Browse Source

Initial plugin checkin

This checks in the astara plugin in its current state. It currently
supports deploying into MOS 8.0/liberty only.

Change-Id: Ibe7ca298c4adcdd237202b520271100231b2a1d2
changes/38/313138/2
Adam Gandelman 3 years ago
parent
commit
a7614c8593
46 changed files with 2037 additions and 0 deletions
  1. 2
    0
      AUTHORS
  2. 27
    0
      INSTALL.rst
  3. 202
    0
      LICENSE
  4. 135
    0
      README.rst
  5. 29
    0
      components.yaml
  6. 5
    0
      deployment_scripts/puppet/manifests/network_orchestrator_astara_neutron_install.pp
  7. 123
    0
      deployment_scripts/puppet/manifests/network_orchestrator_configure.pp
  8. 5
    0
      deployment_scripts/puppet/manifests/network_orchestrator_create_resources.pp
  9. 58
    0
      deployment_scripts/puppet/manifests/network_orchestrator_db.pp
  10. 103
    0
      deployment_scripts/puppet/manifests/network_orchestrator_hiera_override.pp
  11. 2
    0
      deployment_scripts/puppet/manifests/network_orchestrator_image.pp
  12. 5
    0
      deployment_scripts/puppet/manifests/network_orchestrator_install.pp
  13. 1
    0
      deployment_scripts/puppet/manifests/network_orchestrator_pre_deployment.pp
  14. 3
    0
      deployment_scripts/puppet/manifests/network_orchestrator_set_resources.pp
  15. 27
    0
      deployment_scripts/puppet/modules/astara/lib/puppet/provider/astara_config/ini_setting.rb
  16. 47
    0
      deployment_scripts/puppet/modules/astara/lib/puppet/type/astara_config.rb
  17. 21
    0
      deployment_scripts/puppet/modules/astara/manifests/astara_neutron/install.pp
  18. 55
    0
      deployment_scripts/puppet/modules/astara/manifests/db/mysql.pp
  19. 10
    0
      deployment_scripts/puppet/modules/astara/manifests/db/sync.pp
  20. 15
    0
      deployment_scripts/puppet/modules/astara/manifests/flavor/create.pp
  21. 25
    0
      deployment_scripts/puppet/modules/astara/manifests/image.pp
  22. 100
    0
      deployment_scripts/puppet/modules/astara/manifests/init.pp
  23. 24
    0
      deployment_scripts/puppet/modules/astara/manifests/install.pp
  24. 13
    0
      deployment_scripts/puppet/modules/astara/manifests/networks/create.pp
  25. 14
    0
      deployment_scripts/puppet/modules/astara/manifests/networks/set.pp
  26. 15
    0
      deployment_scripts/puppet/modules/astara/manifests/repo/liberty.pp
  27. 74
    0
      deployment_scripts/puppet/modules/astara/templates/orchestrator.ini.erb
  28. 111
    0
      deployment_scripts/scripts/astara_post_deploy.sh
  29. 21
    0
      deployment_scripts/scripts/controller_post_deploy.sh
  30. 39
    0
      deployment_scripts/scripts/create_neutron_networks.sh
  31. 17
    0
      deployment_scripts/scripts/create_nova_flavor.sh
  32. 258
    0
      deployment_scripts/scripts/functions
  33. 87
    0
      deployment_scripts/scripts/install_astara_from_src.sh
  34. 39
    0
      deployment_scripts/scripts/set_neutron_networks_config.sh
  35. 13
    0
      deployment_scripts/scripts/set_nova_flavor.sh
  36. 177
    0
      deployment_tasks.yaml
  37. 55
    0
      environment_config.yaml
  38. 34
    0
      metadata.yaml
  39. 17
    0
      network_roles.yaml
  40. 17
    0
      node_roles.yaml
  41. 11
    0
      pre_build_hook
  42. 0
    0
      repositories/centos/.gitignore
  43. 0
    0
      repositories/centos/.gitkeep
  44. 0
    0
      repositories/ubuntu/.gitignore
  45. 0
    0
      repositories/ubuntu/.gitkeep
  46. 1
    0
      tasks.yaml

+ 2
- 0
AUTHORS View File

@@ -0,0 +1,2 @@
1
+Adam Gandelman <adamg@ubuntu.com>
2
+Eric Lopez <eric.lopez@akanda.io>

+ 27
- 0
INSTALL.rst View File

@@ -0,0 +1,27 @@
1
+Create Manually Installed Astara Fuel 8.0 Plugin on Ubuntu Trusty 14.04
2
+=======================================================================
3
+
4
+``https://wiki.openstack.org/wiki/Fuel/Plugins#Preparing_an_environment_for_plugin_development``
5
+
6
+    sudo apt-get install createrepo rpm dpkg-dev
7
+    easy_install pip
8
+    pip install fuel-plugin-builder
9
+    git clone https://github.com/stackforge/fuel-plugins.git
10
+    cd fuel-plugins/fuel_plugin_builder/
11
+    sudo python setup.py develop
12
+
13
+``https://wiki.openstack.org/wiki/Fuel/Plugins#Using_Fuel_Plugin_Builder_tool``
14
+
15
+    fpb --create fuel-plugin-astara
16
+    fpb --build fuel-plugin-astara
17
+    
18
+
19
+Debug UI
20
+--------
21
+
22
+blah blah
23
+
24
+Debug Deployment
25
+----------------
26
+
27
+blah blah

+ 202
- 0
LICENSE View File

@@ -0,0 +1,202 @@
1
+Apache License
2
+                           Version 2.0, January 2004
3
+                        http://www.apache.org/licenses/
4
+
5
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6
+
7
+   1. Definitions.
8
+
9
+      "License" shall mean the terms and conditions for use, reproduction,
10
+      and distribution as defined by Sections 1 through 9 of this document.
11
+
12
+      "Licensor" shall mean the copyright owner or entity authorized by
13
+      the copyright owner that is granting the License.
14
+
15
+      "Legal Entity" shall mean the union of the acting entity and all
16
+      other entities that control, are controlled by, or are under common
17
+      control with that entity. For the purposes of this definition,
18
+      "control" means (i) the power, direct or indirect, to cause the
19
+      direction or management of such entity, whether by contract or
20
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
21
+      outstanding shares, or (iii) beneficial ownership of such entity.
22
+
23
+      "You" (or "Your") shall mean an individual or Legal Entity
24
+      exercising permissions granted by this License.
25
+
26
+      "Source" form shall mean the preferred form for making modifications,
27
+      including but not limited to software source code, documentation
28
+      source, and configuration files.
29
+
30
+      "Object" form shall mean any form resulting from mechanical
31
+      transformation or translation of a Source form, including but
32
+      not limited to compiled object code, generated documentation,
33
+      and conversions to other media types.
34
+
35
+      "Work" shall mean the work of authorship, whether in Source or
36
+      Object form, made available under the License, as indicated by a
37
+      copyright notice that is included in or attached to the work
38
+      (an example is provided in the Appendix below).
39
+
40
+      "Derivative Works" shall mean any work, whether in Source or Object
41
+      form, that is based on (or derived from) the Work and for which the
42
+      editorial revisions, annotations, elaborations, or other modifications
43
+      represent, as a whole, an original work of authorship. For the purposes
44
+      of this License, Derivative Works shall not include works that remain
45
+      separable from, or merely link (or bind by name) to the interfaces of,
46
+      the Work and Derivative Works thereof.
47
+
48
+      "Contribution" shall mean any work of authorship, including
49
+      the original version of the Work and any modifications or additions
50
+      to that Work or Derivative Works thereof, that is intentionally
51
+      submitted to Licensor for inclusion in the Work by the copyright owner
52
+      or by an individual or Legal Entity authorized to submit on behalf of
53
+      the copyright owner. For the purposes of this definition, "submitted"
54
+      means any form of electronic, verbal, or written communication sent
55
+      to the Licensor or its representatives, including but not limited to
56
+      communication on electronic mailing lists, source code control systems,
57
+      and issue tracking systems that are managed by, or on behalf of, the
58
+      Licensor for the purpose of discussing and improving the Work, but
59
+      excluding communication that is conspicuously marked or otherwise
60
+      designated in writing by the copyright owner as "Not a Contribution."
61
+
62
+      "Contributor" shall mean Licensor and any individual or Legal Entity
63
+      on behalf of whom a Contribution has been received by Licensor and
64
+      subsequently incorporated within the Work.
65
+
66
+   2. Grant of Copyright License. Subject to the terms and conditions of
67
+      this License, each Contributor hereby grants to You a perpetual,
68
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69
+      copyright license to reproduce, prepare Derivative Works of,
70
+      publicly display, publicly perform, sublicense, and distribute the
71
+      Work and such Derivative Works in Source or Object form.
72
+
73
+   3. Grant of Patent License. Subject to the terms and conditions of
74
+      this License, each Contributor hereby grants to You a perpetual,
75
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76
+      (except as stated in this section) patent license to make, have made,
77
+      use, offer to sell, sell, import, and otherwise transfer the Work,
78
+      where such license applies only to those patent claims licensable
79
+      by such Contributor that are necessarily infringed by their
80
+      Contribution(s) alone or by combination of their Contribution(s)
81
+      with the Work to which such Contribution(s) was submitted. If You
82
+      institute patent litigation against any entity (including a
83
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
84
+      or a Contribution incorporated within the Work constitutes direct
85
+      or contributory patent infringement, then any patent licenses
86
+      granted to You under this License for that Work shall terminate
87
+      as of the date such litigation is filed.
88
+
89
+   4. Redistribution. You may reproduce and distribute copies of the
90
+      Work or Derivative Works thereof in any medium, with or without
91
+      modifications, and in Source or Object form, provided that You
92
+      meet the following conditions:
93
+
94
+      (a) You must give any other recipients of the Work or
95
+          Derivative Works a copy of this License; and
96
+
97
+      (b) You must cause any modified files to carry prominent notices
98
+          stating that You changed the files; and
99
+
100
+      (c) You must retain, in the Source form of any Derivative Works
101
+          that You distribute, all copyright, patent, trademark, and
102
+          attribution notices from the Source form of the Work,
103
+          excluding those notices that do not pertain to any part of
104
+          the Derivative Works; and
105
+
106
+      (d) If the Work includes a "NOTICE" text file as part of its
107
+          distribution, then any Derivative Works that You distribute must
108
+          include a readable copy of the attribution notices contained
109
+          within such NOTICE file, excluding those notices that do not
110
+          pertain to any part of the Derivative Works, in at least one
111
+          of the following places: within a NOTICE text file distributed
112
+          as part of the Derivative Works; within the Source form or
113
+          documentation, if provided along with the Derivative Works; or,
114
+          within a display generated by the Derivative Works, if and
115
+          wherever such third-party notices normally appear. The contents
116
+          of the NOTICE file are for informational purposes only and
117
+          do not modify the License. You may add Your own attribution
118
+          notices within Derivative Works that You distribute, alongside
119
+          or as an addendum to the NOTICE text from the Work, provided
120
+          that such additional attribution notices cannot be construed
121
+          as modifying the License.
122
+
123
+      You may add Your own copyright statement to Your modifications and
124
+      may provide additional or different license terms and conditions
125
+      for use, reproduction, or distribution of Your modifications, or
126
+      for any such Derivative Works as a whole, provided Your use,
127
+      reproduction, and distribution of the Work otherwise complies with
128
+      the conditions stated in this License.
129
+
130
+   5. Submission of Contributions. Unless You explicitly state otherwise,
131
+      any Contribution intentionally submitted for inclusion in the Work
132
+      by You to the Licensor shall be under the terms and conditions of
133
+      this License, without any additional terms or conditions.
134
+      Notwithstanding the above, nothing herein shall supersede or modify
135
+      the terms of any separate license agreement you may have executed
136
+      with Licensor regarding such Contributions.
137
+
138
+   6. Trademarks. This License does not grant permission to use the trade
139
+      names, trademarks, service marks, or product names of the Licensor,
140
+      except as required for reasonable and customary use in describing the
141
+      origin of the Work and reproducing the content of the NOTICE file.
142
+
143
+   7. Disclaimer of Warranty. Unless required by applicable law or
144
+      agreed to in writing, Licensor provides the Work (and each
145
+      Contributor provides its Contributions) on an "AS IS" BASIS,
146
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147
+      implied, including, without limitation, any warranties or conditions
148
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149
+      PARTICULAR PURPOSE. You are solely responsible for determining the
150
+      appropriateness of using or redistributing the Work and assume any
151
+      risks associated with Your exercise of permissions under this License.
152
+
153
+   8. Limitation of Liability. In no event and under no legal theory,
154
+      whether in tort (including negligence), contract, or otherwise,
155
+      unless required by applicable law (such as deliberate and grossly
156
+      negligent acts) or agreed to in writing, shall any Contributor be
157
+      liable to You for damages, including any direct, indirect, special,
158
+      incidental, or consequential damages of any character arising as a
159
+      result of this License or out of the use or inability to use the
160
+      Work (including but not limited to damages for loss of goodwill,
161
+      work stoppage, computer failure or malfunction, or any and all
162
+      other commercial damages or losses), even if such Contributor
163
+      has been advised of the possibility of such damages.
164
+
165
+   9. Accepting Warranty or Additional Liability. While redistributing
166
+      the Work or Derivative Works thereof, You may choose to offer,
167
+      and charge a fee for, acceptance of support, warranty, indemnity,
168
+      or other liability obligations and/or rights consistent with this
169
+      License. However, in accepting such obligations, You may act only
170
+      on Your own behalf and on Your sole responsibility, not on behalf
171
+      of any other Contributor, and only if You agree to indemnify,
172
+      defend, and hold each Contributor harmless for any liability
173
+      incurred by, or claims asserted against, such Contributor by reason
174
+      of your accepting any such warranty or additional liability.
175
+
176
+   END OF TERMS AND CONDITIONS
177
+
178
+   APPENDIX: How to apply the Apache License to your work.
179
+
180
+      To apply the Apache License to your work, attach the following
181
+      boilerplate notice, with the fields enclosed by brackets "{}"
182
+      replaced with your own identifying information. (Don't include
183
+      the brackets!)  The text should be enclosed in the appropriate
184
+      comment syntax for the file format. We also recommend that a
185
+      file or class name and description of purpose be included on the
186
+      same "printed page" as the copyright notice for easier
187
+      identification within third-party archives.
188
+
189
+   Copyright {yyyy} {name of copyright owner}
190
+
191
+   Licensed under the Apache License, Version 2.0 (the "License");
192
+   you may not use this file except in compliance with the License.
193
+   You may obtain a copy of the License at
194
+
195
+       http://www.apache.org/licenses/LICENSE-2.0
196
+
197
+   Unless required by applicable law or agreed to in writing, software
198
+   distributed under the License is distributed on an "AS IS" BASIS,
199
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200
+   See the License for the specific language governing permissions and
201
+   limitations under the License.
202
+

