x/fuel-plugin-contrail
Code Issues Proposed changes

Removed Fabric as a way to deploy VMware ContrailVM

Browse Source 
- Removed switch between Fuel/Fabric deployment of Contrail VMware Vrouter node.
- Removed all outdated mechanisms and scripts.
- Changed Environment configuration.
- Cnanged Contrail YAML.
- Added new mechanism to identify the ESXi node on which
  contrail-vrouter is running
- Changed mechanism of getting data about vmware-compute to
  contrail-vmware node mappings
- Changed contrail-yaml variables to make configuration easier

Change-Id: Ic0445c1e85c2f3b26543ca6e8bd9c79fa6b91f74
This commit is contained in:
Andrey Kirilochkin
2016-08-29 12:42:16 -05:00
parent 5de0c4c137
commit c6ae4802d9
25 changed files with 541 additions and 823 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
deployment_scripts/puppet/manifests/controller-vmware.pp → deployment_scripts/puppet/manifests/contrail-vmware-pre.pp
View File

@@ -12,8 +12,8 @@
# License for the specific language governing permissions and limitations
# under the License.
notice('MODULAR: contrail/controller-vmware.pp')
notice('MODULAR: contrail/contrail-vmware-pre.pp')
include contrail
include contrail::controller::vmware
include contrail::contrail_vmware_pre

81
deployment_scripts/puppet/modules/contrail/files/additional_tasks.py
View File

@@ -1,81 +0,0 @@
import time
from fabfile.utils.fabos import *
from fabric.contrib.files import exists
from fabfile.tasks.install import install_pkg_node
from fabfile.tasks.install import create_install_repo_node
from fabfile.tasks.install import apt_install
@task
#@parallel(pool_size=20)
#use compute role because in testbed we will set only ContrailVM ips
@roles('compute')
def prepare_contrailvm(pkg):
"""Install local repository of contrail packages on ContrailVM"""
time.sleep(30)
with settings(password='c0ntrail123', connection_attempts=10):
sudo('echo > /etc/apt/sources.list')
execute(install_pkg_node, pkg, env.host_string)
execute(create_install_repo_node, env.host_string)
@task
#@parallel(pool_size=20)
#use compute role because in testbed we will set conly ContrailVM ips
@roles('compute')
def fab_install_vrouter():
"""Install vrouter packages on ContrailVM"""
with settings(password='c0ntrail123', connection_attempts=10):
vrouter_pkg = ['contrail-vrouter-dkms', 'contrail-vrouter-common', 'contrail-nova-vif']
apt_install(vrouter_pkg)
@task
@parallel(pool_size=20)
def disable_add_vnc_config():
"""Disable provision vrouter when exucute setup-vnc-compute on ContrailVM.
On ContrailVMs we don't have access to managment network, so we don't
have access to keystone."""
with settings(password='c0ntrail123', connection_attempts=20):
patched_file = '/usr/local/lib/python2.7/dist-packages/contrail_provisioning/compute/common.py'
cmd = 'sed -i "s~python\ /opt/contrail/utils/provision_vrouter\.py~echo~g" %s' % patched_file
sudo(cmd)
@task
def provision_contrailvm(cmd):
"""Create configuration files on ContrailVM"""
with settings(password='c0ntrail123', connection_attempts=10):
sudo(cmd)
@task
def deploy_agent_param():
"""Deploy agent_param.tmpl on ContrailVM"""
with settings(password='c0ntrail123', connection_attempts=10):
cmd = '/opt/contrail/bin/vnagent_param_setup.sh'
sudo(cmd)
@task
def change_hostname(hostname):
"""Change hostname on ContrailVM"""
with settings(password='c0ntrail123', connection_attempts=10):
cmd = 'echo %s > /etc/hostname' % hostname
sudo(cmd)
@task
def set_ntp(ntp):
"""Set proper ntp server on ContrailVM"""
with settings(password='c0ntrail123', connection_attempts=10):
sudo('sed -i "/^server/g" /etc/ntp.conf')
sudo('echo "server %s" >> /etc/ntp.conf' % ntp)
@task
def redeploy_vrouter_module():
"""Deploy agent_param.tmpl on ContrailVM"""
with settings(password='c0ntrail123', connection_attempts=10):
cmd = 'dkms uninstall vrouter/3.0.2.0'
cmd1 = 'dpkg -i /opt/contrail/contrail_install_repo/contrail-vrouter-dkms*'
sudo(cmd)
sudo(cmd1)

