Merge "use os_net_config Ansible module to configure networking"

2020-09-22 18:36:27 +00:00 · 2020-09-22 18:36:27 +00:00 · b918441bbd
commit b918441bbd
parent 85100b8bfc 2d1e769456
8 changed files with 42 additions and 128 deletions
--- a/ci/common/net-config-multinode.yaml
+++ b/ci/common/net-config-multinode.yaml
@ -187,20 +187,20 @@ resources:
      group: script
      config:
        str_replace:
-          template: |
+          template:
-            #!/bin/bash
+            get_file: ../../network/scripts/run-os-net-config.sh
            if ! ip addr show dev $bridge_name | grep CONTROLPLANEIP/CONTROLPLANESUBNETCIDR; then
                ip addr add CONTROLPLANEIP/CONTROLPLANESUBNETCIDR dev $bridge_name
            fi
          params:
-            CONTROLPLANEIP: {get_param: ControlPlaneIp}
+            $network_config:
-            CONTROLPLANESUBNETCIDR: {get_param: ControlPlaneSubnetCidr}
+              network_config:
-      inputs:
+              - type: ovs_bridge
-        -
+                name: br-ex
-          name: bridge_name
+                use_dhcp: false
-          default: br-ex
+                addresses:
-          description: bridge-name
+                - ip_netmask:
-          type: String
+                    list_join:
                    - /
                    - - get_param: ControlPlaneIp
                      - get_param: ControlPlaneSubnetCidr
 outputs:
  OS::stack_id:
--- a/common/deploy-steps.j2
+++ b/common/deploy-steps.j2
@ -142,6 +142,10 @@ parameters:
      set to UPGRADE when a major-version upgrade is in progress.
    constraints:
    - allowed_values: ['CREATE', 'UPDATE']
  NetworkSafeDefaults:
    default: true
    description: Allow to enable/disable safe networking defaults if os-net-config would fail to run with the provided config.
    type: boolean
  DeployArtifactURLs:
    default: []
    description: A list of HTTP URLs containing deployment artifacts.
@ -363,6 +367,7 @@ outputs:
        validate_fqdn: {get_param: ValidateFqdn}
        ping_test_ips: {get_param: PingTestIpsMap}
        stack_action: {get_param: StackAction}
        network_safe_defaults: {get_param: NetworkSafeDefaults}
        deploy_artifact_urls: {get_param: DeployArtifactURLs}
        hosts_entry: {get_param: HostsEntry}
        primary_role_name: {{ primary_role_name }}
@ -561,12 +566,13 @@ outputs:
                    name: tripleo_network_config
                  vars:
                    tripleo_network_config_script_path: "{{ NetworkConfig_stat.stat.path }}"
                    tripleo_network_config_bridge_name: "{{ neutron_physical_bridge_name }}"
                    tripleo_network_config_interface_name: "{{ neutron_public_interface_name }}"
                    tripleo_network_config_action: "{{ stack_action }}"
                    tripleo_network_config_network_deployment_actions: "{{ network_deployment_actions }}"
                    tripleo_network_config_async_timeout: "{{ async_timeout | default(300) }}"
                    tripleo_network_config_async_poll: "{{ async_poll | default(3) }}"
                    tripleo_network_config_hide_sensitive_logs: false
                    tripleo_network_config_legacy_script: false
                    tripleo_network_config_safe_defaults: "{{ network_safe_defaults }}|bool"
                  when:
                    - NetworkConfig_stat.stat.exists
                - name: Basic Network Validation
--- a/environments/standalone/standalone-tripleo.yaml
+++ b/environments/standalone/standalone-tripleo.yaml
@ -36,6 +36,10 @@ parameter_defaults:
  # Type: boolean
  EnablePackageInstall: True
  # Allow to enable/disable safe networking defaults if os-net-config would fail to run with the provided config.
  # Type: boolean
  NetworkSafeDefaults: True
  # NTP servers list. Defaulted to a set of pool.ntp.org servers in order to have a sane default for Pacemaker deployments when not configuring this parameter by default.