+ 135
- 0
README.rst View File

@@ -0,0 +1,135 @@
1
+Astara plugin for Mirantis Fuel
2
+===============================
3
+
4
+Astara is a network orchestration service designed for provisioning Neutron 
5
+managed virtual network functions in an OpenStack deployment.
6
+
7
+Limitations:
8
+------------
9
+	Currently this plugin is not compatible with the following features:
10
+
11
+	- Neutron DVR
12
+	- FWaaS
13
+        - LBaaSv1
14
+	- other SDN solutions
15
+
16
+
17
+Compatible versions:
18
+--------------------
19
+
20
+	- Mirantis Fuel 8.0
21
+	- Akanda Astara 8.0
22
+
23
+To obtain the plugin:
24
+---------------------
25
+
26
+The Astara plugin can be downloaded from the [Fuel Plugin Catalog](
27
+https://www.mirantis.com/products/openstack-drivers-and-plugins/fuel-plugins/).
28
+
29
+
30
+To install the plugin:
31
+----------------------
32
+
33
+- Prepare a clean fuel master node.
34
+
35
+- Copy the plugin onto the fuel master node:
36
+
37
+		scp astara-fuel-plugin-1.0-1.0.0-0.noarch.rpm root@<Fuel_Master_Node_IP>:/tmp
38
+
39
+- Install the plugin on the fuel master node:
40
+
41
+		cd /tmp
42
+
43
+		fuel plugins --install astara-fuel-plugin-1.0-1.0.0-0.noarch.rpm
44
+
45
+- Check the plugin was installed:
46
+
47
+		fuel plugins --list
48
+
49
+
50
+User Guide
51
+----------
52
+
53
+To deploy a cluster with the Astara plugin, use the Fuel web UI to deploy an
54
+OpenStack cluster in the usual way, with the following guidelines:
55
+
56
+- Create a new OpenStack environment, selecting:
57
+
58
+	Liberty on Ubuntu Trusty
59
+
60
+	"Neutron with VLAN segmentation" or "Neutron with tunneling segmentation" as the networking setup
61
+
62
+- Under the network tab, configure the 'Network' settings for your environment. For example (exact values will
63
+  depend on your setup):
64
+
65
+  	Public (External):
66
+
67
+	- IP Range: 172.16.0.2 - 172.16.0.126
68
+        - CIDR: 172.16.0.0/24
69
+        - Use VLAN tagging: No
70
+        - Gateway: 172.16.0.1 
71
+	- Floating IP range: 172.16.0.130 - 172.16.0.254
72
+
73
+
74
+	Management (Management):
75
+
76
+- Under the settings tab, make sure the following options are checked:
77
+
78
+	"Use Astara Network Orchestrator"
79
+
80
+- Under the setting tab, configure Astara Management Service Port, API Port, and Management IPv6 prefix
81
+
82
+	- Astara Management IPv6 Prefix
83
+	- Astara Management Service Port
84
+	- Astara API Service Port
85
+
86
+- Add nodes 
87
+
88
+- Deploy changes
89
+
90
+
91
+Deployment details
92
+------------------
93
+Deployment of Openstack using Astara Network Orchestrator does the following:
94
+
95
+- Configures Nova:
96
+
97
+	Enable Metadata Service
98
+
99
+	Enable IPv6
100
+
101
+	Enables Nova to attach external networks to an VM Instance
102
+	
103
+- Configures Neutron: 
104
+
105
+	Disables Metadata Agent, L3 Agent, and DHCP Agent
106
+
107
+	Enables Astara API extensions
108
+
109
+	Enables Astara service plugin
110
+
111
+	Enables Astara core plugin
112
+
113
+- Uploads Astara Router Service VM into Openstack Image Service (glance)
114
+
115
+- Configure Horizon:
116
+
117
+	Enable Astara dashboard extensions
118
+
119
+	Configure Astara management service details
120
+
121
+- Create Public and Management Networks for Openstack deployment
122
+
123
+
124
+Known issues
125
+------------
126
+
127
+None.
128
+
129
+Release Notes
130
+-------------
131
+
132
+**1.0.0**
133
+
134
+* Initial release of the plugin
135
+

+ 29
- 0
components.yaml View File

@@ -0,0 +1,29 @@
1
+# This file contains wizard components descriptions that are pretty similar to
2
+# the `environment_config.yaml`.
3
+# Please, take a look at following link for the details:
4
+# - https://blueprints.launchpad.net/fuel/+spec/component-registry
5
+# - https://specs.openstack.org/openstack/fuel-specs/specs/8.0/component-registry.html
6
+
7
+- name: 'additional_service:astara'
8
+  label: "Install Astara (Openstack Network Orchestrator)"
9
+  description: "If selected, Astara's Network Orchestrator will be installed. Astara
10
+    is a production grade L3-L7 Network Service Platform for Neutron"
11
+  bind: !!pairs
12
+    - "cluster:net_provider": "neutron"
13
+  requires:
14
+    - name: 'network:neutron:core:ml2'
15
+  compatible:
16
+    - name: 'hypervisor:libvirt:*'
17
+    - name: 'hypervisor:kvm'
18
+    - name: 'hypervisor:qemu'
19
+    - name: 'network:neutron:vlan'
20
+    - name: 'network:neutron:tun'
21
+    - name: "storage:block:lvm"
22
+    - name: "storage:image:ceph"
23
+    - name: "storage:object:ceph"
24
+    - name: "additional_service:ceilometer"
25
+    - name: "storage:block:ceph"
26
+    - name: "storage:ephemeral:ceph"
27
+  incompatible:
28
+    - name: 'hypervisor:vmware'
29
+      description: 'Astara is not compatible with VMware vSphere'

+ 5
- 0
deployment_scripts/puppet/manifests/network_orchestrator_astara_neutron_install.pp View File

@@ -0,0 +1,5 @@
1
+notice('MODULE: astara-neutron install')
2
+
3
+include astara
4
+
5
+class { 'astara::astara_neutron::install': }

+ 123
- 0
deployment_scripts/puppet/manifests/network_orchestrator_configure.pp View File