37
deployment_scripts/puppet/modules/contrail/lib/puppet/parser/functions/create_esxi_map.rb
View File

@@ -1,37 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'yaml'
module Puppet::Parser::Functions
newfunction(:create_esxi_map, :type => :rvalue, :doc => <<-EOS
Produce array of lines for Contrail VMware plugin map file
EOS
) do |args|
vcenter_hash = function_hiera_hash(['vcenter'], {})
compute_vmware_clusters = vcenter_hash['computes'][0]['vc_cluster'].split(',')
contrail_hash = function_hiera_hash(["contrail", {}])
esxi_hash = YAML.load contrail_hash['contrail_vcenter_esxi_for_fabric']
map_elements = Array.new
esxi_hash.each do |esxi_name, esxi_values|
if compute_vmware_clusters.include?(esxi_values['cluster'])
contrail_vm_ip = esxi_values['contrail_vm']['host'].split('@')[1]
map_elements << [esxi_values['ip'], contrail_vm_ip].join(':')
end
end
return map_elements.sort
end
end

8
deployment_scripts/puppet/modules/contrail/lib/puppet/parser/functions/fetch_esxi_data.rb
View File

@@ -20,8 +20,10 @@ newfunction(:fetch_esxi_data, :type => :rvalue, :doc => <<-EOS
) do |args|
host = args[0]
hiera = function_hiera_hash(["contrail", {}])
fail 'There is no section "contrail_vcenter_esxi_for_fabric" in the "contrail" data!' unless hiera["contrail_vcenter_esxi_for_fabric"]
user_fab = YAML.load hiera["contrail_vcenter_esxi_for_fabric"]
user_fab.map{ |k, v| v if v["contrail_vm"]["host"] == host}[0]
fail 'There is no section "contrail_vcenter_esxi_yaml" in the "contrail" data!' unless hiera["contrail_vcenter_esxi_yaml"]
user_fab = YAML.load hiera["contrail_vcenter_esxi_yaml"]
user_fab.each do |k, v|
return v if v["ip"] == host
end
end
end

33
deployment_scripts/puppet/modules/contrail/lib/puppet/parser/functions/get_contrailvm_ips.rb
View File

@@ -1,33 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'yaml'
module Puppet::Parser::Functions
newfunction(:get_contrailvm_ips, :type => :rvalue, :doc => <<-EOS
Return list of ContrailVM ips
EOS
) do |args|
vm_ips = []
hiera = function_hiera_hash(["contrail", {}])
fail 'There is no section "contrail_vcenter_esxi_for_fabric" in the "contrail" data!' unless hiera["contrail_vcenter_esxi_for_fabric"]
user_fab = YAML.load hiera["contrail_vcenter_esxi_for_fabric"]
user_fab.each do |_, v|
if v.key?("contrail_vm")
vm_ips << v["contrail_vm"]["host"]
end
end
return vm_ips
end
end

35
deployment_scripts/puppet/modules/contrail/lib/puppet/parser/functions/prepare_user_fab.rb
View File

@@ -1,35 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'yaml'
require 'json'
module Puppet::Parser::Functions
newfunction(:prepare_user_fab, :type => :rvalue, :doc => <<-EOS
Prepare user data for putting in testbed.py
EOS
) do |args|
hiera = function_hiera(["contrail"])
default_fab = args[0]
user_fab = YAML.load hiera["contrail_vcenter_esxi_for_fabric"]
full_fab = user_fab
full_fab.each { |k, v|
full_fab[k]["vcenter_server"] = default_fab["vcenter_server"]
full_fab[k]["contrail_vm"]["mode"] = default_fab["mode"]
full_fab[k]["contrail_vm"]["vmdk"] = default_fab["vmdk"]
}
pretty_fab = JSON.pretty_generate full_fab
return pretty_fab
end
end

22
deployment_scripts/puppet/modules/contrail/lib/puppet/provider/contrail_vcenter_plugin_config/ini_setting.rb Normal file
View File

