openstack/tripleo-heat-templates
Code Issues Proposed changes
0fba0ce39c
tripleo-heat-templates/deployment/neutron/neutron-sriov-agent-container-puppet.yaml
Saravanan KR ae7ab696d8 Revert "Reset sriov_numvfs to 0 before leapp upgrade" 
This reverts commit b3ec034649.

Reason for revert: The patch was introduced as a workaround
to fix the leapp issue reproduced in v0.10.0 which throws
exception when the interface is not found. But with the
recent version of the leapp package, the issue is not
reproducible. The leapp upgrade completes succesfully
even with VFs present. Though the actual leapp commit which
fixed the issue not traced, the issue is no more present.
This workaround can be removed from TripleO, so that
nic paritioning FFU can be supported.

This revert is required for nic paritioning FFU, because
resetting the VFs will hang, when one of the VF is bound
to the vfio-pci (DPDK) driver.

Change-Id: I5ab1d2925989fc3da62e6045e56a7bd017c8ec4c
(cherry picked from commit c4d75bc147)
2021-02-01 13:14:48 +00:00

224 lines
8.4 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
OpenStack Neutron SR-IOV service
parameters:
ContainerNeutronSriovImage:
description: The container image to use for the Neutron SR-IOV agent
type: string
ContainerNeutronConfigImage:
description: The container image to use for the neutron config_volume
type: string
DockerSRIOVUlimit:
default: ['nofile=16384']
description: ulimit for SR-IOV Container
type: comma_delimited_list
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
NeutronPhysicalDevMappings:
description: >
List of <physical_network>:<physical device>
All physical networks listed in network_vlan_ranges
on the server should have mappings to appropriate
interfaces on each agent.
Example "tenant0:ens2f0,tenant1:ens2f1"
type: comma_delimited_list
default: ""
tags:
- role_specific
NeutronExcludeDevices:
description: >
List of <network_device>:<excluded_devices> mapping
network_device to the agent's node-specific list of virtual functions
that should not be used for virtual networking. excluded_devices is a
semicolon separated list of virtual functions to exclude from
network_device. The network_device in the mapping should appear in the
physical_device_mappings list.
type: comma_delimited_list
default: ""
tags:
- role_specific
NeutronSriovAgentExtensions:
default: ""
description: >
Comma-separated list of extensions enabled for the Neutron SR-IOV agents.
type: comma_delimited_list
tags:
- role_specific
DerivePciWhitelistEnabled:
default: true
description: Whether to enable or not the pci passthrough whitelist automation.
type: boolean
tags:
- role_specific
NeutronSriovResourceProviderBandwidths:
description: >
Comma-separated list of <network_device>:<egress_bw>:<ingress_bw> tuples,
showing the available bandwidth for the given device in the given
direction. The direction is meant from VM perspective. Bandwidth is
measured in kilobits per second (kbps). The device must appear in
physical_device_mappings as the value.
type: comma_delimited_list
default: ""
tags:
- role_specific
conditions:
derive_pci_whitelist_enabled:
or:
- and:
- equals: [{get_param: DerivePciWhitelistEnabled}, true]
- equals: [{get_param: [RoleParameters, DerivePciWhitelistEnabled]}, '']
- equals: [{get_param: [RoleParameters, DerivePciWhitelistEnabled]}, true]
resources:
# Merging role-specific parameters (RoleParameters) with the default parameters.
# RoleParameters will have the precedence over the default parameters.
RoleParametersValue:
type: OS::Heat::Value
properties:
type: json
value:
map_replace:
- map_replace:
- neutron::agents::ml2::sriov::physical_device_mappings: NeutronPhysicalDevMappings
neutron::agents::ml2::sriov::exclude_devices: NeutronExcludeDevices
neutron::agents::ml2::sriov::extensions: NeutronSriovAgentExtensions
neutron::agents::ml2::sriov::resource_provider_bandwidths: NeutronSriovResourceProviderBandwidths
- values: {get_param: [RoleParameters]}
- values:
NeutronPhysicalDevMappings: {get_param: NeutronPhysicalDevMappings}
NeutronExcludeDevices: {get_param: NeutronExcludeDevices}
NeutronSriovAgentExtensions: {get_param: NeutronSriovAgentExtensions}
NeutronSriovResourceProviderBandwidths: {get_param: NeutronSriovResourceProviderBandwidths}
ContainersCommon:
type: ../containers-common.yaml
NeutronBase:
type: ./neutron-base.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
NeutronLogging:
type: OS::TripleO::Services::Logging::NeutronCommon
properties:
NeutronServiceName: sriov-nic-agent
outputs:
role_data:
description: Role data for Neutron sriov service
value:
service_name: neutron_sriov_agent
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- get_attr: [RoleParametersValue, value]
- get_attr: [NeutronLogging, config_settings]
puppet_config:
config_volume: neutron
puppet_tags: neutron_config,neutron_agent_sriov_numvfs,neutron_sriov_agent_config
step_config: |
include tripleo::profile::base::neutron::sriov
config_image: {get_param: ContainerNeutronConfigImage}
kolla_config:
/var/lib/kolla/config_files/neutron_sriov_agent.json:
command:
list_join:
- ' '
- - /usr/bin/neutron-sriov-nic-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/sriov_agent.ini --config-dir /etc/neutron/conf.d/common
- get_attr: [NeutronLogging, cmd_extra_args]
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
permissions:
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
docker_config:
step_4:
neutron_sriov_agent:
start_order: 10
image: {get_param: ContainerNeutronSriovImage}
net: host
pid: host
privileged: true
restart: always
healthcheck: {get_attr: [ContainersCommon, healthcheck_rpc_port]}
ulimit: {get_param: DockerSRIOVUlimit}
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- {get_attr: [NeutronLogging, volumes]}
-
- /var/lib/kolla/config_files/neutron_sriov_agent.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/neutron:/var/lib/kolla/config_files/src:ro
- /lib/modules:/lib/modules:ro
- /run:/run
- /sys/class/net:/sys/class/net:rw
environment:
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
host_prep_tasks:
list_concat:
- {get_attr: [NeutronLogging, host_prep_tasks]}
- - name: enable virt_sandbox_use_netlink for healthcheck
seboolean:
name: virt_sandbox_use_netlink
persistent: yes
state: yes
-
if:
- derive_pci_whitelist_enabled
- - name: "creating directory"
file:
state: directory
path: /var/lib/pci_passthrough_whitelist_scripts
owner: root
group: root
mode: 0750
- name: derive pci passthrough whitelist
copy:
src: /usr/share/openstack-tripleo-heat-templates/deployment/neutron/derive_pci_passthrough_whitelist.py
dest: /var/lib/pci_passthrough_whitelist_scripts/derive_pci_passthrough_whitelist.py
mode: 0700
- name: run derive_pci_passthrough_whitelist.py
command: /var/lib/pci_passthrough_whitelist_scripts/derive_pci_passthrough_whitelist.py
- []
metadata_settings:
get_attr: [NeutronBase, role_data, metadata_settings]
upgrade_tasks: []
View Git Blame Copy Permalink