@@ -0,0 +1,123 @@
1
+notice('MODULAR: astara config')
2
+
3
+$astara_settings = hiera('fuel-plugin-astara')
4
+
5
+# pass through fuel plugin config
6
+astara_config {
7
+    'DEFAULT/astara_api_port': value => $astara_settings['astara_api_port'];
8
+    'DEFAULT/astara_mgt_service_port': value => $astara_settings['astra_mgmt_service_port'];
9
+    'DEFAULT/management_prefix': value => $astara_settings['astra_mgmt_ipv6_prefix'];
10
+}
11
+
12
+# piece together authtoken config from hiera, using neutron's service creds.
13
+$neutron_settings = hiera('quantum_settings')
14
+$neutron_keystone_settings = $neutron_settings['keystone']
15
+$keystone_settings = hiera_hash('keystone', {})
16
+$service_endpoint = hiera('service_endpoint')
17
+$management_vip = hiera('management_vip')
18
+
19
+$ssl_hash = hiera_hash('use_ssl', {})
20
+$internal_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
21
+$internal_address  = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$service_endpoint, $management_vip])
22
+$internal_port     = '5000'
23
+
24
+$public_url   = "${public_protocol}://${public_address}:${public_port}"
25
+$admin_url    = "${admin_protocol}://${admin_address}:${admin_port}"
26
+$internal_url = "${internal_protocol}://${internal_address}:${internal_port}"
27
+
28
+$admin_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
29
+
30
+$auth_suffix  = pick($keystone_settings['auth_suffix'], '/')
31
+$auth_url     = "${internal_url}${auth_suffix}"
32
+
33
+# XXX need to replace with zookeeper
34
+$memcache_addresses = hiera('memcached_addresses')
35
+$memcache_address = $memcache_addresses[0]
36
+
37
+$region = hiera('region', 'RegionOne')
38
+
39
+# setup keystone authtoken middleware
40
+astara_config {
41
+    'keystone_authtoken/auth_plugin': value => 'password';
42
+    'DEFAULT/auth_url': value => $auth_url;
43
+    'keystone_authtoken/auth_uri': value => $auth_url;
44
+    'keystone_authtoken/auth_url': value => $internal_url;
45
+    'keystone_authtoken/project_domain_id': value => 'default';
46
+    'keystone_authtoken/user_domain_id': value => 'default';
47
+    'keystone_authtoken/project_name': value => 'services';
48
+    'keystone_authtoken/username': value => 'neutron';
49
+    'keystone_authtoken/password': value => $neutron_keystone_settings['admin_password'];
50
+    'keystone_authtoken/auth_region': value => $region;
51
+}
52
+
53
+
54
+# setup db access to the controller with the known password
55
+$database_vip               = hiera('database_vip', $management_vip)
56
+$db_host                    = pick($astara_settings['db_host'], $database_vip)
57
+$db_user                    = pick($astara_settings['db_user'], 'astara')
58
+$db_name                    = pick($astara_settings['db_name'], 'astara')
59
+#$db_password                = pick($astara_settings['astara_db_password'], 'astara')
60
+$db_password                 = 'astara'
61
+$database_connection        = "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8"
62
+astara_config {
63
+    'database/connection': value => $database_connection;
64
+}
65
+
66
+# setup access to neutron's rabbit queue
67
+# matching neutron's rabbit setup here -- it uses nova's credentials?
68
+$rabbit_settings = hiera('rabbit')
69
+$rabbit_user = 'nova'
70
+$rabbit_password  = $rabbit_settings['password']
71
+$rabbit_host = hiera('amqp_hosts')
72
+
73
+astara_config {
74
+    'DEFAULT/control_exchange': value => 'neturon';
75
+    'DEFAULT/rpc_backend': value => 'rabbit';
76
+    'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_user;
77
+    'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true;
78
+    'oslo_messaging_rabbit/rabbit_hosts': value => $rabbit_host;
79
+}
80
+
81
+# setup the neutron L3 agent
82
+neutron_config {
83
+    'agent/root_helper': value => 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf';
84
+    'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_user;
85
+    'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true;
86
+    # XXX note sure where non-default 5673 comes from?
87
+    'oslo_messaging_rabbit/rabbit_hosts': value => $rabbit_host;
88
+}
89
+
90
+
91
+# drop an openrc for the neutron service tenant
92
+class { 'openstack::auth_file':
93
+  admin_user          => 'neutron',
94
+  admin_password      => $neutron_keystone_settings['admin_password'],
95
+  admin_tenant        => 'services',
96
+  region_name         => $region,
97
+  auth_url            => $auth_url,
98
+}
99
+
100
+astara_config {
101
+    'DEFAULT/endpoint_type': value => 'internalURL';
102
+    'DEFAULT/log_file': value => '/var/log/astara/astara-orchestrator.log';
103
+}
104
+
105
+# Setup coordination cluster services.
106
+# NOTE: we use memcache here for testing until a zookeeper module is available in feul
107
+astara_config {
108
+    'coordination/enabled': value => 'True';
109
+    'coordination/url': value => "memcached://${memcache_address}:11211";
110
+}
111
+
112
+# setup metadata proxy access
113
+astara_config {
114
+	'DEFAULT/nova_metadata_ip': value => $management_vip;
115
+	'DEFAULT/neutron_metadata_proxy_shared_secret': value => $neutron_settings["metadata"]["metadata_proxy_shared_secret"];
116
+}
117
+
118
+# TODO(adam_g): flavor ids are hard-coded as params to astara::flavor::create,
119
+# should be centralized somewhere.
120
+astara_config {
121
+	'router/instance_flavor': value => "511";
122
+	'loadbalancer/instance_flavor': value => "511";
123
+}

+ 5
- 0
deployment_scripts/puppet/manifests/network_orchestrator_create_resources.pp View File

@@ -0,0 +1,5 @@
1
+
2
+class { 'astara::db::sync': }
3
+class { 'astara::flavor::create': }
4
+class { 'astara::networks::create': }
5
+

+ 58
- 0
deployment_scripts/puppet/manifests/network_orchestrator_db.pp View File

@@ -0,0 +1,58 @@
1
+
2
+notice('MODULAR: astara/db.pp')
3
+
4
+$node_name      = hiera('node_name')
5
+
6
+$astara_settings = hiera('fuel-plugin-astara')
7
+$mysql_hash     = hiera_hash('mysql_hash', {})
8
+
9
+$database_vip   = hiera('database_vip')
10
+
11
+$mysql_root_user     = pick($mysql_hash['root_user'], 'root')
12
+$mysql_db_create     = pick($mysql_hash['db_create'], true)
13
+$mysql_root_password = $mysql_hash['root_password']
14
+
15
+$db_user     = 'astara'
16
+$db_name     = 'astara'
17
+#$db_password = pick($astara_settings['astara_db_password'], $mysql_root_password)
18
+# XXX TODO pull generated passwd from environment config
19
+$db_password = 'astara'
20
+
21
+$db_host          = pick($astara_settings['metadata']['db_host'], $database_vip)
22
+$db_create        = pick($astara_settings['metadata']['db_create'], $mysql_db_create)
23
+$db_root_user     = pick($astara_settings['metadata']['root_user'], $mysql_root_user)
24
+$db_root_password = pick($astara_settings['metadata']['root_password'], $mysql_root_password)
25
+
26
+$allowed_hosts = [ $node_name, 'localhost', '127.0.0.1', '%' ]
27
+
28
+validate_string($mysql_root_user)
29
+
30
+if $db_create {
31
+
32
+  class { 'galera::client':
33
+    custom_setup_class => hiera('mysql_custom_setup_class', 'galera'),
34
+  }
35
+
36
+  class { 'astara::db::mysql':
37
+    user          => $db_user,
38
+    password      => $db_password,
39
+    dbname        => $db_name,
40
+    allowed_hosts => $allowed_hosts,
41
+  }
42
+
43
+  class { 'osnailyfacter::mysql_access':
44
+    db_host     => $db_host,
45
+    db_user     => $db_root_user,
46
+    db_password => $db_root_password,
47
+  }
48
+
49
+  Class['galera::client'] ->
50
+  Class['osnailyfacter::mysql_access'] ->
51
+  Class['astara::db::mysql']
52
+
53
+}
54
+
55
+class mysql::config {}
56
+include mysql::config
57
+class mysql::server {}
58
+include mysql::server

+ 103
- 0
deployment_scripts/puppet/manifests/network_orchestrator_hiera_override.pp View File

@@ -0,0 +1,103 @@
1
+notice('MODULAR: network-orchestrator-node/network_hiera_override.pp')
2
+
3
+$network_node_plugin = hiera('astara', undef)
4
+$hiera_dir = '/etc/hiera/override'
5
+$plugin_name = 'network-orchestrator-node'
6
+$plugin_yaml = "${plugin_name}.yaml"
7
+
8
+if $network_orchestrator_node_plugin {
9
+  $network_metadata = hiera_hash('network_metadata')
10
+  $network_roles = ['primary-network-orchestrator-node', 'network-orchestrator-node']
11
+  $network_nodes = get_nodes_hash_by_roles($network_metadata, $network_roles)
12
+  $management_vip = $network_metadata['vips']['management']['ipaddr']
13
+  $public_vip = $network_metadata['vips']['public']['ipaddr']
14
+
15
+  $quantum_hash = hiera_hash('quantum_settings')
16
+
17
+  case hiera_array('role', 'none') {
18
+    /network-orchestartor-node/: {
19
+
20
+      if hiera('role', 'none') == 'primary-network-orchestrator-node' {
21
+        $primary_controller = true
22
+      } else {
23
+        $primary_controller = false
24
+      }
25
+      $use_neutron = true
26
+      $corosync_roles = $network_roles
27
+      $deploy_vrouter = false
28
+      $haproxy_nodes = false
29
+      $corosync_nodes = $network_nodes
30
+      $new_quantum_settings_hash = {
31
+        'neutron_agents' => [''],
32
+        'neutron_server_enable' => false,
33
+        'conf_nova' => false
34
+      }
35
+      $neutron_settings = merge($quantum_hash, $new_quantum_settings_hash)
36
+    }
37
+    /controller/: {
38
+      $use_neutron = true
39
+      $new_quantum_settings_hash = {
40
+        'neutron_agents' => [''],
41
+      }
42
+      $neutron_settings = merge($quantum_hash, $new_quantum_settings_hash)
43
+
44
+      if hiera('role', 'none') =~ /^primary/ {
45
+        $primary_controller = 'true'
46
+      } else {
47
+        $primary_controller = 'false'
48
+      }
49
+    }
50
+    default: {
51
+      $use_neutron = true
52
+    }
53
+  }
54
+
55
+###################
56
+  $calculated_content = inline_template('
57
+<% if @corosync_nodes -%>
58
+<% require "yaml" -%>
59
+corosync_nodes:
60
+<%= YAML.dump(@corosync_nodes).sub(/--- *$/,"") %>
61
+<% end -%>
62
+<% if @corosync_roles -%>
63
+corosync_roles:
64
+<%
65
+@corosync_roles.each do |crole|
66
+%>  - <%= crole %>
67
+<% end -%>
68
+<% end -%>
69
+<% if @neutron_settings -%>
70
+<% require "yaml" -%>
71
+quantum_settings:
72
+<%= YAML.dump(@neutron_settings).sub(/--- *$/,"") %>
73
+<% end -%>
74
+deploy_vrouter: <%= @deploy_vrouter %>
75
+primary_controller: <%= @primary_controller %>
76
+management_vip: <%= @management_vip %>
77
+database_vip:  <%= @management_vip %>
78
+service_endpoint: <%= @management_vip %>
79
+public_vip: <%= @public_vip %>
80
+use_neutron: <%= @use_neutron %>
81
+  ')
82
+
83
+###################
84
+
85
+  file {'/etc/hiera/override':
86
+    ensure  => directory,
87
+  } ->
88
+  file { '/etc/hiera/override/common.yaml':
89
+    ensure  => file,
90
+    content => "${calculated_content}\n",
91
+  }
92
+
93
+  package {'ruby-deep-merge':
94
+    ensure  => 'installed',
95
+  }
96
+
97
+  file_line {'hiera.yaml':
98
+    path  => '/etc/hiera.yaml',
99
+      line  => "  - override/${plugin_name}",
100
+      after => '  - override/module/%{calling_module}',
101
+  }
102
+
103
+}

+ 2
- 0
deployment_scripts/puppet/manifests/network_orchestrator_image.pp View File

@@ -0,0 +1,2 @@
1
+
2
+class { 'astara::image': }

+ 5
- 0
deployment_scripts/puppet/manifests/network_orchestrator_install.pp View File

@@ -0,0 +1,5 @@
1
+notice('MODULAR: astara install')
2
+
3
+include astara
4
+
5
+class { 'astara::install': }