@@ -0,0 +1,22 @@
Puppet::Type.type(:contrail_vcenter_plugin_config).provide(
:ini_setting,
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
) do
def section
resource[:name].split('/', 2).first
end
def setting
resource[:name].split('/', 2).last
end
def separator
'='
end
def self.file_path
'/etc/contrail/contrail-vcenter-plugin.conf'
end
end

90
deployment_scripts/puppet/modules/contrail/lib/puppet/provider/vcenter_vrouter_map/ruby.rb Normal file
View File

@@ -0,0 +1,90 @@
require 'digest'
require 'puppet'
require 'open3'
Puppet::Type.type(:vcenter_vrouter_map).provide(:ruby) do
# alternative "commands" implementation
# returns only the stdout of the command if there
# was no error and returns both channels as the exception
# if an error have occured. It does not allow
# random non-critical warning from the openstack commands
# to break parsing
# @param name [String]
# @param path [String]
def self.has_command(name, path)
name = name.intern
command = lambda do |*args|
cmd = "#{path} #{args.flatten.join ' '}"
stdout, stderr, process_status = Open3.capture3 cmd
if process_status.exitstatus != 0
output = stdout + ' ' + stderr
raise Puppet::ExecutionFailure, "Execution of '#{cmd}' returned #{process_status.exitstatus}: #{output}"
end
stdout
end
@commands[name] = name if @commands
create_class_and_instance_method(name) do |*args|
command.call *args
end
end
commands 'script' => '/usr/local/bin/vrouter_to_esxi_map'
attr_reader :resource
MODE = 0100644
# Run the external command to obtain the vcenter mapping
# @return [String]
def vrouter_map
return @vrouter_map if @vrouter_map
options = ['-p', resource[:password], '-u', resource[:username], '-s', resource[:vcenter_host], '-i', resource[:ips]]
options += ['-y'] if resource[:yaml]
@vrouter_map = script *options
@vrouter_map += "\n" unless @vrouter_map.end_with? "\n"
@vrouter_map
end
# Save the vcenter mapping to the file
def save_vrouter_map
File.open(resource[:path], 'w', MODE) do |file|
file.write vrouter_map
end
end
# Check if the existing file is the same as the newly generated one
# @return [true,false]
def compare_vrouter_map_data
new_digest = Digest::SHA256.hexdigest vrouter_map
old_digest = Digest::SHA256.file(resource[:path]).hexdigest rescue nil
new_digest == old_digest
end
# Check if the vrouter file has the correct mode
# @return [true,false]
def check_mode_vrouter_map
File.stat(resource[:path]).mode == MODE rescue false
end
#####
def exists?
return false unless File.exists? resource[:path]
return true if resource[:ensure] == :absent
compare_vrouter_map_data and check_mode_vrouter_map
end
def create
destroy
save_vrouter_map
end
def destroy
return unless File.exists? resource[:path]
File.unlink resource[:path]
end
end

44
deployment_scripts/puppet/modules/contrail/lib/puppet/type/contrail_vcenter_plugin_config.rb Normal file
View File

@@ -0,0 +1,44 @@
Puppet::Type.newtype(:contrail_vcenter_plugin_config) do
ensurable
newparam(:name, :namevar => true) do
desc 'Section/setting name to manage from /etc/contrail/contrail-vcenter-plugin.conf'
newvalues(/\S+\/\S+/)
end
newproperty(:value) do
desc 'The value of the setting to be defined.'
munge do |value|
value = value.to_s.strip
value.capitalize! if value =~ /^(true|false)$/i
value
end
newvalues(/^[\S ]*$/)
def is_to_s( currentvalue )
if resource.secret?
return '[old secret redacted]'
else
return currentvalue
end
end
def should_to_s( newvalue )
if resource.secret?
return '[new secret redacted]'
else
return newvalue
end
end
end
newparam(:secret, :boolean => true) do
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
newvalues(:true, :false)
defaultto false
end
end

48
deployment_scripts/puppet/modules/contrail/lib/puppet/type/vcenter_vrouter_map.rb Normal file
View File

