Zero Touch Provisioning changes for subcloud configuration
- Adding support for subcloud configuration to bootstrap playbook Depends-On: https://review.opendev.org/#/c/669980/ Change-Id: Id438609951b3a9e11017cfdc2432fc8617ed0f70 Story: 2004766 Task: 35756 Signed-off-by: Tyler Smith <tyler.smith@windriver.com>
This commit is contained in:
Tyler Smith
parent
93cd5b250a
commit
4c92285446
|
|
@ -2,7 +2,9 @@
|
|||
# SYSTEM PROPERTIES
|
||||
# =================
|
||||
system_mode: simplex
|
||||
# configure distributed cloud role, valid values are 'none' and 'systemcontroller'
|
||||
# configure distributed cloud role, valid values are 'none', 'systemcontroller',
|
||||
# and 'subcloud'. However subclouds are automatically provisioned during their
|
||||
# creation in dcmanager and are not meant to be configured manually by the user.
|
||||
distributed_cloud_role: none
|
||||
timezone: UTC
|
||||
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ except ImportError:
|
|||
|
||||
|
||||
COMBINED_LOAD = 'All-in-one'
|
||||
SUBCLOUD_ROLE = 'subcloud'
|
||||
RECONFIGURE_SYSTEM = False
|
||||
RECONFIGURE_NETWORK = False
|
||||
RECONFIGURE_SERVICE = False
|
||||
|
|
@ -47,6 +48,11 @@ def touch(fname):
|
|||
os.utime(fname, None)
|
||||
|
||||
|
||||
def is_subcloud():
|
||||
cloud_role = CONF.get('BOOTSTRAP_CONFIG', 'DISTRIBUTED_CLOUD_ROLE', None)
|
||||
return cloud_role == SUBCLOUD_ROLE
|
||||
|
||||
|
||||
def wait_system_config(client):
|
||||
for _ in range(constants.SYSTEM_CONFIG_TIMEOUT):
|
||||
try:
|
||||
|
|
@ -83,6 +89,11 @@ def populate_system_config(client):
|
|||
dc_role = CONF.get('BOOTSTRAP_CONFIG', 'DISTRIBUTED_CLOUD_ROLE')
|
||||
if dc_role == 'none':
|
||||
dc_role = None
|
||||
|
||||
if is_subcloud():
|
||||
capabilities.update({'shared_services': "['identity', ]",
|
||||
'region_config': True})
|
||||
|
||||
values = {
|
||||
'system_mode': CONF.get('BOOTSTRAP_CONFIG', 'SYSTEM_MODE'),
|
||||
'capabilities': capabilities,
|
||||
|
|
@ -92,6 +103,12 @@ def populate_system_config(client):
|
|||
'distributed_cloud_role': dc_role
|
||||
}
|
||||
|
||||
if is_subcloud():
|
||||
values.update(
|
||||
{'region_name': CONF.get('BOOTSTRAP_CONFIG', 'REGION_NAME'),
|
||||
'name': CONF.get('BOOTSTRAP_CONFIG', 'REGION_NAME')}
|
||||
)
|
||||
|
||||
if INITIAL_POPULATION:
|
||||
values.update(
|
||||
{'system_type': CONF.get('BOOTSTRAP_CONFIG', 'SYSTEM_TYPE')}
|
||||
|
|
@ -376,6 +393,38 @@ def populate_cluster_host_network(client):
|
|||
create_network(client, values, network_name)
|
||||
|
||||
|
||||
def populate_system_controller_network(client):
|
||||
system_controller_subnet = IPNetwork(CONF.get(
|
||||
'BOOTSTRAP_CONFIG', 'SYSTEM_CONTROLLER_SUBNET'))
|
||||
system_controller_floating_ip = CONF.get(
|
||||
'BOOTSTRAP_CONFIG', 'SYSTEM_CONTROLLER_FLOATING_ADDRESS')
|
||||
network_name = 'system-controller'
|
||||
|
||||
if RECONFIGURE_NETWORK:
|
||||
delete_network_and_addrpool(client, 'system-controller')
|
||||
print("Updating system controller network...")
|
||||
else:
|
||||
print("Populating system controller network...")