+ 1
- 0
deployment_scripts/puppet/manifests/network_orchestrator_pre_deployment.pp View File

@@ -0,0 +1 @@
1
+notice('MODULAR: no-op astara pre-deployment task')

+ 3
- 0
deployment_scripts/puppet/manifests/network_orchestrator_set_resources.pp View File

@@ -0,0 +1,3 @@
1
+
2
+class { 'astara::networks::set': }
3
+

+ 27
- 0
deployment_scripts/puppet/modules/astara/lib/puppet/provider/astara_config/ini_setting.rb View File

@@ -0,0 +1,27 @@
1
+Puppet::Type.type(:astara_config).provide(
2
+  :ini_setting,
3
+  :parent => Puppet::Type.type(:ini_setting).provider(:ruby)
4
+) do
5
+
6
+  def section
7
+    resource[:name].split('/', 2).first
8
+  end
9
+
10
+  def setting
11
+    resource[:name].split('/', 2).last
12
+  end
13
+
14
+  def separator
15
+    '='
16
+  end
17
+
18
+  def self.file_path
19
+    '/etc/astara/orchestrator.ini'
20
+  end
21
+
22
+  # added for backwards compatibility with older versions of inifile
23
+  def file_path
24
+    self.class.file_path
25
+  end
26
+
27
+end

+ 47
- 0
deployment_scripts/puppet/modules/astara/lib/puppet/type/astara_config.rb View File

@@ -0,0 +1,47 @@
1
+Puppet::Type.newtype(:astara_config) do
2
+
3
+  ensurable
4
+
5
+  newparam(:name, :namevar => true) do
6
+    desc 'Section/setting name to manage from /etc/astara/orchestrator.ini'
7
+    newvalues(/\S+\/\S+/)
8
+  end
9
+
10
+  newproperty(:value) do
11
+    desc 'The value of the setting to be defined.'
12
+    munge do |value|
13
+      value = value.to_s.strip
14
+      value.capitalize! if value =~ /^(true|false)$/i
15
+      value
16
+    end
17
+
18
+    def is_to_s( currentvalue )
19
+      if resource.secret?
20
+        return '[old secret redacted]'
21
+      else
22
+        return currentvalue
23
+      end
24
+    end
25
+
26
+    def should_to_s( newvalue )
27
+      if resource.secret?
28
+        return '[new secret redacted]'
29
+      else
30
+        return newvalue
31
+      end
32
+    end
33
+  end
34
+
35
+  newparam(:secret, :boolean => true) do
36
+    desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
37
+
38
+    newvalues(:true, :false)
39
+
40
+    defaultto false
41
+  end
42
+
43
+  autorequire(:package) do
44
+    'astara-common'
45
+  end
46
+
47
+end

+ 21
- 0
deployment_scripts/puppet/modules/astara/manifests/astara_neutron/install.pp View File

@@ -0,0 +1,21 @@
1
+
2
+notice('MODULAR: astara::astara_neutron::install')
3
+
4
+class astara::astara_neutron::install {
5
+	class { 'astara::repo::liberty': }
6
+
7
+	package { 'neutron-plugin-astara':
8
+        ensure => present,
9
+        require => Class['astara::repo::liberty'],
10
+	}
11
+
12
+    # TODO: These will need to be special cased for when we deploy the Mitaka
13
+    # version (akanda -> astara)
14
+    neutron_config {
15
+        'DEFAULT/core_plugin': value => 'akanda.neutron.plugins.ml2_neutron_plugin.Ml2Plugin';
16
+        'DEFAULT/api_extensions_path': value => '/usr/lib/python2.7/dist-packages/akanda/neutron/extensions';
17
+        'DEFAULT/service_plugins': value => 'akanda.neutron.plugins.ml2_neutron_plugin.L3RouterPlugin';
18
+        'DEFAULT/notification_driver': value => 'neutron.openstack.common.notifier.rpc_notifier';
19
+        'DEFAULT/astara_auto_add_resources': value => 'False';
20
+    }
21
+}

+ 55
- 0
deployment_scripts/puppet/modules/astara/manifests/db/mysql.pp View File

@@ -0,0 +1,55 @@
1
+# The astara::db::mysql class creates a MySQL database for astara.
2
+# It must be used on the MySQL server
3
+#
4
+# == Parameters
5
+#
6
+#  [*password*]
7
+#    password to connect to the database. Mandatory.
8
+#
9
+#  [*dbname*]
10
+#    name of the database. Optional. Defaults to astara.
11
+#
12
+#  [*user*]
13
+#    user to connect to the database. Optional. Defaults to astara.
14
+#
15
+#  [*host*]
16
+#    the default source host user is allowed to connect from.
17
+#    Optional. Defaults to 'localhost'
18
+#
19
+#  [*allowed_hosts*]
20
+#    other hosts the user is allowd to connect from.
21
+#    Optional. Defaults to undef.
22
+#
23
+#  [*charset*]
24
+#    the database charset. Optional. Defaults to 'utf8'
25
+#
26
+#  [*collate*]
27
+#    the database collation. Optional. Defaults to 'utf8_general_ci'
28
+#
29
+#  [*mysql_module*]
30
+#   (optional) Deprecated. Does nothing.
31
+#
32
+#  [*cluster_id*]
33
+#   (optional) Deprecated. Does nothing.
34
+
35
+class astara::db::mysql(
36
+  $password,
37
+  $dbname        = 'astara',
38
+  $user          = 'astara',
39
+  $host          = '127.0.0.1',
40
+  $charset       = 'utf8',
41
+  $collate       = 'utf8_general_ci',
42
+  $allowed_hosts = undef,
43
+) {
44
+
45
+  ::openstacklib::db::mysql { 'astara':
46
+    user          => $user,
47
+    password_hash => mysql_password($password),
48
+    dbname        => $dbname,
49
+    host          => $host,
50
+    charset       => $charset,
51
+    collate       => $collate,
52
+    allowed_hosts => $allowed_hosts,
53
+  }
54
+
55
+}

+ 10
- 0
deployment_scripts/puppet/modules/astara/manifests/db/sync.pp View File

@@ -0,0 +1,10 @@
1
+notice('MODULAR: astara::db::sync')
2
+
3
+class astara::db::sync {
4
+  exec {  'astara-db-sync':
5
+    command	=> 'astara-dbsync --config-file /etc/astara/orchestrator.ini upgrade head',
6
+    path        => '/usr/bin',
7
+    user        => 'astara',
8
+    logoutput   => on_failure,
9
+  }
10
+}

+ 15
- 0
deployment_scripts/puppet/modules/astara/manifests/flavor/create.pp View File

@@ -0,0 +1,15 @@
1
+notice('MODULAR: astara::flavor::create')
2
+
3
+class astara::flavor::create (
4
+	$ram = '512',
5
+	$disk = '3',
6
+	$vcpus = '1',
7
+	$flavor_name = 'm1.astara',
8
+	$flavor_id = '511',
9
+) {
10
+    exec { 'create':
11
+        path => '/bin:/usr/bin',
12
+        command => '/bin/bash ./scripts/create_nova_flavor.sh ${ram} ${disk} ${vcpus} ${flavor_name} ${id}',
13
+        logoutput => true,
14
+    }
15
+}

+ 25
- 0
deployment_scripts/puppet/modules/astara/manifests/image.pp View File

@@ -0,0 +1,25 @@
1
+notice('MODULAR: Grabbing astara appliance image')
2
+
3
+class astara::image {
4
+
5
+  $astara_settings = hiera('fuel-plugin-astara')
6
+  $image_url = $astara_settings['astara_appliance_image_location']
7
+  
8
+  exec { 'need_image':
9
+      command => '/bin/true',
10
+      onlyif => '/usr/bin/test ! -e /root/astara_appliance.qcow2',
11
+  }
12
+  notice("Downloading astara applinace from ${image_url}")
13
+
14
+  exec { "/usr/bin/wget -O astara_appliance.qcow2 --timestamping ${image_url}":
15
+      alias => "get-image",
16
+      cwd => "/tmp",
17
+      require => Exec['need_image'],
18
+  }
19
+
20
+  file { "/root/astara_appliance.qcow2":
21
+      ensure => present,
22
+      source => "/tmp/astara_appliance.qcow2",
23
+      require => Exec["get-image"] }
24
+
25
+}

+ 100
- 0
deployment_scripts/puppet/modules/astara/manifests/init.pp View File

@@ -0,0 +1,100 @@
1
+#
2
+# Copyright (c) 2016, Akanda Inc, http://akanda.io
3
+#
4
+# Licensed under the Apache License, Version 2.0 (the "License");
5
+# you may not use this file except in compliance with the License.
6
+# You may obtain a copy of the License at
7
+#
8
+#     http://www.apache.org/licenses/LICENSE-2.0
9
+#
10
+# Unless required by applicable law or agreed to in writing, software
11
+# distributed under the License is distributed on an "AS IS" BASIS,
12
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+# See the License for the specific language governing permissions and
14
+# limitations under the License.
15
+
16
+notice('MODULAR: astara/init.pp')
17
+
18
+# Parameters for configuring Astara Fuel plugin
19
+class astara {
20
+    $astara_settings = hiera('fuel-plugin-astara')
21
+    $mgt_service_port = $astara_settings['astara_mgmt_service_port']
22
+}
23
+#
24
+#  $astara_settings = hiera('astara', {})
25
+#  $management_vip = hiera('management_vip')
26
+#
27
+#  # Settings for Neutron 
28
+#  $neutron_settings = hiera_hash('quantum_settings', {})
29
+#
30
+#  # Setting for Authenication
31
+#  $ssl_hash               = hiera_hash('use_ssl', {})
32
+#  $internal_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
33
+#  $internal_auth_address  = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [hiera('service_endpoint', ''), $management_vip])
34
+#  $admin_auth_protocol    = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
35
+#  $admin_auth_address     = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [hiera('service_endpoint', ''), $management_vip])
36
+#
37
+#  $auth_uri          = "${internal_auth_protocol}://${internal_auth_address}:5000/v2.0/"
38
+#  $auth_url          = "${admin_auth_protocol}://${admin_auth_address}:35357/"
39
+#  $identity_uri      = "${admin_auth_protocol}://${admin_auth_address}:35357/"
40
+#  $auth_region       = hiera('region', 'RegionOne')
41
+#  $project_domain_id = hiera('project_domain', 'default')
42
+#  $project_name      = hiera('$hiera workloads_collector['tenant']', 'services')
43
+#  $user_domain_id    = hiera('user_domain', 'default')
44
+#  $neutron_user      = hiera('neutron_user', 'neutron')
45
+#  $neutron_password  = hiera('neutron_user_password')
46
+#
47
+#  # Settings for Database
48
+#  $database_vip = hiera('database_vip', undef)
49
+#  $db_type      = 'mysql'
50
+#  $db_host      = pick($astara_settings['db_host'], $database_vip)
51
+#  $db_user      = pick($astara_settings['username'], 'astara')
52
+#  $db_password  = $astara_settings['db_password']
53
+#  $db_name      = pick($astara_settings['db_name'], 'astara')
54
+#  $db_connection = os_database_connection({
55
+#    'dialect'  => $db_type,
56
+#    'host'     => $db_host,
57
+#    'database' => $db_name,
58
+#    'username' => $db_user,
59
+#    'password' => $db_password,
60
+#    'charset'  => 'utf8'
61
+#  })
62
+#
63
+#  # Settings for RabbitMQ 
64
+#  $rabbit             = hiera_hash('rabbit_hash')
65
+#  $rabbit_user        = $rabbit['user']
66
+#  $rabbit_password    = $rabbit['password']
67
+#  $rabbit_hosts       = split(hiera('amqp_hosts',''), ',')
68
+#
69
+#  # Settings for Astara
70
+##  $mangement_network_id = 
71
+##  $management_subnet_id =
72
+#  $management_prefix = $astara_settings['astara-mgmt-ipv6-prefix']
73
+##  $external_network_id = 
74
+##  $external_subnet_id = 
75
+#  $external_prefix = $neutron_settings['predefined_networks']['admin_floating_net']['L3']['subnet']
76
+#  $enable_drivers = pick($astara_settings['enable_drivers'], 'router')
77
+#  $interface_driver = pick($astara_settings['interface_driver'], 'astara.common.linux.interface.OVSInterfaceDriver')
78
+#  $instance_provider = pick($astara_settings['instance_provider'], 'on-demand')
79
+#  $bind_api_port = $astara_settings['astara-api-port']
80
+#  $bind_mgmt_port = $astara_settings['astara-mgmt-service-port']
81
+#
82
+#  #$appliance_router_image = {
83
+#  #  "os_name" => "astara_router",
84
+#  #  "loc_path" => $settings['astara_appliance_image_loc']
85
+#  #  "container_format" => "bare",
86
+#  #  "disk_format" => "qcow2",
87
+#  #  "glance_properties" => "",
88
+#  #  "img_name" => "astara_router",
89
+#  #  "public" => "true"
90
+#  #}
91
+#  #$appliance_lb_image = {
92
+#  #  "os_name" => "astara_nginx",
93
+#  #  "loc_path" => $settings['astara_appliance_image_loc']
94
+#  #  "container_format" => "bare",
95
+#  #  "disk_format" => "qcow2",
96
+#  #  "glance_properties" => "",
97
+#  #  "img_name" => "astara_nginx",
98
+#  #  "public" => "true"
99
+#  #}
100
+#}