  # Type: comma_delimited_list
  NtpServer: ['0.pool.ntp.org', '1.pool.ntp.org', '2.pool.ntp.org', '3.pool.ntp.org']
--- a/environments/undercloud.yaml
+++ b/environments/undercloud.yaml
@ -189,3 +189,4 @@ parameter_defaults:
    mysqld:
      connect_timeout: 60
  SshFirewallAllowAll: true
  NetworkSafeDefaults: false
--- a/net-config-standalone.j2.yaml
+++ b/net-config-standalone.j2.yaml
@ -85,6 +85,10 @@ parameters:
  DeployedServerPortMap:
    default: {}
    type: json
  NeutronPublicInterface:
    default: nic1
    description: Which interface to add to the NeutronPhysicalBridge.
    type: string
 conditions:
  standalone_net_config_override:
@ -150,7 +154,7 @@ resources:
                  routes: {get_param: ControlPlaneStaticRoutes}
                  members:
                  - type: interface
-                    name: interface_name
+                    name: {get_param: NeutronPublicInterface}
                    # force the MAC address of the bridge to this interface
                    primary: true
                    mtu: {get_param: InterfaceLocalMtu}
--- a/net-config-undercloud.j2.yaml
+++ b/net-config-undercloud.j2.yaml
@ -81,6 +81,10 @@ parameters:
  DeployedServerPortMap:
    default: {}
    type: json
  NeutronPublicInterface:
    default: nic1
    description: Which interface to add to the NeutronPhysicalBridge.
    type: string
 conditions:
  undercloud_net_config_override:
@ -145,7 +149,7 @@ resources:
                  routes: {get_param: ControlPlaneStaticRoutes}
                  members:
                  - type: interface
-                    name: interface_name
+                    name: {get_param: NeutronPublicInterface}
                    # force the MAC address of the bridge to this interface
                    primary: true
                    mtu: {get_param: UndercloudLocalMtu}
--- a/network/scripts/run-os-net-config.sh
+++ b/network/scripts/run-os-net-config.sh
@ -1,111 +1 @@
-#!/bin/bash
+$network_config
 # The following environment variables may be set to substitute in a
 # custom bridge or interface name.  Normally these are provided by the calling
 # SoftwareConfig resource, but they may also be set manually for testing.
 # $bridge_name : The bridge device name to apply
 # $interface_name : The interface name to apply
 #
 # Also this token is replaced via a str_replace in the SoftwareConfig running
 # the script - in future we may extend this to also work with a variable, e.g
 # a deployment input via input_values
 # $network_config : the json serialized os-net-config config to apply
 #
 set -eux
 function configure_safe_defaults() {
 [[ $? == 0 ]] && return 0
 cat > /etc/os-net-config/dhcp_all_interfaces.yaml <<EOF_CAT
 # This file is an autogenerated safe defaults file for os-net-config
 # which runs DHCP on all discovered interfaces to ensure connectivity
 # back to the undercloud for updates
 network_config:
 EOF_CAT
    for iface in $(ls /sys/class/net | grep -v -e ^lo$ -e ^vnet$); do
        local mac_addr_type="$(cat /sys/class/net/${iface}/addr_assign_type)"
        local vf_parent="/sys/class/net/${iface}/device/physfn"
        if [ "$mac_addr_type" != "0" ]; then
            echo "Device has generated MAC, skipping."
        elif [[ -d $vf_parent ]]; then
            echo "Device (${iface}) is a SR-IOV VF, skipping."
