openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Deploy standalone ironic and neutron in undercloud 

This makes the following changes:

- Create cloud.yaml for undercloud with standalone services
- Remove keystone and memcached from the undercloud

Change-Id: I741123dcbf4544845b40e253d8b42d868317cc03
changes/12/794912/23
ramishra 2021-06-05 09:42:03 +05:30 committed by rabi
parent 6a8fb43edc
commit c293dfc7b1
7 changed files with 79 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
deployment/ironic/ironic-conductor-container-puppet.yaml
View File

@ -504,8 +504,6 @@ outputs:
ironic::swift::user_domain_name: 'Default'
ironic::swift::project_domain_name: 'Default'
ironic::swift::region_name: {get_param: KeystoneRegion}
# ironic-inspector support is not implemented, but let's configure
# the credentials for consistency.
ironic::drivers::inspector::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
ironic::drivers::inspector::username: 'ironic'
ironic::drivers::inspector::password: {get_param: IronicPassword}
@ -537,6 +535,12 @@ outputs:
- auth_strategy_noauth
- 'none'
- {get_param: IronicAuthStrategy}
ironic::drivers::inspector::auth_type:
if:
- auth_strategy_noauth
- none
- {get_param: IronicAuthStrategy}
ironic::drivers::inspector::endpoint_override: {get_param: [EndpointMap, IronicInspectorInternal, uri_no_suffix]}
ironic::service_catalog::endpoint_override: {get_param: [EndpointMap, IronicInternal, uri_no_suffix]}
service_config_settings: {}
# BEGIN DOCKER SETTINGS

1
deployment/ironic/ironic-inspector-container-puppet.yaml
View File

@ -569,6 +569,7 @@ outputs:
template: |
admin:{{'$ADMIN_PASSWORD' | password_hash('bcrypt')}}
ironic-inspector:{{'$IRONIC_PASSWORD' | password_hash('bcrypt')}}
ironic:{{'$IRONIC_PASSWORD' | password_hash('bcrypt')}}
params:
$ADMIN_PASSWORD: {get_param: AdminPassword}
$IRONIC_PASSWORD: {get_param: IronicPassword}

6
deployment/neutron/neutron-api-container-puppet.yaml
View File

@ -205,6 +205,10 @@ parameters:
description: |
Seconds to regard the agent as down; should be at least twice
NeutronGlobalReportInterval, to be sure the agent is down for good.
IronicPassword:
description: The password for the Ironic service and db account, used by the Ironic services
type: string
hidden: true
parameter_groups:
- label: deprecated
@ -574,9 +578,11 @@ outputs:
template: |
admin:{{'$ADMIN_PASSWORD' | password_hash('bcrypt')}}
neutron:{{'$NEUTRON_PASSWORD' | password_hash('bcrypt')}}
ironic:{{'$IRONIC_PASSWORD' | password_hash('bcrypt')}}
params:
$ADMIN_PASSWORD: {get_param: AdminPassword}
$NEUTRON_PASSWORD: {get_param: NeutronPassword}
$IRONIC_PASSWORD: {get_param: IronicPassword}
when: is_http_basic | bool
metadata_settings:
list_concat:

11
environments/undercloud.yaml
View File

@ -15,9 +15,11 @@ resource_registry:
OS::TripleO::Services::NeutronMl2PluginBase: ../deployment/neutron/neutron-plugin-ml2.yaml
OS::TripleO::Services::OpenStackClients: ../deployment/clients/openstack-clients-baremetal-ansible.yaml
OS::TripleO::Services::HeatEphemeral: ../deployment/heat/heat-ephemeral-container-ansible.yaml
# Disable keystone by default
OS::TripleO::Services::Keystone: OS::Heat::None
OS::TripleO::Services::Memcached: OS::Heat::None
# services we disable by default on the undercloud
OS::TripleO::Services::AodhApi: OS::Heat::None
OS::TripleO::Services::AodhEvaluator: OS::Heat::None
@ -74,11 +76,6 @@ parameter_defaults:
# ensure we enable ip_forward before docker gets run
KernelIpForward: 1
KernelIpNonLocalBind: 1
KeystoneCorsAllowedOrigin: '*'
KeystoneEnableMember: true
# Increase the Token expiration time until we fix the actual session bug:
# https://bugs.launchpad.net/tripleo/+bug/1761050
TokenExpiration: 14400
EnablePackageInstall: true
StackAction: CREATE
NetworkDeploymentActions: ['CREATE','UPDATE']
@ -182,3 +179,5 @@ parameter_defaults:
SshFirewallAllowAll: true
NetworkSafeDefaults: false
IronicRpcTransport: 'json-rpc'
IronicAuthStrategy: http_basic
NeutronAuthStrategy: http_basic