+ 24
- 0
deployment_scripts/puppet/modules/astara/manifests/install.pp View File

@@ -0,0 +1,24 @@
1
+
2
+# dependency issues between liberty and mitaka  prevent a packaged
3
+# installation right now
4
+#class astara::install {
5
+#    class { 'astara::repo': }
6
+#
7
+#    package { 'astara-orchestrator':
8
+#	ensure => 'present',
9
+#	require => Class['astara::repo'],
10
+#	tag => ['openstack', 'astara-orchestrator-package'],
11
+#    }
12
+#}
13
+
14
+
15
+# install from src in a venv instead.
16
+class astara::install {
17
+	$astara_settings = hiera('fuel-plugin-astara')
18
+	$astara_repo_url = pick($astara_settings['git_repo_url'], 'https://github.com/openstack/astara.git')
19
+	$astara_repo_branch = pick($astara_settings['git_branch'], 'stable/mitaka')
20
+	$repo_dir = '/opt/astara'
21
+	exec { 'install-from-src':
22
+		command => "/bin/bash ./scripts/install_astara_from_src.sh ${astara_repo_url} ${astara_repo_branch} ${$repo_dir}"
23
+	}
24
+}

+ 13
- 0
deployment_scripts/puppet/modules/astara/manifests/networks/create.pp View File

@@ -0,0 +1,13 @@
1
+notice('MODULAR: astara::networks::create')
2
+
3
+$astara_settings = hiera('fuel-plugin-astara')
4
+$mgt_net_name = $astara_settings['astara_mgmt_name']
5
+$mgt_prefix = $astara_settings['astara_mgmt_ipv6_prefix']
6
+
7
+class astara::networks::create {
8
+    exec { 'create networks':
9
+        path => '/bin:/usr/bin',
10
+        command => '/bin/bash ./scripts/create_neutron_networks.sh ${mgt_net_name} ${mgt_prefix}',
11
+        logoutput => true,
12
+    }
13
+}

+ 14
- 0
deployment_scripts/puppet/modules/astara/manifests/networks/set.pp View File

@@ -0,0 +1,14 @@
1
+notice('MODULAR: astara::networks::set')
2
+
3
+$astara_settings = hiera('fuel-plugin-astara')
4
+
5
+$mgt_net_name = $astara_settings['astara_mgmt_name']
6
+$mgt_prefix = $astara_settings['astara_mgmt_ipv6_prefix']
7
+
8
+class astara::networks::set {
9
+    exec { 'set networks':
10
+        path => '/bin:/usr/bin',
11
+        command => '/bin/bash ./scripts/set_neutron_networks.sh ${mgt_net_name} ${mgt_prefix}',
12
+        logoutput => true,
13
+    }
14
+}

+ 15
- 0
deployment_scripts/puppet/modules/astara/manifests/repo/liberty.pp View File

@@ -0,0 +1,15 @@
1
+class astara::repo::liberty {
2
+    include apt
3
+    if hiera('fuel_version') != '8.0' {
4
+        fail('Currently Astara deployment supported only with Fuel 8.0/liberty')
5
+    }
6
+
7
+    # we install liberty on all nodes except the astara nodes
8
+    notice('MODULAR: astara - Installing controller version for Liberty')
9
+    apt::ppa { 'ppa:astara-drivers/astara-liberty': }
10
+    exec {
11
+        'apt-get update':
12
+        path => '/usr/bin/',
13
+        require => Apt::Ppa['ppa:astara-drivers/astara-liberty']
14
+    }
15
+}

+ 74
- 0
deployment_scripts/puppet/modules/astara/templates/orchestrator.ini.erb View File

@@ -0,0 +1,74 @@
1
+[DEFAULT] <% settings = scope.lookupvar('@fuel-plugin-astara') %>
2
+debug = False
3
+
4
+log_dir = /var/log/astara
5
+log_file = /var/log/astara/orchestrator.log
6
+
7
+auth_region = <%= @astara_settings['auth_region'] %>
8
+auth_url = <%= @astara_settings['auth_url'] %>
9
+
10
+instance_provider = <%= @astara_settings['instance_provider'] %>
11
+management_network_id = <%= @astara_settings['management_network_id'] %>
12
+management_subnet_id = <%= @astara_settings['management_subnet_id'] %>
13
+management_prefix = <%= @astara_settings['management_prefix'] %>
14
+
15
+enabled_drivers = <%= @astara_settings['enabled_drivers'] %> 
16
+
17
+external_network_id = <%= @astara_settings['external_network_id'] %>
18
+external_subnet_id = <%= @astara_settings['external_subnet_id'] %>
19
+external_prefix = <%= @astara_settings['external_prefix'] %>
20
+
21
+interface_driver = <%= @astara_settings['interface_driver'] %>
22
+
23
+plug_external_port = True
24
+
25
+ssh_public_key = /etc/astara/id_rsa.pub
26
+
27
+provider_rules_path = /etc/astara/provider_rules.json
28
+
29
+reboot_error_threshold =32
30
+num_worker_threads = 2
31
+num_worker_processes = 2
32
+boot_timeout = 3000
33
+
34
+host = <%= @astara_settings['controller'] %>
35
+
36
+[AGENT]
37
+root_helper = sudo /usr/bin/astara-rootwrap /etc/astara/rootwrap.conf
38
+
39
+[ceilometer]
40
+
41
+[coordination]
42
+
43
+[database]
44
+connection = <%= @astara_settings['db_connection'] %>
45
+
46
+[keystone_authtoken]
47
+auth_plugin = password
48
+auth_uri = <%= @astara_settings['auth_uri'] %>
49
+auth_url = <%= @astara_settings['auth_url'] %>
50
+identity_uri = <%= @astara_settings['identity_uri'] %>
51
+project_domain_id = <%= @astara_settings['project_domain_id'] %>
52
+project_name = <%= @astara_settings['project_name'] %>
53
+user_domain_id = <%= @astara_settings['user_domain_id'] %>
54
+password = <%= @astara_settings['keystone_passwd'] %>
55
+username = <%= @astara_settings['keystone_user'] %>
56
+
57
+[loadbalancer]
58
+# image_uuid = <%= @astara_settings['lb_image_uuid'] %>
59
+# instance_flavor = <%= @astara_settings['lb_instance_flavor'] %>
60
+
61
+[matchmaker_redis]
62
+
63
+[oslo_messaging_amqp]
64
+
65
+[oslo_messaging_rabbit]
66
+rabbit_host = <%= @astara_settings['rabbit_host'] %>
67
+rabbit_userid = <%= @astara_settings['rabbit_user'] %>
68
+rabbit_password = <%= @astara_settings['rabbit_password'] %>
69
+
70
+[pez]
71
+
72
+[router]
73
+image_uuid = <%= @astara_settings['router_image_uuid'] %>
74
+instance_flavor = <%= @astara_settings['router_instance_flavor'] %>

+ 111
- 0
deployment_scripts/scripts/astara_post_deploy.sh View File

@@ -0,0 +1,111 @@
1
+#!/bin/bash -e
2
+
3
+# Publish or find the astara image, set its id in config
4
+# Install the fuel public ssh pub key as the astara ssh key
5
+# Restart astara + neutron l2
6
+
7
+source $(dirname $0)/functions
8
+source /root/openrc
9
+export OS_ENDPOINT_TYPE=internalURL
10
+
11
+ROLE=${1:-"network-orchestrator-node"}
12
+
13
+echo "Running post-deployment task for $role"
14
+
15
+TIMEOUT=600
16
+
17
+IMG_FILE="/root/astara_appliance.qcow2"
18
+IMG_NAME="astara_appliance"
19
+
20
+if [[ ! -e $IMG_FILE ]]; then
21
+        echo "No image file found at $IMG_FILE" && exit 1
22
+fi
23
+
24
+if ! which glance; then
25
+        sudo apt-get install -y python-glanceclient
26
+fi
27
+
28
+if ! which openstack; then
29
+        sudo apt-get install -y python-openstackclient
30
+fi
31
+
32
+if ! which neutron; then
33
+        sudo apt-get -y install python-neutronclient
34
+fi
35
+
36
+# glanceclient + openstack clients are a mess and cannot request at the internal
37
+# url.... :(
38
+internal_url=`openstack catalog show image -c endpoints -f value | grep internal | awk '{ print $2 }'`
39
+OS_IMG_URL="--os-image-url=$internal_url"
40
+
41
+function publish_image {
42
+    if glance $OS_IMG_URL image-list | grep $IMG_NAME; then
43
+        return
44
+    fi
45
+    echo "Publishing astara image into glance"
46
+    glance $OS_IMG_URL image-create --name $IMG_NAME --visibility=public --container-format=bare --disk-format=qcow2 --file $IMG_FILE
47
+    echo "Published astara image $IMG_FILE into glance"
48
+}
49
+
50
+
51
+function find_image {
52
+    echo "Finding astara image in glance"
53
+    for i in $(seq 0 $TIMEOUT); do
54
+        IMG_ID=$(glance $OS_IMG_URL image-list | grep $IMG_NAME | awk '{ print $2 }')
55
+        echo $IMG_ID
56
+        if [[ -n "$IMG_ID" ]]; then
57
+            echo "Found astara applinace image in glance /w id $IMG_ID"
58
+            return
59
+        fi
60
+        echo 'zzz'
61
+        sleep 1
62
+    done
63
+    echo "Did not find astara appliance image in glance after $TIMEOUT seconds"
64
+    exit 1
65
+}
66
+
67
+function scrub_neutron {
68
+    # scrub the fuel created routers and ports that existed before the l3 agent was
69
+    # removed
70
+    for router in $(neutron router-list -c id -f value); do
71
+        subnets=$(neutron router-port-list -c id -c fixed_ips -f value $router | awk '{ print $3 }' | sed -e 's/,//g')
72
+        for subnet in $subnets; do
73
+        subnet=$(echo $subnet | sed -e's/"//g')
74
+            neutron router-gateway-clear $router $subnet || true
75
+            neutron router-interface-delete $router $subnet || true
76
+        done
77
+    done
78
+
79
+    for router in $(neutron router-list -c id -f value); do
80
+        neutron router-delete $router
81
+    done
82
+    sleep 3
83
+    for port in $(neutron port-list -c id -f value); do
84
+        neutron port-delete $port
85
+    done
86
+}
87
+
88
+if [[ "$ROLE" == "primary-network-orchestrator-node" ]]; then
89
+    publish_image
90
+    scrub_neutron
91
+fi
92
+
93
+find_image
94
+
95
+iniset /etc/astara/orchestrator.ini router image_uuid $IMG_ID
96
+iniset /etc/astara/orchestrator.ini loadbalancer image_uuid $IMG_ID
97
+
98
+# ssh key installation
99
+echo "$(cat /root/.ssh/authorized_keys)" >/etc/astara/appliance_key.pub
100
+iniset /etc/astara/orchestrator.ini DEFAULT ssh_public_key /etc/astara/appliance_key.pub
101
+
102
+service astara-orchestrator stop || true
103
+
104
+service neutron-plugin-openvswitch-agent restart
105
+
106
+# ensure bridges get created first
107
+sleep 5
108
+
109
+service astara-orchestrator start
110
+
111
+exit 0