|
||||
|
||||
# create the address pool
|
||||
values = {
|
||||
'name': 'system-controller-subnet',
|
||||
'network': str(system_controller_subnet.network),
|
||||
'prefix': system_controller_subnet.prefixlen,
|
||||
'floating_address': str(system_controller_floating_ip),
|
||||
}
|
||||
pool = create_addrpool(client, values, network_name)
|
||||
|
||||
# create the network for the pool
|
||||
values = {
|
||||
'type': sysinv_constants.NETWORK_TYPE_SYSTEM_CONTROLLER,
|
||||
'name': sysinv_constants.NETWORK_TYPE_SYSTEM_CONTROLLER,
|
||||
'dynamic': False,
|
||||
'pool_uuid': pool.uuid,
|
||||
}
|
||||
create_network(client, values, network_name)
|
||||
|
||||
|
||||
def populate_cluster_pod_network(client):
|
||||
cluster_pod_subnet = IPNetwork(CONF.get(
|
||||
'BOOTSTRAP_CONFIG', 'CLUSTER_POD_SUBNET'))
|
||||
|
|
@ -454,6 +503,8 @@ def populate_network_config(client):
|
|||
populate_cluster_host_network(client)
|
||||
populate_cluster_pod_network(client)
|
||||
populate_cluster_service_network(client)
|
||||
if is_subcloud():
|
||||
populate_system_controller_network(client)
|
||||
print("Network config completed.")
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -210,7 +210,7 @@
|
|||
path: /etc/platform/platform.conf
|
||||
line: "{{ item }}"
|
||||
with_items:
|
||||
- region_config=no
|
||||
- region_config={{ region_config }}
|
||||
- sw_version={{ software_version }}
|
||||
- vswitch_type=none
|
||||
|
||||
|
|
|
|||
|
|
@ -77,12 +77,12 @@
|
|||
|
||||
# If this is initial play or replay with management and/or oam network
|
||||
# config change, must wait for the keystone endpoint runtime manifest
|
||||
# to complete and restart sysinv agent and api.
|
||||
# to complete
|
||||
- name: Wait for service endpoints reconfiguration to complete
|
||||
wait_for:
|
||||
path: /etc/platform/.service_endpoint_reconfigured
|
||||
state: present
|
||||
timeout: 360
|
||||
timeout: 450
|
||||
msg: Timeout waiting for service endpoints reconfiguration to complete
|
||||
|
||||
- name: Wait for system controller database configuration to complete
|
||||
|
|
@ -93,6 +93,22 @@
|
|||
msg: Timeout waiting for system controller database configuration to complete
|
||||
when: distributed_cloud_role == 'systemcontroller'
|
||||
|
||||
- block:
|
||||
- name: Update sysinv with new region name
|
||||
replace:
|
||||
path: /etc/sysinv/sysinv.conf
|
||||
regexp: "region_name=.*$"
|
||||
replace: "region_name={{ region_name }}"
|
||||
|
||||
- name: Restart sysinv-agent and sysinv-api to pick up sysinv.conf update
|
||||
command: "{{ item }}"
|
||||
with_items:
|
||||
- /etc/init.d/sysinv-agent restart
|
||||
- /usr/lib/ocf/resource.d/platform/sysinv-api reload
|
||||
environment:
|
||||
OCF_ROOT: "/usr/lib/ocf"
|
||||
when: distributed_cloud_role == 'subcloud'
|
||||
|
||||
- name: Set flag to mark the initial db population completed milestone
|
||||
file:
|
||||
path: "{{ initial_db_populated_flag }}"
|
||||
|
|
|
|||
|
|
@ -5,3 +5,4 @@ minimum_root_disk_size: 240
|
|||
default_security_feature: "nopti nospectre_v2"
|
||||
temp_ssl_ca: /tmp/ca_cert.pem
|
||||
ssl_ca_complete_flag: /etc/platform/.ssl_ca_complete
|
||||
region_config: no
|
||||
|
|
|
|||
|
|
@ -134,3 +134,19 @@
|
|||
state: absent
|
||||
|
||||
when: mode == 'restore'
|
||||
|
||||
- block:
|
||||
- name: Store service passwords
|
||||
vars:
|
||||
script_content: |
|
||||
import keyring
|
||||
import os
|
||||
os.environ['XDG_DATA_HOME'] = '/tmp'
|
||||
keyring.set_password("{{ item.key }}", "services", "{{ item.value }}")
|
||||
del os.environ['XDG_DATA_HOME']
|
||||
shell: "{{ script_content }}"
|
||||
args:
|
||||
executable: /usr/bin/python
|
||||
no_log: true
|
||||
loop: "{{ users|dict2items }}"
|
||||
when: distributed_cloud_role == "subcloud"