@@ -0,0 +1,48 @@
require 'puppet/parameter/boolean'
Puppet::Type.newtype(:vcenter_vrouter_map) do
ensurable do
defaultvalues
defaultto :present
end
newparam(:path) do
desc 'Path to a file to store the Vcenter map'
isnamevar
end
newparam(:username) do
desc 'The Vcenter login username'
defaultto do
fail 'Vcenter username is required!'
end
end
newparam(:password) do
desc 'The Vcenter login password'
defaultto do
fail 'Vcenter password is required!'
end
end
newparam(:vcenter_host) do
desc 'The ip or host name of the Vcenter node'
defaultto do
fail 'Vcenter host is required!'
end
end
newparam(:ips, :array_matching => :all) do
desc 'The list of VM ip addresses that should be added to the map'
defaultto do
fail 'List of the Contrail VM ips should not be empty!'
end
end
newparam(:yaml, :boolean => true, :parent => Puppet::Parameter::Boolean) do
desc 'Enable the YAML output format'
defaultto false
end
end

50
deployment_scripts/puppet/modules/contrail/manifests/compute/vmware.pp
View File

@@ -32,24 +32,56 @@ class contrail::compute::vmware {
ensure => directory,
mode => '0750',
}
file {'/etc/contrail/ESXiToVRouterIp.map':
content => template('contrail/ESXiToVRouterIp.map.erb')
}
file {'/etc/contrail/contrail-vcenter-plugin.conf':
file { 'vrouter_to_esxi_map' :
ensure => present,
content => template('contrail/contrail-vcenter-plugin.conf.erb'),
}~>
# Enable and start service
owner => 'root',
group => 'root',
mode => '0755',
content => template('contrail/vrouter_to_esxi_map.py.erb'),
path => '/usr/local/bin/vrouter_to_esxi_map',
}
vcenter_vrouter_map { 'ESXiToVRouterIp.map' :
ensure => present,
password => $contrail::vcenter_server_pass,
username => $contrail::vcenter_server_user,
vcenter_host => $contrail::vcenter_server_ip,
ips => $contrail::contrail_vcenter_vm_ips,
path => '/etc/contrail/ESXiToVRouterIp.map',
yaml => false,
}
contrail_vcenter_plugin_config {
'DEFAULT/vcenter.url': value => "https://${contrail::vcenter_server_ip}/sdk";
'DEFAULT/vcenter.username': value => $contrail::vcenter_server_user;
'DEFAULT/vcenter.password': value => $contrail::vcenter_server_pass;
'DEFAULT/vcenter.datacenter': value => $contrail::contrail_vcenter_datacenter;
'DEFAULT/vcenter.dvswitch': value => $contrail::contrail_vcenter_dvswitch;
'DEFAULT/vcenter.ipfabricpg': value => $contrail::contrail_vcenter_prv_vswitchpg;
'DEFAULT/mode': value => 'vcenter-as-compute';
'DEFAULT/auth_url': value => "${contrail::internal_auth_protocol}://${contrail::internal_auth_address}:35357/v2.0";
'DEFAULT/admin_user': value => $contrail::neutron_user;
'DEFAULT/admin_password': value => $contrail::service_token;
'DEFAULT/admin_tenant_name': value => $contrail::service_tenant;
'DEFAULT/api.hostname': value => $contrail::contrail_private_vip;
'DEFAULT/api.port': value => $contrail::api_server_port;
'DEFAULT/zookeeper.serverlist': value => $contrail::zk_server_ip;
'DEFAULT/introspect.port': value => '8234';
}
service { 'contrail-vcenter-plugin':
ensure => running,
enable => true,
}
Nova_Config <||> ~>
service { 'nova-compute':
ensure => running,
enable => true,
}
File['vrouter_to_esxi_map'] ~> Vcenter_vrouter_map['ESXiToVRouterIp.map']
Nova_Config <||> ~> Service['nova-compute']
Vcenter_vrouter_map['ESXiToVRouterIp.map'] ~> Service['contrail-vcenter-plugin']
Contrail_vcenter_plugin_config <||> ~> Service['contrail-vcenter-plugin']
}

21
deployment_scripts/puppet/modules/contrail/manifests/compute/vmware_pkg.pp
View File