+ 21
- 0
deployment_scripts/scripts/controller_post_deploy.sh View File

@@ -0,0 +1,21 @@
1
+#!/bin/bash -e
2
+
3
+source /root/openrc
4
+
5
+for agent in dhcp metadata l3; do
6
+        echo "Disablng $agent neutron agent in pacemaker cluster."
7
+        pcs resource disable clone_p_neutron-${agent}-agent
8
+        for id in $(neutron agent-list | grep $agent | awk '{ print $2 }'); do
9
+                echo "Deleting $agent $id from neutron."
10
+                neutron agent-delete $id
11
+        done
12
+done
13
+
14
+# The debian/ubuntu packaging has a bug that makes it impossible to gracefully
15
+# load your specific config files without mangling its upstart conf.
16
+sed -i 's/\$CONF_ARG$/--config-file \/etc\/neutron\/plugins\/ml2\/ml2_conf.ini/g' /etc/init/neutron-server.conf
17
+
18
+# Kick neutron-server after everythings been installed + configured
19
+service neutron-server restart || true
20
+
21
+exit 0

+ 39
- 0
deployment_scripts/scripts/create_neutron_networks.sh View File

@@ -0,0 +1,39 @@
1
+#!/bin/bash -e
2
+
3
+if ! which neutron; then
4
+  sudo apt-get -y install python-neutronclient
5
+fi
6
+
7
+source /root/openrc
8
+
9
+source $(dirname $0)/functions
10
+
11
+
12
+mgt_name=${1:-"astara_mgmt"}
13
+mgt_prefix=${2:-"fdca:3ba5:a17a:acda::/64"}
14
+
15
+
16
+net_id="$(neutron net-list | grep " $mgt_name " | awk '{ print $2 }')"
17
+if [[ -z "$net_id" ]]; then
18
+	echo "Creating astara mgt net: $mgt_name"
19
+	net_id=$(neutron net-create $mgt_name | grep " id " | awk '{ print $4 }')
20
+	echo "Created astara mgt net: $net_id"
21
+else
22
+	echo "Found existing astara mgt net: $net_id"
23
+fi
24
+
25
+subnet_id="$(neutron subnet-list | grep " $mgt_prefix " | awk '{ print $2 }')"
26
+if [[ -z "$subnet_id" ]]; then
27
+	echo "Creating new astara mgt subnet for $mgt_prefix"
28
+	if [[ "$mgt_prefix" =~ ':' ]]; then
29
+		subnet_create_args="--name astara_mgmt --ip-version=6 --ipv6_address_mode=slaac --enable_dhcp"
30
+	fi
31
+	subnet_id=$(neutron subnet-create $mgt_name $mgt_prefix $subnet_create_args | grep ' id ' | awk '{ print $4 }')
32
+
33
+else
34
+	echo "Found existing mgt subnet for $mgt_prefix; $subnet_id"
35
+fi
36
+
37
+
38
+iniset /etc/astara/orchestrator.ini DEFAULT management_network_id $net_id
39
+iniset /etc/astara/orchestrator.ini DEFAULT management_subnet_id $subnet_id

+ 17
- 0
deployment_scripts/scripts/create_nova_flavor.sh View File

@@ -0,0 +1,17 @@
1
+#!/bin/bash
2
+
3
+if ! which nova; then
4
+  sudo apt-get -y install python-novaclient
5
+fi
6
+
7
+ram=${1:-512}
8
+disk=${2:-3}
9
+vcpus=${3:-1}
10
+flavor_name=${4:-m1.astara}
11
+id=${5:-511}
12
+
13
+source /root/openrc
14
+
15
+if ! nova flavor-list | awk '{ print $4 }' | grep "^$flavor_name" ; then
16
+	nova flavor-create $flavor_name $id $ram $disk $vcpus
17
+fi

+ 258
- 0
deployment_scripts/scripts/functions View File

@@ -0,0 +1,258 @@
1
+#!/bin/bash
2
+#
3
+# **inc/ini-config** - Configuration/INI functions
4
+#
5
+# Support for manipulating INI-style configuration files
6
+#
7
+# These functions have no external dependencies and no side-effects
8
+
9
+# Save trace setting
10
+INC_CONF_TRACE=$(set +o | grep xtrace)
11
+set +o xtrace
12
+
13
+
14
+# Config Functions
15
+# ================
16
+
17
+# Append a new option in an ini file without replacing the old value
18
+# iniadd [-sudo] config-file section option value1 value2 value3 ...
19
+function iniadd {
20
+    local xtrace=$(set +o | grep xtrace)
21
+    set +o xtrace
22
+    local sudo=""
23
+    if [ $1 == "-sudo" ]; then
24
+        sudo="-sudo "
25
+        shift
26
+    fi
27
+    local file=$1
28
+    local section=$2
29
+    local option=$3
30
+    shift 3
31
+
32
+    local values="$(iniget_multiline $file $section $option) $@"
33
+    iniset_multiline $sudo $file $section $option $values
34
+    $xtrace
35
+}
36
+
37
+# Comment an option in an INI file
38
+# inicomment [-sudo] config-file section option
39
+function inicomment {
40
+    local xtrace=$(set +o | grep xtrace)
41
+    set +o xtrace
42
+    local sudo=""
43
+    if [ $1 == "-sudo" ]; then
44
+        sudo="sudo "
45
+        shift
46
+    fi
47
+    local file=$1
48
+    local section=$2
49
+    local option=$3
50
+
51
+    $sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ s|^\($option[ \t]*=.*$\)|#\1|" "$file"
52
+    $xtrace
53
+}
54
+
55
+# Get an option from an INI file
56
+# iniget config-file section option
57
+function iniget {
58
+    local xtrace=$(set +o | grep xtrace)
59
+    set +o xtrace
60
+    local file=$1
61
+    local section=$2
62
+    local option=$3
63
+    local line
64
+
65
+    line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file")
66
+    echo ${line#*=}
67
+    $xtrace
68
+}
69
+
70
+# Get a multiple line option from an INI file
71
+# iniget_multiline config-file section option
72
+function iniget_multiline {
73
+    local xtrace=$(set +o | grep xtrace)
74
+    set +o xtrace
75
+    local file=$1
76
+    local section=$2
77
+    local option=$3
78
+    local values
79
+
80
+    values=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { s/^$option[ \t]*=[ \t]*//gp; }" "$file")
81
+    echo ${values}
82
+    $xtrace
83
+}
84
+
85
+# Determinate is the given option present in the INI file
86
+# ini_has_option config-file section option
87
+function ini_has_option {
88
+    local xtrace=$(set +o | grep xtrace)
89
+    set +o xtrace
90
+    local file=$1
91
+    local section=$2
92
+    local option=$3
93
+    local line
94
+
95
+    line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file")
96
+    $xtrace
97
+    [ -n "$line" ]
98
+}
99
+
100
+# Add another config line for a multi-line option.
101
+# It's normally called after iniset of the same option and assumes
102
+# that the section already exists.
103
+#
104
+# Note that iniset_multiline requires all the 'lines' to be supplied
105
+# in the argument list. Doing that will cause incorrect configuration
106
+# if spaces are used in the config values.
107
+#
108
+# iniadd_literal [-sudo] config-file section option value
109
+function iniadd_literal {
110
+    local xtrace=$(set +o | grep xtrace)
111
+    set +o xtrace
112
+    local sudo=""
113
+    if [ $1 == "-sudo" ]; then
114
+        sudo="sudo "
115
+        shift
116
+    fi
117
+    local file=$1
118
+    local section=$2
119
+    local option=$3
120
+    local value=$4
121
+
122
+    if [[ -z $section || -z $option ]]; then
123
+        $xtrace
124
+        return
125
+    fi
126
+
127
+    # Add it
128
+    $sudo sed -i -e "/^\[$section\]/ a\\
129
+$option = $value
130
+" "$file"
131
+
132
+    $xtrace
133
+}
134
+
135
+# Remove an option from an INI file
136
+# inidelete [-sudo] config-file section option
137
+function inidelete {
138
+    local xtrace=$(set +o | grep xtrace)
139
+    set +o xtrace
140
+    local sudo=""
141
+    if [ $1 == "-sudo" ]; then
142
+        sudo="sudo "
143
+        shift
144
+    fi
145
+    local file=$1
146
+    local section=$2
147
+    local option=$3
148
+
149
+    if [[ -z $section || -z $option ]]; then
150
+        $xtrace
151
+        return
152
+    fi
153
+
154
+    # Remove old values
155
+    $sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ d; }" "$file"
156
+
157
+    $xtrace
158
+}
159
+
160
+# Set an option in an INI file
161
+# iniset [-sudo] config-file section option value
162
+#  - if the file does not exist, it is created
163
+function iniset {
164
+    local xtrace=$(set +o | grep xtrace)
165
+    set +o xtrace
166
+    local sudo=""
167
+    if [ $1 == "-sudo" ]; then
168
+        sudo="sudo "
169
+        shift
170
+    fi
171
+    local file=$1
172
+    local section=$2
173
+    local option=$3
174
+    local value=$4
175
+
176
+    if [[ -z $section || -z $option ]]; then
177
+        $xtrace
178
+        return
179
+    fi
180
+
181
+    if ! grep -q "^\[$section\]" "$file" 2>/dev/null; then
182
+        # Add section at the end
183
+        echo -e "\n[$section]" | $sudo tee --append "$file" > /dev/null
184
+    fi
185
+    if ! ini_has_option "$file" "$section" "$option"; then
186
+        # Add it
187
+        $sudo sed -i -e "/^\[$section\]/ a\\
188
+$option = $value
189
+" "$file"
190
+    else
191
+        local sep=$(echo -ne "\x01")
192
+        # Replace it
193
+        $sudo sed -i -e '/^\['${section}'\]/,/^\[.*\]/ s'${sep}'^\('${option}'[ \t]*=[ \t]*\).*$'${sep}'\1'"${value}"${sep} "$file"
194
+    fi
195
+    $xtrace
196
+}
197
+
198
+# Set a multiple line option in an INI file
199
+# iniset_multiline [-sudo] config-file section option value1 value2 valu3 ...
200
+function iniset_multiline {
201
+    local xtrace=$(set +o | grep xtrace)
202
+    set +o xtrace
203
+    local sudo=""
204
+    if [ $1 == "-sudo" ]; then
205
+        sudo="sudo "
206
+        shift
207
+    fi
208
+    local file=$1
209
+    local section=$2
210
+    local option=$3
211
+
212
+    shift 3
213
+    local values
214
+    for v in $@; do
215
+        # The later sed command inserts each new value in the line next to
216
+        # the section identifier, which causes the values to be inserted in
217
+        # the reverse order. Do a reverse here to keep the original order.
218
+        values="$v ${values}"
219
+    done
220
+    if ! grep -q "^\[$section\]" "$file"; then
221
+        # Add section at the end
222
+        echo -e "\n[$section]" | $sudo tee --append "$file" > /dev/null
223
+    else
224
+        # Remove old values
225
+        $sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ d; }" "$file"
226
+    fi
227
+    # Add new ones
228
+    for v in $values; do
229
+        $sudo sed -i -e "/^\[$section\]/ a\\
230
+$option = $v
231
+" "$file"
232
+    done
233
+    $xtrace
234
+}
235
+
236
+# Uncomment an option in an INI file
237
+# iniuncomment config-file section option
238
+function iniuncomment {
239
+    local xtrace=$(set +o | grep xtrace)
240
+    set +o xtrace
241
+    local sudo=""
242
+    if [ $1 == "-sudo" ]; then
243
+        sudo="sudo "
244
+        shift
245
+    fi
246
+    local file=$1
247
+    local section=$2
248
+    local option=$3
249
+    $sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ s|[^ \t]*#[ \t]*\($option[ \t]*=.*$\)|\1|" "$file"
250
+    $xtrace
251
+}
252
+
253
+# Restore xtrace
254
+$INC_CONF_TRACE
255
+
256
+# Local variables:
257
+# mode: shell-script
258
+# End:

