From 293bbb1a3c76230515b9eb4e1165a87c65452359 Mon Sep 17 00:00:00 2001 From: Harald Jensas Date: Fri, 16 Feb 2018 19:26:23 +0100 Subject: [PATCH] Add Ironic Networking Baremetal Templates Ironic neutron agent will be installed on controller nodes, or networker nodes, when environments/services/ironic.yaml or environments/services-docker/ironic.yaml is used. NOTE: This is different from the original patch. Instead of enabling the service by default when ironic is deployed, the resource registry entry to enable it is commented. Users would have to uncomment the entry to actually enable the service, and add the service to a custom role defenition. Depends-On: I12c36754f8da8dfb8d428ad749afca4b294ec4c4 Depends-On: Ic1f44414e187393d35e1382a42d384760d5757ef Depends-On: I3c40f84052a41ed440758b971975c5c81ace4225 Change-Id: I0b4ef83a5383ff9726f6d69e0394fc544c381a7e (cherry picked from commit 5203e4397905d9d62ab2487b2fc5873937d8db42) --- docker/services/ironic-neutron-agent.yaml | 122 ++++++++++++++++++ environments/services-baremetal/ironic.yaml | 2 + environments/services-docker/ironic.yaml | 2 + environments/services/ironic.yaml | 2 + overcloud-resource-registry-puppet.j2.yaml | 1 + puppet/services/ironic-neutron-agent.yaml | 87 +++++++++++++ ...networking-baremetal-29d9ad465565bb87.yaml | 4 + 7 files changed, 220 insertions(+) create mode 100644 docker/services/ironic-neutron-agent.yaml create mode 100644 puppet/services/ironic-neutron-agent.yaml create mode 100644 releasenotes/notes/ironic-networking-baremetal-29d9ad465565bb87.yaml diff --git a/docker/services/ironic-neutron-agent.yaml b/docker/services/ironic-neutron-agent.yaml new file mode 100644 index 0000000000..98a024d05c --- /dev/null +++ b/docker/services/ironic-neutron-agent.yaml @@ -0,0 +1,122 @@ +heat_template_version: queens + +description: > + OpenStack ironic-neutron-agent service + +parameters: + DockerIronicNeutronAgentImage: + description: The container image to use for the ironic-neutron-agent + type: string + DockerNeutronConfigImage: + description: The container image to use for the neutron config_volume + type: string + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +resources: + + ContainersCommon: + type: ./containers-common.yaml + + IronicNeutronAgentBase: + type: ../../puppet/services/ironic-neutron-agent.yaml + properties: + EndpointMap: {get_param: EndpointMap} + ServiceData: {get_param: ServiceData} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + + NeutronLogging: + type: OS::TripleO::Services::Logging::NeutronCommon + properties: + NeutronServiceName: ironic-neutron-agent + +outputs: + role_data: + description: Role data for ironic-neutron-agent service + value: + service_name: {get_attr: [IronicNeutronAgentBase, role_data, service_name]} + config_settings: + map_merge: + - get_attr: [IronicNeutronAgentBase, role_data, config_settings] + - get_attr: [NeutronLogging, config_settings] + puppet_config: + config_volume: neutron + puppet_tags: neutron_config,ironic_neutron_agent_config + step_config: + get_attr: [IronicNeutronAgentBase, role_data, step_config] + config_image: {get_param: DockerNeutronConfigImage} + kolla_config: + /var/lib/kolla/config_files/ironic_neutron_agent.json: + command: /usr/bin/ironic-neutron-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ironic_neutron_agent.ini --config-dir /etc/neutron/conf.d/common + config_files: + - source: "/var/lib/kolla/config_files/src/*" + dest: "/" + merge: true + preserve_properties: true + permissions: + - path: /var/log/neutron + owner: neutron:neutron + recurse: true + docker_config: + step_4: + ironic_neutron_agent: + start_order: 80 + image: {get_param: DockerIronicNeutronAgentImage} + net: host + pid: host + privileged: true + restart: always + volumes: + list_concat: + - {get_attr: [ContainersCommon, volumes]} + - {get_attr: [NeutronLogging, volumes]} + - + - /var/lib/kolla/config_files/ironic_neutron_agent.json:/var/lib/kolla/config_files/config.json:ro + - /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro + environment: + - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS + host_prep_tasks: {get_attr: [NeutronLogging, host_prep_tasks]} + upgrade_tasks: + - name: Check if ironic-neutron-agent is deployed + command: systemctl is-enabled --quiet ironic-neutron-agent + tags: common + ignore_errors: True + register: ironic_neutron_agent_enabled + - name: "PreUpgrade step0,validation: Check service ironic-neutron-agent is running" + command: systemctl is-active --quiet ironic-neutron-agent + when: + - step|int == 0 + - ironic_neutron_agent_enabled.rc == 0 + tags: validation + - name: Stop and disable ironic-neutron-agent service + when: + - step|int == 2 + - ironic_neutron_agent_enabled.rc == 0 + service: name=ironic-neutron-agent state=stopped enabled=no diff --git a/environments/services-baremetal/ironic.yaml b/environments/services-baremetal/ironic.yaml index b81b02698a..074127b31d 100644 --- a/environments/services-baremetal/ironic.yaml +++ b/environments/services-baremetal/ironic.yaml @@ -2,5 +2,7 @@ resource_registry: OS::TripleO::Services::IronicApi: ../../puppet/services/ironic-api.yaml OS::TripleO::Services::IronicConductor: ../../puppet/services/ironic-conductor.yaml OS::TripleO::Services::NovaIronic: ../../puppet/services/nova-ironic.yaml + # Uncomment this line to enable the ironic-neutron-agent - Required for routed provider networks + # OS::TripleO::Services::IronicNeutronAgent: ../../puppet/services/ironic-neutron-agent.yaml parameter_defaults: NovaSchedulerDiscoverHostsInCellsInterval: 15 diff --git a/environments/services-docker/ironic.yaml b/environments/services-docker/ironic.yaml index e927ecb32f..776a1d7d38 100644 --- a/environments/services-docker/ironic.yaml +++ b/environments/services-docker/ironic.yaml @@ -3,3 +3,5 @@ resource_registry: OS::TripleO::Services::IronicConductor: ../../docker/services/ironic-conductor.yaml OS::TripleO::Services::IronicPxe: ../../docker/services/ironic-pxe.yaml OS::TripleO::Services::NovaIronic: ../../docker/services/nova-ironic.yaml + # Uncomment this line to enable the ironic-neutron-agent - Required for routed provider networks + # OS::TripleO::Services::IronicNeutronAgent: ../../docker/services/ironic-neutron-agent.yaml diff --git a/environments/services/ironic.yaml b/environments/services/ironic.yaml index e927ecb32f..776a1d7d38 100644 --- a/environments/services/ironic.yaml +++ b/environments/services/ironic.yaml @@ -3,3 +3,5 @@ resource_registry: OS::TripleO::Services::IronicConductor: ../../docker/services/ironic-conductor.yaml OS::TripleO::Services::IronicPxe: ../../docker/services/ironic-pxe.yaml OS::TripleO::Services::NovaIronic: ../../docker/services/nova-ironic.yaml + # Uncomment this line to enable the ironic-neutron-agent - Required for routed provider networks + # OS::TripleO::Services::IronicNeutronAgent: ../../docker/services/ironic-neutron-agent.yaml diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 586a8dc23a..63d37b1c62 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -302,6 +302,7 @@ resource_registry: OS::TripleO::Services::IronicConductor: OS::Heat::None OS::TripleO::Services::IronicInspector: OS::Heat::None OS::TripleO::Services::IronicPxe: OS::Heat::None + OS::TripleO::Services::IronicNeutronAgent: OS::Heat::None OS::TripleO::Services::NovaIronic: OS::Heat::None OS::TripleO::Services::TripleoPackages: puppet/services/tripleo-packages.yaml OS::TripleO::Services::TripleoFirewall: puppet/services/tripleo-firewall.yaml diff --git a/puppet/services/ironic-neutron-agent.yaml b/puppet/services/ironic-neutron-agent.yaml new file mode 100644 index 0000000000..01cf40a0f9 --- /dev/null +++ b/puppet/services/ironic-neutron-agent.yaml @@ -0,0 +1,87 @@ +heat_template_version: queens + +description: > + OpenStack ironic-neutron-agent configured with Puppet + +parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + IronicPassword: + description: The password for the Ironic service and db account, used by the Ironic services + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + +resources: + + NeutronBase: + type: ./neutron-base.yaml + properties: + ServiceData: {get_param: ServiceData} + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} + +outputs: + role_data: + description: Role data for the ironic-neutron-agent service. + value: + service_name: ironic_neutron_agent + config_settings: + map_merge: + - get_attr: [NeutronBase, role_data, config_settings] + - neutron::agents::ml2::networking_baremetal::user: 'ironic' + - neutron::agents::ml2::networking_baremetal::password: {get_param: IronicPassword} + - neutron::agents::ml2::networking_baremetal::auth_url: { get_param: [ EndpointMap, KeystoneInternal, uri_no_suffix ] } + - neutron::agents::ml2::networking_baremetal::project_name: 'service' + - neutron::agents::ml2::networking_baremetal::user_domain_name: 'Default' + - neutron::agents::ml2::networking_baremetal::project_domain_name: 'Default' + - neutron::agents::ml2::networking_baremetal::region_name: {get_param: KeystoneRegion} + step_config: | + include tripleo::profile::base::neutron::agents::networking_baremetal + upgrade_tasks: + - name: Check if ironic-neutron-agent is deployed + command: systemctl is-enabled ironic-neutron-agent + tags: common + ignore_errors: True + register: ironic_neutron_agent_enabled + - name: "PreUpgrade step0,validation: Check service ironic-neutron-agent is running" + shell: /usr/bin/systemctl show 'ironic-neutron-agent' --property ActiveState | grep '\bactive\b' + when: + - step|int == 0 + - ironic_neutron_agent_enabled.rc == 0 + tags: validation + - name: Stop ironic-neutron-agent service + when: + - step|int == 1 + - ironic_neutron_agent_enabled.rc == 0 + service: name=ironic-neutron-agent state=stopped diff --git a/releasenotes/notes/ironic-networking-baremetal-29d9ad465565bb87.yaml b/releasenotes/notes/ironic-networking-baremetal-29d9ad465565bb87.yaml new file mode 100644 index 0000000000..2604ad6f90 --- /dev/null +++ b/releasenotes/notes/ironic-networking-baremetal-29d9ad465565bb87.yaml @@ -0,0 +1,4 @@ +--- +features: + - Adds support for Ironic Networking Baremetal. Networking Baremetal + is used to integrate the Bare Metal service with the Networking service.