@@ -26,21 +26,34 @@ class contrail::compute::vmware_pkg {
}
#Create a pinning
#NOTE(AKirilochkin): pyvmomi for to make python script working with vcenter
$vcenter_compute_pkgs = [
'python-bitstring', 'python-novaclient',
'tzdata', 'tzdata-java', 'openjdk-7-jre-headless']
'python-bitstring', 'python-novaclient', 'tzdata',
'tzdata-java', 'openjdk-7-jre-headless', 'python-pyvmomi']
#NOTE(AKirilochkin): urllib3 - to allow work with self-signed ssl-certificate
apt::pin { 'python-urllib3-pin':
explanation => 'Set override for packages from contrail repository',
priority => 1400,
label => 'contrail',
packages => python-urllib3,
} ->
apt::pin { 'vcenter_compute_pkgs_pin':
explanation => 'Set override for packages from contrail repository',
priority => 1400,
label => 'contrail',
packages => $vcenter_compute_pkgs,
} ->
group { 'libvirtd':
ensure => 'present',
group { 'libvirtd' :
ensure => present,
} ->
package { $vcenter_compute_pkgs: } ->
#NOTE(AKirilochkin): pyvmomi - we need it version 1.9.1
package {'python-urllib3':
ensure => latest,
} ->
package {['nova-compute', 'nova-compute-kvm', 'nova-common', 'python-nova']:}
if $contrail::patch_nova_vmware {

53
deployment_scripts/puppet/modules/contrail/manifests/contrail_vmware.pp
View File

@@ -14,15 +14,12 @@
class contrail::contrail_vmware {
if $contrail::use_vcenter and $contrail::provision_vmware_type == 'fuel'{
$self_ip = $contrail::address
$cfgm_ip = $contrail::contrail_private_vip
if $contrail::use_vcenter {
$cfgm_ip = $contrail::contrail_private_vip
$ncontrols = size($contrail::contrail_control_ips)
$amqp_server_ip = $contrail::contrail_private_vip
$service_token = $contrail::admin_token
$orchestrator = $contrail::orchestrator
$hypervisor = $contrail::hypervisor
$keystone_ip = $contrail::mos_mgmt_vip
$keystone_admin_user = $contrail::neutron_user
@@ -34,26 +31,17 @@ class contrail::contrail_vmware {
$mgmt_self_ip = $::ipaddress_br_mgmt
# Fetching the esxi data from hash
$esxi_data = fetch_esxi_data("root@${self_ip}")
$vmware = $esxi_data['ip']
$vmware_username = $esxi_data['username']
$vmware_passwd = $esxi_data['password']
$vmware_iface_name = $esxi_data['contrail_vm']['vmware_iface_name']
$vmware_vmpg_vswitch = $esxi_data['fabric_vswitch']
$vmware_vmpg_vswitch_mtu = '9000'
$mode = $contrail::mode
$contrailvm_ntp = $contrail::contrailvm_ntp
#NOTE(AKirilochkin): Workaround until hiera could merge files in folder
$mapping_data = loadyaml('/etc/hiera/plugins/contrail-esxi-vrouter-map.yaml')
$host = pick($mapping_data['esxi_mapping'][$contrail::address], '')
$esxi_data = fetch_esxi_data($host)
$vmware = pick($esxi_data['ip'], '10.0.0.0')
$vmware_iface_name = pick($esxi_data['contrail_vm']['vmware_iface_name'], 'ens161')
$phys_dev_facter = regsubst($::contrail::phys_dev, '\.' , '_')
$dev_mac = getvar("::macaddress_${phys_dev_facter}")
$delete_packages = ['openvswitch-common', 'openvswitch-datapath-dkms',
'openvswitch-datapath-lts-saucy-dkms', 'openvswitch-switch', 'nova-network',
'nova-api']
$install_packages = ['contrail-install-packages', 'contrail-fabric-utils',
'contrail-setup', 'contrail-vrouter-dkms', 'contrail-vrouter-common',
'contrail-nova-vif', 'open-vm-tools', 'iproute2']
l23network::l3::ifconfig { $vmware_iface_name: ipaddr => 'none' }
$sysctl_settings = {
@@ -83,20 +71,12 @@ class contrail::contrail_vmware {
line => 'crashkernel=384M-2G:64M,2G-16G:128M,16G-:256M\1',
}
if !is_pkg_installed('contrail-openstack-vrouter') {
file { 'create_supervisor_vrouter_override':
ensure => present,
path => '/etc/init/supervisor-vrouter.override',
content => 'manual',
before => Class['contrail::package'],
}
file { 'create_supervisor_vrouter_override':
ensure => present,
path => '/etc/init/supervisor-vrouter.override',
content => 'manual',
}
class { 'contrail::package':
install => [$install_packages],
remove => [$delete_packages],
} ->
file {'/var/crashes':
ensure => directory,
mode => '1777',
@@ -116,7 +96,6 @@ class contrail::contrail_vmware {
file {'/etc/contrail/agent_param':
ensure => present,
content => template('contrail/agent_param.erb'),
require => Class[Contrail::Package],
} ->
contrail_vrouter_agent_config {
'DEFAULT/platform' : value => 'default';
@@ -150,20 +129,18 @@ class contrail::contrail_vmware {
exec { 'remove_supervisor_override':
command => '/bin/rm /etc/init/supervisor-vrouter.override',
onlyif => '/usr/bin/test -f /etc/init/supervisor-vrouter.override',
require => Class['Contrail::Package'],
}
service {'supervisor-vrouter':
ensure => running,
enable => true,
subscribe => [Class[Contrail::Package],
Exec['remove-ovs-modules'],
subscribe => [Exec['remove-ovs-modules'],
File['/etc/contrail/agent_param']],
} ->
exec { 'register_contrailvm_vrouter':
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "python provision_vrouter.py --host_name ${::fqdn} --host_ip ${self_ip} \
command => "python provision_vrouter.py --host_name ${::fqdn} --host_ip ${contrail::address} \
--api_server_ip ${contrail_internal_vip} --api_server_port ${contrail::api_server_port} \
--oper add --admin_user ${keystone_admin_user} --admin_password ${keystone_admin_password} \
--admin_tenant_name ${service_tenant_name} --openstack_ip ${internal_vip} \