+ 87
- 0
deployment_scripts/scripts/install_astara_from_src.sh View File

@@ -0,0 +1,87 @@
1
+#!/bin/bash -ex
2
+
3
+repo=$1
4
+branch=$2
5
+dest=$3
6
+venv=/opt/venv/astara
7
+
8
+apt-get -y install python-dev libmysqlclient-dev
9
+
10
+if ! which pip ; then
11
+	apt-get -y install python-pip
12
+fi
13
+
14
+if ! which git; then
15
+	apt-get -y install git
16
+fi
17
+
18
+if ! which virtualenv ; then
19
+	pip install virtualenv
20
+fi
21
+
22
+if [[ ! -d $dest ]] ; then
23
+	git clone $repo $dest
24
+	(cd $dest && git checkout $branch)
25
+fi
26
+
27
+dirs="/var/log/astara /var/lib/astara /etc/astara"
28
+for dir in $dirs; do
29
+	mkdir -p $dir
30
+done
31
+
32
+if ! getent group astara > /dev/null 2>&1
33
+then
34
+        addgroup --system astara >/dev/null
35
+fi
36
+
37
+if ! getent passwd astara > /dev/null 2>&1
38
+then
39
+	adduser --system --home /var/lib/astara --ingroup astara --no-create-home --shell /bin/false astara
40
+fi
41
+
42
+for i in $(ls $dest/etc/); do
43
+	if [[ ! -e /etc/astara/$i ]]; then
44
+		cp -r $dest/etc/$i /etc/astara
45
+	fi
46
+done
47
+
48
+chown -R astara:adm /var/log/astara/
49
+chmod 0750 /var/log/astara/
50
+chown astara:astara -R /var/lib/astara/ /etc/astara/
51
+chmod 0750 /etc/astara/
52
+
53
+cat >/etc/sudoers.d/astara_sudoers <<END
54
+Defaults:astara !requiretty
55
+astara ALL = (root) NOPASSWD: /usr/bin/astara-rootwrap
56
+END
57
+chmod 0440 /etc/sudoers.d/astara_sudoers
58
+
59
+if [[ ! -d $venv ]]; then
60
+	mkdir -p $(dirname $venv)
61
+	virtualenv $venv
62
+fi
63
+
64
+cat >/etc/init/astara-orchestrator.conf <<END
65
+description "Astara Network Orchestrator server"
66
+author "Eric Lopez <eric.lopez@akanda.io>"
67
+
68
+start on runlevel [2345]
69
+stop on runlevel [!2345]
70
+
71
+respawn
72
+
73
+chdir /var/run
74
+
75
+exec start-stop-daemon --start --chuid astara --exec /usr/bin/astara-orchestrator -- --config-file=/etc/astara/orchestrator.ini
76
+END
77
+
78
+if ! which astara-orchestrator; then
79
+	$venv/bin/pip install -r $dest/requirements.txt $dest
80
+	$venv/bin/pip install "PyMySQL>=0.6.2"
81
+	$venv/bin/pip install "MySQL-python;python_version=='2.7'"
82
+	for bin in $(ls $venv/bin/astara*) ; do
83
+    if [[ ! -e /usr/bin/$(basename $bin) ]]; then
84
+      ln -s $bin /usr/bin/$(basename $bin)
85
+    fi
86
+	done
87
+fi

+ 39
- 0
deployment_scripts/scripts/set_neutron_networks_config.sh View File

@@ -0,0 +1,39 @@
1
+#!/bin/bash -e
2
+# Spin indefinitely until our mgt net and subnet show up in neutron. This will
3
+# be timed out by deployment_tasks if it does not succeed.
4
+
5
+source /root/openrc
6
+
7
+source $(dirname $0)/functions
8
+
9
+if ! which neutron; then
10
+    sudo apt-get -y install python-neutronclient
11
+fi
12
+
13
+mgt_name=${1:-"astara_mgmt"}
14
+mgt_prefix=${2:-"fdca:3ba5:a17a:acda::/64"}
15
+
16
+while [[ -z "$net_id" ]]; do
17
+	net_id="$(neutron net-list | grep " $mgt_name " | awk '{ print $2 }')"
18
+	if [[ -z "$net_id" ]]; then
19
+		echo "Still waiting on mgt net"
20
+		sleep 1
21
+	else
22
+		echo "Found astara mgt net: $net_id"
23
+		break
24
+	fi
25
+done
26
+
27
+while [[ -z "$subnet_id" ]]; do
28
+	subnet_id="$(neutron subnet-list | grep " $mgt_prefix" | awk '{ print $2 }')"
29
+	if [[ -z "$subnet_id" ]]; then
30
+		echo "Still waiting on mgt subnet"
31
+		sleep 1
32
+	else
33
+		echo "Found astara mgt subnet: $subnet_id"
34
+		break
35
+	fi
36
+done
37
+
38
+iniset /etc/astara/orchestrator.ini DEFAULT management_network_id $net_id
39
+iniset /etc/astara/orchestrator.ini DEFAULT management_subnet_id $subnet_id

+ 13
- 0
deployment_scripts/scripts/set_nova_flavor.sh View File

@@ -0,0 +1,13 @@
1
+#!/bin/bash
2
+
3
+ram=${1:-512}
4
+disk=${2:-3}
5
+vcpus=${3:-1}
6
+flavor_name=${4:-m1.astara}
7
+id=${5:-511}
8
+
9
+source /root/openrc
10
+
11
+if ! nova flavor-list | awk '{ print $4 }' | grep "^$flavor_name" ; then
12
+	nova flavor-create $flavor_name $id $ram $disk $vcpus
13
+fi