        else
            HAS_LINK="$(cat /sys/class/net/${iface}/carrier || echo 0)"
            TRIES=10
            while [ "$HAS_LINK" == "0" -a $TRIES -gt 0 ]; do
                # Need to set the link up on each iteration
                ip link set dev $iface up &>/dev/null
                HAS_LINK="$(cat /sys/class/net/${iface}/carrier || echo 0)"
                if [ "$HAS_LINK" == "1" ]; then
                    break
                else
                    sleep 1
                fi
                TRIES=$(( TRIES - 1 ))
            done
            if [ "$HAS_LINK" == "1" ] ; then
 cat >> /etc/os-net-config/dhcp_all_interfaces.yaml <<EOF_CAT
  -
    type: interface
    name: $iface
    use_dhcp: true
 EOF_CAT
            fi
        fi
    done
    set +e
    os-net-config -c /etc/os-net-config/dhcp_all_interfaces.yaml -v --detailed-exit-codes --cleanup
    RETVAL=$?
    set -e
    if [[ $RETVAL != 2 || $RETVAL != 0 ]]; then
        echo "ERROR: configuration of safe defaults failed."
    fi
 }
 if [ -n '$network_config' ]; then
    if [ -z "${disable_configure_safe_defaults:-}" ]; then
        trap configure_safe_defaults EXIT
    fi
    # Backup the old /etc/os-net-config/config.json, if it exists
    DATETIME=`date +"%Y-%m-%dT%H:%M:%S"`
    if [ -f /etc/os-net-config/config.json ]; then
        mv /etc/os-net-config/config.json /etc/os-net-config/config.json.$DATETIME
    fi
    mkdir -p /etc/os-net-config
    # Note these variables come from the calling heat SoftwareConfig
    echo '$network_config' > /etc/os-net-config/config.json
    sed -i "s/: \"bridge_name/: \"${bridge_name:-''}/g" /etc/os-net-config/config.json
    sed -i "s/interface_name/${interface_name:-''}/g" /etc/os-net-config/config.json
    set +e
    os-net-config -c /etc/os-net-config/config.json -v --detailed-exit-codes
    RETVAL=$?
    set -e
    if [[ $RETVAL == 2 ]]; then
        #NOTE: dprince this udev rule can apparently leak DHCP processes?
        # https://bugs.launchpad.net/tripleo/+bug/1538259
        # until we discover the root cause we can simply disable the
        # rule because networking has already been configured at this point
        if [ -f /etc/udev/rules.d/99-dhcp-all-interfaces.rules ]; then
            rm /etc/udev/rules.d/99-dhcp-all-interfaces.rules
        fi
    elif [[ $RETVAL != 0 ]]; then
        echo "ERROR: os-net-config configuration failed." >&2
        exit 1
    fi
    # Remove files used by os-apply-config for old style configs
    if [ -f /usr/libexec/os-apply-config/templates/etc/os-net-config/config.json ]; then
        mv /usr/libexec/os-apply-config/templates/etc/os-net-config/config.json /usr/libexec/os-apply-config/templates/etc/os-net-config/config.json.$DATETIME
    fi
    if [ -f /usr/libexec/os-apply-config/templates/etc/os-net-config/element_config.json ]; then
        mv /usr/libexec/os-apply-config/templates/etc/os-net-config/element_config.json /usr/libexec/os-apply-config/templates/etc/os-net-config/element_config.json.$DATETIME
    fi
 fi
--- a/sample-env-generator/standalone.yaml
+++ b/sample-env-generator/standalone.yaml
@ -46,6 +46,7 @@ environments:
      sample-env-generator/standalone.yaml:
        parameters:
          - AddVipsToEtcHosts
          - NetworkSafeDefaults
    sample_values:
      StackAction: CREATE
      SoftwareConfigTransport: POLL_SERVER_HEAT
@ -280,3 +281,7 @@ parameters:
    description: >
      Set to true to append per network Vips to /etc/hosts on each node.
    type: string
  NetworkSafeDefaults:
    default: true
    description: Allow to enable/disable safe networking defaults if os-net-config would fail to run with the provided config.
    type: boolean