55
deployment_scripts/puppet/modules/contrail/manifests/contrail_vmware_pre.pp Normal file
View File

@@ -0,0 +1,55 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
class contrail::contrail_vmware_pre {
if $contrail::use_vcenter {
$delete_packages = ['openvswitch-common', 'openvswitch-datapath-dkms',
'openvswitch-datapath-lts-saucy-dkms', 'openvswitch-switch', 'nova-network',
'nova-api']
#NOTE(AKirilochkin): pyvmomi & urllib3 to make python script working with vcenter
$install_packages = ['contrail-install-packages', 'contrail-fabric-utils',
'contrail-setup', 'contrail-vrouter-dkms', 'contrail-vrouter-common',
'contrail-nova-vif', 'open-vm-tools', 'iproute2', 'python-pyvmomi', 'python-urllib3']
class { 'contrail::package':
install => [$install_packages],
remove => [$delete_packages],
}
file { 'vrouter_to_esxi_map' :
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
content => template('contrail/vrouter_to_esxi_map.py.erb'),
path => '/usr/local/bin/vrouter_to_esxi_map',
}
vcenter_vrouter_map { 'contrail-esxi-vrouter-map.yaml' :
ensure => present,
password => $contrail::vcenter_server_pass,
username => $contrail::vcenter_server_user,
vcenter_host => $contrail::vcenter_server_ip,
ips => $contrail::contrail_vcenter_vm_ips,
path => '/etc/hiera/plugins/contrail-esxi-vrouter-map.yaml',
yaml => true,
}
Class['contrail::package'] -> Vcenter_vrouter_map['contrail-esxi-vrouter-map.yaml']
File['vrouter_to_esxi_map'] -> Vcenter_vrouter_map['contrail-esxi-vrouter-map.yaml']
}
}

152
deployment_scripts/puppet/modules/contrail/manifests/controller/vmware.pp
View File