+ 177
- 0
deployment_tasks.yaml View File

@@ -0,0 +1,177 @@
1
+# These tasks will be merged into deployment graph. Here you
2
+# can specify new tasks for any roles, even built-in ones.
3
+
4
+# Deployment Groups
5
+
6
+- id: primary-network-orchestrator-node
7
+  type: group
8
+  role: [primary-network-orchestrator-node]
9
+  requires: [primary-controller, controller]
10
+  required_for: [deploy_end]
11
+  tasks: [fuel_pkgs, hiera, globals, tools, logging, netconfig,
12
+    hosts, firewall, deploy_start]
13
+  parameters:
14
+    strategy:
15
+      type: one_by_one
16
+
17
+- id: network-orchestrator-node
18
+  type: group
19
+  role: [primary-network-orchestrator-node]
20
+  requires: [primary-controller, controller, primary-network-orchestrator-node]
21
+  required_for: [deploy_end]
22
+  tasks: [fuel_pkgs, hiera, globals, tools, logging, netconfig,
23
+    hosts, firewall, deploy_start]
24
+  parameters:
25
+    strategy:
26
+      type: parallel
27
+
28
+# Deployment Tasks
29
+# No idea what purpose this hiera override task serves.
30
+- id: network-orchestrator-pre-deployment-task
31
+  type: puppet
32
+  groups: [primary-controller, controller, primary-network-orchestrator-node, network-orchestrator-node]
33
+  requires: [pre_deployment_start]
34
+  required_for: [pre_deployment_end]
35
+  parameters:
36
+    puppet_manifest: puppet/manifests/network_orchestrator_pre_deployment.pp
37
+    puppet_modules:  puppet/modules:/etc/puppet/modules
38
+    timeout: 1800
39
+
40
+- id: network-orchestrator-hiera-override
41
+  type: puppet
42
+  groups: [primary-controller, controller, primary-network-orchestrator-node, network-orchestrator-node]
43
+  requires: [globals]
44
+  required_for: [logging]
45
+  parameters:
46
+    puppet_manifest: puppet/manifests/network_orchestrator_hiera_override.pp
47
+    puppet_modules:  puppet/modules:/etc/puppet/modules
48
+    timeout: 1800
49
+
50
+# These tasks execute on the controller
51
+- id: network-orchestrator-node-db-task
52
+  type: puppet
53
+  groups: [primary-controller]
54
+  requires: [primary-database, database]
55
+  required_for: [deploy_end]
56
+  cross-depends:
57
+    - name: /(primary-)?database/
58
+  parameters:
59
+    puppet_manifest: puppet/manifests/network_orchestrator_db.pp
60
+    puppet_modules:  puppet/modules:/etc/puppet/modules
61
+    timeout: 1800
62
+
63
+- id: network-orchestrator-node-astara-neutron-install-task
64
+  type: puppet
65
+  role: [primary-controller, controller]
66
+  requires: [post_deployment_start]
67
+  required_for: [post_deployment_end]
68
+  parameters:
69
+    puppet_manifest: puppet/manifests/network_orchestrator_astara_neutron_install.pp
70
+    puppet_modules:  puppet/modules:/etc/puppet/modules
71
+    timeout: 1800
72
+
73
+- id: network-orchestrator-node-astara-neutron-configure-task
74
+  type: shell
75
+  role: [primary-controller, controller]
76
+  requires: [post_deployment_start, network-orchestrator-node-astara-neutron-install-task]
77
+  required_for: [post_deployment_end]
78
+  parameters:
79
+    cmd: ./scripts/controller_post_deploy.sh
80
+    timeout: 1800
81
+
82
+# These tasks execute on the astara node
83
+- id: network-orchestrator-node-install-task
84
+  type: puppet
85
+  groups: [primary-network-orchestrator-node, network-orchestrator-node]
86
+  requires: [network-orchestrator-hiera-override, netconfig]
87
+  required_for: [deploy_end]
88
+  parameters:
89
+    puppet_manifest: puppet/manifests/network_orchestrator_install.pp
90
+    puppet_modules:  puppet/modules:/etc/puppet/modules
91
+    timeout: 1800
92
+
93
+- id: network-orchestrator-node-ml2-task
94
+  type: puppet
95
+  groups: [primary-network-orchestrator-node, network-orchestrator-node]
96
+  requires: [network-orchestrator-node-install-task]
97
+  required_for: [deploy_end]
98
+  parameters:
99
+    puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/plugins/ml2.pp
100
+    puppet_modules:  puppet/modules:/etc/puppet/modules
101
+    timeout: 1800
102
+
103
+- id: network-orchestrator-node-ml2-config-task
104
+  type: puppet
105
+  groups: [primary-network-orchestrator-node, network-orchestrator-node]
106
+  requires: [network-orchestrator-node-ml2-task]
107
+  required_for: [deploy_end]
108
+  parameters:
109
+    puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/common-config.pp
110
+    puppet_modules:  puppet/modules:/etc/puppet/modules
111
+    timeout: 1800
112
+
113
+- id: network-orchestrator-node-configure-task
114
+  type: puppet
115
+  groups: [primary-network-orchestrator-node, network-orchestrator-node]
116
+  requires: [network-orchestrator-node-install-task, network-orchestrator-node-ml2-task]
117
+  required_for: [deploy_end]
118
+  parameters:
119
+    puppet_manifest: puppet/manifests/network_orchestrator_configure.pp
120
+    puppet_modules:  puppet/modules:/etc/puppet/modules
121
+    timeout: 1800
122
+
123
+- id: network-orchestrator-node-image-task
124
+  type: puppet
125
+  groups: [primary-network-orchestrator-node]
126
+  requires: [network-orchestrator-node-install-task]
127
+  required_for: [deploy_end]
128
+  parameters:
129
+    puppet_manifest: puppet/manifests/network_orchestrator_image.pp
130
+    puppet_modules:  puppet/modules:/etc/puppet/modules
131
+    timeout: 3800
132
+
133
+# This task creates neutron networks, nova flavors and syncs db
134
+# on the primary
135
+- id: network-orchestrator-node-create-resources-task
136
+  type: puppet
137
+  groups: [primary-network-orchestrator-node]
138
+  requires: [network-orchestrator-node-configure-task]
139
+  required_for: [network-orchestrator-node-set-resources-task]
140
+  parameters:
141
+    puppet_manifest: puppet/manifests/network_orchestrator_create_resources.pp
142
+    puppet_modules:  puppet/modules:/etc/puppet/modules
143
+    timeout: 1800
144
+
145
+# This task configures non-primary nodes to use those created resources
146
+- id: network-orchestrator-node-set-resources-task
147
+  type: puppet
148
+  groups: [network-orchestrator-node]
149
+  requires: [network-orchestrator-node-create-resources-task]
150
+  required_for: [deploy_end]
151
+  parameters:
152
+    puppet_manifest: puppet/manifests/network_orchestrator_set_resources.pp
153
+    puppet_modules:  puppet/modules:/etc/puppet/modules
154
+    timeout: 1800
155
+
156
+
157
+- id: network-orchestrator-primary-node-post-deployment-task
158
+  type: shell
159
+  role: [primary-network-orchestrator-node]
160
+  requires: [post_deployment_start, upload_cirros]
161
+  required_for: [network-orchestrator-node-post-deployment-task]
162
+  parameters:
163
+    cmd: ./scripts/astara_post_deploy.sh primary-network-orchestrator-node
164
+    timeout: 1800
165
+    retries: 3
166
+    interval: 20
167
+
168
+- id: network-orchestrator-node-post-deployment-task
169
+  type: shell
170
+  role: [network-orchestrator-node]
171
+  requires: [network-orchestrator-primary-node-post-deployment-task]
172
+  required_for: [post_deployment_end]
173
+  parameters:
174
+    cmd: ./scripts/astara_post_deploy.sh network-orchestrator-node
175
+    timeout: 1800
176
+    retries: 3
177
+    interval: 20

+ 55
- 0
environment_config.yaml View File

@@ -0,0 +1,55 @@
1
+attributes:
2
+  metadata:
3
+    restrictions:
4
+      - action: hide
5
+        condition: "cluster:net_provider != 'neutron'"
6
+      - condition: "settings:neutron_advanced_configuration.neutron_dvr.value == true"
7
+        message: "Neutron DVR must be disabled in order to use Astara plugin"
8
+      - condition: "settings:neutron_advanced_configuration.neutron_l3_ha.value == true"
9
+        message: "Neutron L3 HA must be disabled in order to use Astara plugin"
10
+      - condition: "settings:public_network_assignment.assign_to_all_nodes.value == false"
11
+        message: "Enable Public Network Access for all nodes"
12
+      - condition: "settings:neutron_advanced_configuration.neutron_l2_pop.value == false and networking_parameters:segmentation_type != 'vlan'"
13
+        message: "Enable Neutron L2 Population"
14
+    group: network
15
+    astara_db_password:
16
+        generator: "password"
17
+  astara_mgmt_name:
18
+    value: 'astara_mgmt'
19
+    label: 'Astara Management Network Name'
20
+    weight: 15
21
+    description: 'Set the Astara Management Neutron Network Name'
22
+    type: "text"
23
+  astara_mgmt_ipv6_prefix:
24
+    value: 'fdca:3ba5:a17a:acda::/64'
25
+    label: 'Astara Management IPv6 Prefix'
26
+    description: 'Set the IPv6 Prefix for the Management Network'
27
+    weight: 20
28
+    type: "text"
29
+    regex:
30
+      source: '(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))'
31
+      error: "Invalid IPv6 Prefix"
32
+  astara_mgmt_service_port:
33
+    value: '5000'
34
+    label: 'Astara Management Service Port'
35
+    description: 'Set the Astara Managment Service Port'
36
+    weight: 25
37
+    type: "text"
38
+    regex:
39
+      source: '^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$'
40
+      error: "Must specify a management port (ie, 5000)"
41
+  astara_api_port:
42
+    value: '44250'
43
+    label: 'Astara API Service Port'
44
+    description: 'Set the Astara API Service Port'
45
+    weight: 30
46
+    type: "text"
47
+    regex:
48
+      source: '^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$'
49
+      error: "Empty API Service Port"
50
+  astara_appliance_image_location:
51
+    value: 'http://tarballs.openstack.org/astara-appliance/images/astara_appliance_mitaka.qcow2'
52
+    label: 'Astara Appliance Image URL'
53
+    description: 'Set the Astara Appliance Image Download URL'
54
+    weight: 35
55
+    type: "text"

+ 34
- 0
metadata.yaml View File

@@ -0,0 +1,34 @@
1
+# Plugin name
2
+name: fuel-plugin-astara
3
+# Human-readable name for your plugin
4
+title: Use Astara Network Orchestrator
5
+# Plugin version
6
+version: '1.0.32'
7
+# Description
8
+description: Enable to use Openstack Astara Network Orchestrator for Neutron Networking
9
+# Required fuel version
10
+fuel_version: ['8.0']
11
+# Specify license of your plugin
12
+licenses: ['Apache License Version 2.0']
13
+# Specify author or company name
14
+authors: ['Akanda, Inc.']
15
+# A link to the plugin's page
16
+homepage: 'https://github.com/openstack/fuel-plugins-astara'
17
+# Specify a group which your plugin implements, possible options:
18
+# network, storage, storage::cinder, storage::glance, hypervisor,
19
+# equipment
20
+groups: ['network']
21
+# Change `false` to `true` if the plugin can be installed in the environment
22
+# after the deployment.
23
+is_hotpluggable: false
24
+
25
+# The plugin is compatible with releases in the list
26
+releases:
27
+  - os: ubuntu
28
+    version: liberty-8.0
29
+    mode: ['ha','multinode']
30
+    deployment_scripts_path: deployment_scripts/
31
+    repository_path: repositories/ubuntu
32
+
33
+# Version of plugin package
34
+package_version: '4.0.0'

+ 17
- 0
network_roles.yaml View File

@@ -0,0 +1,17 @@
1
+# Unique network role name
2
+- id: "astara_neutron"
3
+  # Role mapping to network
4
+  default_mapping: "management"
5
+  properties:
6
+    # Should be true if network role requires subnet being set
7
+    subnet: true
8
+    # Should be true if network role requires gateway being set
9
+    gateway: false
10
+    # List of VIPs to be allocated
11
+    vip:
12
+         # Unique VIP name
13
+       - name: "astara_orchestrator_vip"
14
+         # Optional linux namespace for VIP
15
+         namespace: "haproxy"
16
+         alias: "rug_vip"
17
+         node_roles: ["primary-network-controller", "network-controller"]

+ 17
- 0
node_roles.yaml View File

@@ -0,0 +1,17 @@
1
+network-orchestrator-node:
2
+  # Role name
3
+  name: "Network Orchestrator Node"
4
+  # Role description
5
+  description: "Role to create a seperate Node for Astara Network Orchestartor Service"
6
+  # If primary then during orchestration this role will be
7
+  # separated into primary-role and role
8
+  has_primary: true
9
+  # Assign public IP to node if true
10
+  public_ip_required: false
11
+  # Weight that will be used to sort out the
12
+  # roles on the Fuel web UI
13
+  weight: 1000
14
+  conflicts:
15
+    - compute
16
+  limits:
17
+    min: 1

+ 11
- 0
pre_build_hook View File

@@ -0,0 +1,11 @@
1
+#!/bin/bash
2
+set -eux
3
+
4
+ROOT="$(dirname `readlink -f $0`)"
5
+RPM_REPO="${ROOT}"/repositories/centos/
6
+DEB_REPO="${ROOT}"/repositories/ubuntu/
7
+
8
+# DEB Package Files
9
+# RPM Package Files
10
+# wget -P "${RPM_REPO}" "${ASTARA_MITAKA_REPO_LOC}/"
11
+

+ 0
- 0
repositories/centos/.gitignore View File


+ 0
- 0
repositories/centos/.gitkeep View File


+ 0
- 0
repositories/ubuntu/.gitignore View File


+ 0
- 0
repositories/ubuntu/.gitkeep View File


+ 1
- 0
tasks.yaml View File

@@ -0,0 +1 @@
1
+[]

Loading…
Cancel
Save