:
+          - neutron_linuxbridge_agent
+    - network:
+        container_bridge: "br-storage"
+        container_type: "veth"
+        container_interface: "eth2"
+        ip_from_q: "storage"
+        type: "raw"
+        group_binds:
+          - glance_api
+          - cinder_api
+          - cinder_volume
+          - nova_compute
+          - swift_proxy
+
+# galera, memcache, rabbitmq, utility
+shared-infra_hosts:
+  aio1:
+    ip: 172.29.236.100
+
+repo-infra_hosts:
+  aio1:
+    ip: 172.29.236.100
+
+log_hosts:
+  aio1:
+    ip: 172.29.236.100
+
+haproxy_hosts:
+  aio1:
+    ip: 172.29.236.100

playbooks/setup-openstack.yml

@@ -38,6 +38,7 @@
 - include: os-trove-install.yml
 - include: os-sahara-install.yml
 - include: os-molteniron-install.yml
+- include: os-octavia-install.yml
 - include: os-tempest-install.yml
   when: (tempest_install | default(False)) | bool or (tempest_run | default(False)) | bool
 

tests/bootstrap-aio.yml

@@ -59,6 +59,12 @@
         - name: magnum.yml.aio
         - name: octavia.yml.aio
         - name: trove.yml.aio
+      octavia:
+        - name: glance.yml.aio
+        - name: keystone.yml.aio
+        - name: neutron.yml.aio
+        - name: nova.yml.aio
+        - name: octavia.yml.aio
     sftp_subsystem: "{{ (ansible_pkg_mgr == 'apt') | ternary('sftp /usr/lib/openssh/sftp-server','sftp /usr/libexec/openssh/sftp-server') }}"
     sshd:
       ListenAddress:

tests/roles/bootstrap-host/defaults/main.yml

@@ -50,6 +50,9 @@ bootstrap_user_variables_extra_templates:
   translations:
     - src: user_variables_translations.yml.j2
       dest: user_variables_translations.yml
+  octavia:
+    - src: user_variables_octavia.yml.j2
+      dest: user_variables_octavia.yml
 
 ## Swap memory
 # If there is no swap memory present, the bootstrap will create a loopback disk
@@ -209,6 +212,9 @@ bootstrap_host_data_disk_device_force: no
 # size (in GB), the bootstrap process will use it.
 bootstrap_host_data_disk_min_size: 50
 
+# Boolean option to build Amphora image and certs
+bootstrap_host_octavia: "{{ (bootstrap_host_scenario in ['octavia', 'translations']) | bool }}"
+
 ### Optional Settings ###
 
 # Set the apt repository URL's configured for the host and containers.

tests/roles/bootstrap-host/tasks/main.yml

@@ -87,6 +87,13 @@
   tags:
     - prepare-ceph
 
+# Prepare the Octavia certs and image
+- include: prepare_octavia.yml
+  when:
+    - bootstrap_host_octavia | bool
+  tags:
+    - prepare-octavia
+
 # Prepare the network interfaces
 - include: prepare_networking.yml
   tags:

tests/roles/bootstrap-host/tasks/prepare_aio_config.yml

@@ -35,7 +35,7 @@
 
 - name: Deploy openstack_user_config
   config_template:
-    src: "{{ bootstrap_host_aio_config_path }}/openstack_user_config.yml.aio"
+    src: "{{ bootstrap_host_aio_config_path }}/openstack_user_config.yml.aio.j2"
     dest: "/etc/openstack_deploy/openstack_user_config.yml"
     config_overrides: "{{ openstack_user_config_overrides | default({}) }}"
     config_type: "yaml"

tests/roles/bootstrap-host/tasks/prepare_networking.yml

@@ -97,15 +97,16 @@
 
 - name: Shut down the network interfaces
   command: "ifdown {{ item.name }}"
+  when:
+    - osa_interfaces | changed or osa_multinode_interfaces | changed or network_interfaces_rhel | changed
+    - item.enabled | default(True)
   with_items:
     - { name: br-mgmt }
     - { name: br-storage }
     - { name: br-vlan }
     - { name: br-vxlan }
     - { name: br-dbaas, enabled: "{{ (bootstrap_host_scenario == 'translations') | bool }}" }
-  when:
-    - osa_interfaces | changed or osa_multinode_interfaces | changed or network_interfaces_rhel | changed
-    - item.enabled | default(True)
+    - { name: br-lbaas, enabled: "{{ (bootstrap_host_scenario in ['translations', 'octavia']) | bool }}" }
   tags:
     - networking-interfaces-stop
 