54
extraconfig/post_deploy/undercloud_post.py
View File

@ -14,7 +14,10 @@
import json
import openstack
import os
from pathlib import Path
import shutil
import subprocess
import yaml
CONF = json.loads(os.environ['config'])
@ -77,6 +80,52 @@ def _configure_nova(sdk):
print('INFO: Undercloud Post - Nova configuration completed successfully.')
def create_update_clouds_yaml():
"""Disable nova quotas"""
clouds_yaml_dir = '/etc/openstack'
clouds_yaml = os.path.join(clouds_yaml_dir, 'clouds.yaml')
cloud_name = CONF.get('cloud_name', 'undercloud')
Path(clouds_yaml_dir).mkdir(parents=True, exist_ok=True)
usr_clouds_yaml_dir = os.path.join(CONF['home_dir'], '.config/openstack')
usr_clouds_yaml = os.path.join(usr_clouds_yaml_dir, 'clouds.yaml')
Path(usr_clouds_yaml_dir).mkdir(parents=True, exist_ok=True)
data = {}
if os.path.exists(clouds_yaml):
with open(clouds_yaml, 'r') as fs:
data = yaml.safe_load(fs)
if 'clouds' not in data:
data['clouds'] = {}
data['clouds'][cloud_name] = {}
config = {}
config['auth_type'] = 'http_basic'
config['auth'] = {}
config['auth']['username'] = 'admin'
config['auth']['password'] = CONF.get('admin_password', 'admin')
config['baremetal_endpoint_override'] = CONF.get(
'endpoints', {}).get('baremetal', 'https://192.168.24.2:13385/')
config['network_endpoint_override'] = CONF.get(
'endpoints', {}).get('network', 'https://192.168.24.2:13696/')
config['baremetal_introspection_endpoint_override'] = CONF.get(
'endpoints', {}).get(
'baremetal_introspection', 'https://192.168.24.2:13696/')
config['baremetal_api_version'] = '1'
config['network_api_version'] = '2'
data['clouds'][cloud_name] = config
with open(clouds_yaml, 'w') as fs:
fs.write(yaml.dump(data, default_flow_style=False))
shutil.copyfile(clouds_yaml, usr_clouds_yaml)
stat_info = os.stat(CONF['home_dir'])
os.chown(usr_clouds_yaml_dir, stat_info.st_uid, stat_info.st_gid)
os.chown(usr_clouds_yaml, stat_info.st_uid, stat_info.st_gid)
def _create_default_keypair(sdk):
"""Set up a default keypair."""
ssh_dir = os.path.join(CONF['home_dir'], '.ssh')
@ -88,6 +137,11 @@ def _create_default_keypair(sdk):
public_key=pub_key_file.read())
keystone_enabled = 'true' in _run_command(
['hiera', 'keystone_enabled']).lower()
if not keystone_enabled:
create_update_clouds_yaml()
nova_api_enabled = 'true' in _run_command(
['hiera', 'nova_api_enabled']).lower()

1
extraconfig/post_deploy/undercloud_post.sh
View File

@ -3,6 +3,7 @@ set -eux
HOMEDIR="$homedir"
CLOUD_NAME="$cloud_name"
USERNAME=`ls -ld $HOMEDIR | awk {'print $3'}`
GROUPNAME=`ls -ld $HOMEDIR | awk {'print $4'}`

7
extraconfig/post_deploy/undercloud_post.yaml
View File

@ -159,6 +159,11 @@ resources:
JSON:
cloud_name: {get_param: UndercloudCloudName}
home_dir: {get_param: UndercloudHomeDir}
admin_password: {get_param: AdminPassword}
endpoints:
baremetal: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]}
network: {get_param: [EndpointMap, NeutronPublic, uri_no_suffix]}
baremetal_introspection: {get_param: [EndpointMap, IronicInspectorPublic, uri_no_suffix]}
UndercloudCtlplaneNetworkConfig:
type: OS::Heat::SoftwareConfig
@ -170,7 +175,7 @@ resources:
UndercloudCtlplaneNetworkDeployment:
type: OS::Heat::SoftwareDeploymentGroup
depends_on: UndercloudPostDeployment
depends_on: UndercloudPostPyDeployment
properties:
name: UndercloudCtlplaneNetworkDeployment
servers: {get_param: servers}