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
---
|
||||
use_vault_credentials: false
|
||||
password_rules_file: /etc/keystone/password-rules.conf
|
||||
|
||||
# This is a dictionary of service users to be configured in the subcloud. It
|
||||
# is set automatically by dcmanager during the subcloud add operation
|
||||
users: { }
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
# ROLE DESCRIPTION:
|
||||
# This role is to validate amd save host (non secure) config.
|
||||
# This role is to validate and save host (non secure) config.
|
||||
#
|
||||
|
||||
- debug:
|
||||
|
|
@ -13,6 +13,7 @@
|
|||
- System mode is {{ system_mode }}
|
||||
- Timezone is {{ timezone }}
|
||||
- Distributed Cloud Role is {{ distributed_cloud_role }}
|
||||
- Region name is {{ region_name }}
|
||||
- DNS servers is {{ dns_servers }}
|
||||
- PXE boot subnet is {{ pxeboot_subnet }}
|
||||
- Management subnet is {{ management_subnet }}
|
||||
|
|
@ -53,10 +54,11 @@
|
|||
|
||||
- name: Validate distributed cloud role
|
||||
fail:
|
||||
msg: "Invalid distributed cloud role. Valid values are: none or systemcontroller."
|
||||
msg: "Invalid distributed cloud role. Valid values are: none, systemcontroller, or subcloud."
|
||||
when: >
|
||||
(distributed_cloud_role != 'none' and
|
||||
distributed_cloud_role != 'systemcontroller')
|
||||
distributed_cloud_role != 'systemcontroller' and
|
||||
distributed_cloud_role != 'subcloud')
|
||||
|
||||
- name: Validate system type if distributed cloud role is system controller
|
||||
fail:
|
||||
|
|
@ -505,6 +507,7 @@
|
|||
- "SYSTEM_MODE={{ system_mode }}"
|
||||
- "TIMEZONE={{ timezone }}"
|
||||
- "DISTRIBUTED_CLOUD_ROLE={{ distributed_cloud_role }}"
|
||||
- "REGION_NAME={{ region_name }}"
|
||||
- "SW_VERSION={{ software_version }}"
|
||||
- "NAMESERVERS={{ dns_servers| join(',') }}"
|
||||
- "PXEBOOT_SUBNET={{ pxeboot_subnet }}"
|
||||
|
|
@ -535,6 +538,8 @@
|
|||
- "MANAGEMENT_MULTICAST_SUBNET={{ management_multicast_subnet }}"
|
||||
- "MANAGEMENT_MULTICAST_START_ADDRESS={{ address_pairs['multicast']['start'] }}"
|
||||
- "MANAGEMENT_MULTICAST_END_ADDRESS={{ address_pairs['multicast']['end'] }}"
|
||||
- "SYSTEM_CONTROLLER_SUBNET={{ system_controller_subnet }}"
|
||||
- "SYSTEM_CONTROLLER_FLOATING_ADDRESS={{ system_controller_floating_address }}"
|
||||
- "DOCKER_HTTP_PROXY={{ docker_http_proxy }}"
|
||||
- "DOCKER_HTTPS_PROXY={{ docker_https_proxy }}"
|
||||
- "DOCKER_NO_PROXY={{ docker_no_proxy_combined | join(',') }}"
|
||||
|
|
|
|||
|
|
@ -10,3 +10,9 @@ minimum_ipv6_prefix_length: 64
|
|||
private_pxeboot_subnet: 169.254.202.0/24
|
||||
pxecontroller_floating_hostname: pxecontroller
|
||||
use_entire_pxeboot_subnet: true
|
||||
|
||||
# These variables are only used for subcloud configuration and are set
|
||||
# automatically by dcmanager
|
||||
region_name: 'RegionOne'
|
||||
system_controller_floating_address: none
|
||||
system_controller_subnet: none
|
||||
|
|
|
|||
Loading…
Reference in New Issue