@@ -129,15 +130,16 @@
 
 - name: Start the network interfaces
   command: "ifup {{ item.name }}"
+  when:
+    - osa_interfaces | changed or network_interfaces_rhel | changed
+    - item.enabled | default(True)
   with_items:
     - { name: br-mgmt }
     - { name: br-storage }
     - { name: br-vlan }
     - { name: br-vxlan }
     - { name: br-dbaas, enabled: "{{ (bootstrap_host_scenario == 'translations') | bool }}" }
-  when:
-    - osa_interfaces | changed or network_interfaces_rhel | changed
-    - item.enabled | default(True)
+    - { name: br-lbaas, enabled: "{{ (bootstrap_host_scenario in ['translations', 'octavia']) | bool }}" }
   tags:
     - networking-interfaces-start
 

tests/roles/bootstrap-host/tasks/prepare_octavia.yml

@@ -0,0 +1,79 @@
+---
+# Copyright 2015, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+- name: Install apt packages
+  apt:
+    pkg: "{{ item }}"
+    state: "present"
+    update_cache: yes
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items:
+    - qemu
+    - uuid-runtime
+    - curl
+    - kpartx
+    - git
+- name: Install pip requirements
+  pip:
+    name: "{{ item }}"
+    state: "present"
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items:
+    - argparse
+    - "Babel>=1.3"
+    - dib-utils
+    - PyYAML
+    - diskimage-builder
+- name: Create Temp Dir
+  tempfile:
+    state: directory
+  register: tmp_dir
+- name: Set Temp Dir Path
+  set_fact:
+    bootstrap_host_octavia_tmp: "{{ tmp_dir.path }}"
+- name: Clone Octavia
+  git:
+    repo: "https://git.openstack.org/openstack/octavia"
+    dest: "{{ bootstrap_host_octavia_tmp }}/octavia"
+    version: "master"
+# Build Octavia amphora image
+- name: Create amphora image
+  shell: "./diskimage-create.sh -o {{ bootstrap_host_octavia_tmp }}/amphora-x64-haproxy.qcow2"
+  args:
+    chdir: "{{ bootstrap_host_octavia_tmp }}/octavia/diskimage-create"
+    creates: "{{ bootstrap_host_octavia_tmp }}/amphora-x64-haproxy.qcow2"
+  tags:
+  - skip_ansible_lint
+- name: Change permission
+  file:
+    path: "{{ bootstrap_host_octavia_tmp }}/octavia/bin/create_certificates.sh"
+    mode: 0755
+- name: Generate certs
+  shell: "{{ bootstrap_host_octavia_tmp }}/octavia/bin/create_certificates.sh {{ bootstrap_host_octavia_tmp }}/certs {{ bootstrap_host_octavia_tmp }}/octavia/etc/certificates/openssl.cnf"
+  args:
+    creates: "{{ bootstrap_host_octavia_tmp }}/certs/ca_01.pem"
+  tags:
+  - skip_ansible_lint
+- name: Fix certs/private directory access
+  file:
+    path: "{{ bootstrap_host_octavia_tmp }}/certs/private"
+    mode: 0755

tests/roles/bootstrap-host/templates/osa_interfaces.cfg.j2

@@ -77,6 +77,26 @@ iface br-dbaas inet static
     bridge_ports br-dbaas-veth
 
 {% endif %}
+{% if bootstrap_host_scenario in ["translations", "octavia"] %}
+auto br-lbaas
+iface br-lbaas inet static
+    bridge_stp off
+    bridge_waitport 0
+    bridge_fd 0
+    address 172.29.252.100
+    netmask 255.255.252.0
+    offload-sg off
+    # Create veth pair, don't bomb if already exists
+    pre-up ip link add br-lbaas-veth type veth peer name eth14 || true
+    # Set both ends UP
+    pre-up ip link set br-lbaas-veth up
+    pre-up ip link set eth14 up
+    # Delete veth pair on DOWN
+    post-down ip link del br-lbaas-veth || true
+    bridge_ports br-lbaas-veth
+
+{% endif %}
+
 # Add an additional address to br-vlan
 iface br-vlan inet static
     # Flat network default gateway

tests/roles/bootstrap-host/templates/user_variables_octavia.yml.j2

@@ -0,0 +1,25 @@
+---
+# Copyright 2017, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Octavia specific stuff
+octavia_system_home_folder: {{ bootstrap_host_octavia_tmp }}
+neutron_lbaas_octavia: True
+octavia_amp_image_file_name: {{ bootstrap_host_octavia_tmp }}/amphora-x64-haproxy.qcow2
+octavia_amp_image_upload_enabled: True
+octavia_glance_image_tag:
+octavia_management_net_subnet_cidr: 172.29.252.0/22
+
+# make glance only use file
+glance_default_store: file