@@ -1,152 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
class contrail::controller::vmware {
if $contrail::use_vcenter and $contrail::provision_type_vmware == 'fabric' {
$vcenter_server_cluster = $contrail::vcenter_hash['computes'][0]['vc_cluster']
$pkgs = ['contrail-fabric-utils','contrail-setup']
$pip_pkgs = ['Fabric-1.7.5']
apt::pin {'fix_python_ecdsa':
priority => 1400,
label => 'contrail',
packages => 'python-ecdsa'
} ->
class { 'contrail::package':
install => $pkgs,
pip_install => $pip_pkgs,
} ->
exec {'retrieve latest install packages':
command => '/usr/bin/apt-get download contrail-install-packages && /bin/ln -s -f contrail-install-packages*.deb latest-contrail-install-packages.deb',
creates => '/opt/contrail/latest-contrail-install-packages.deb',
cwd => '/opt/contrail',
} ->
exec {'retrieve vmdk':
command => "/usr/bin/curl -fLO ${contrail::vmdk_vm_image}",
creates => '/opt/contrail/ContrailVM-disk1.vmdk',
cwd => '/opt/contrail',
} ->
file { '/opt/contrail/utils/fabfile/testbeds/testbed.py':
content => template('contrail/vmware_testbed.py.erb'),
mode => '0775',
} ->
file_line{'vmware_pub_authorized_keys':
path => '/root/.ssh/authorized_keys',
line => file('/var/lib/astute/vmware/vmware.pub'),
}
file { '/opt/contrail/utils/fabfile/tasks/additional_tasks.py':
mode => '0644',
source => 'puppet:///modules/contrail/additional_tasks.py',
before => Exec['fab_prepare_contrailvm'],
require => Class['contrail::package'],
} ->
file_line { 'add_additional_tasks':
path => '/opt/contrail/utils/fabfile/__init__.py',
line => 'from tasks.additional_tasks import *',
before => Exec['fab_prepare_contrailvm'],
}
if $contrail::env == 'dev' {
file_line { 'change_memsize1':
path => '/opt/contrail/utils/fabfile/templates/compute_vmx_template.py',
line => 'memsize = "2048"',
match => '^memsize',
require => Class['contrail::package'],
before => Exec['fab_prov_esxi'],
}
file_line { 'change_memsize2':
path => '/opt/contrail/utils/fabfile/templates/compute_vmx_template.py',
line => 'sched.mem.min = "2048"',
match => '^sched\.mem\.min',
require => Class['contrail::package'],
before => Exec['fab_prov_esxi'],
}
service { 'ssh':
ensure => running,
enable => true,
}
augeas { 'ssh_root_access_yes':
context => '/files/etc/ssh/sshd_config',
changes => ['set PermitRootLogin yes',
'set PasswordAuthentication yes'],
} ->
# NOTE(AKirilochkin): This is dirty hack. We have to restart sshd right now
# to make fab-scripts work with non-root feature.
# Then restart sshd again after setting set to default.
# By default puppet will schedule this event at the very end of manifest.
exec {'restart_ssh' :
command => '/sbin/restart ssh',
} ->
exec { 'fab_prov_esxi':
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => 'fab prov_esxi && touch /opt/contrail/fab_prov_esxi-DONE',
require => File_Line['vmware_pub_authorized_keys'],
creates => '/opt/contrail/fab_prov_esxi-DONE',
} ->
exec { 'fab_prepare_contrailvm':
timeout => 3300,
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => 'fab prepare_contrailvm:/opt/contrail/latest-contrail-install-packages.deb && touch /opt/contrail/fab_prepare_contrailvm-DONE',
creates => '/opt/contrail/fab_prepare_contrailvm-DONE',
} ->
exec { 'fab_install_vrouter':
timeout => 3300,
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => 'fab fab_install_vrouter && touch /opt/contrail/fab_install_vrouter-DONE',
creates => '/opt/contrail/fab_install_vrouter-DONE',
} ->
exec { 'fab_setup_vcenter':
timeout => 3300,
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => 'fab setup_vcenter && touch /opt/contrail/fab_setup_vcenter-DONE',
creates => '/opt/contrail/fab_setup_vcenter-DONE',
} ->
contrail::provision_contrailvm {$contrail::contrail_vcenter_vm_ips:
} ->
augeas { 'ssh_root_access_no':
context => '/files/etc/ssh/sshd_config',
changes => ['set PermitRootLogin no',
'set PasswordAuthentication no'],
notify => Service['ssh']
}
}
}
}

57
deployment_scripts/puppet/modules/contrail/manifests/init.pp
View File

@@ -74,8 +74,8 @@ class contrail {
$public_ssl_path = get_ssl_property($ssl_hash, $public_ssl_hash, 'horizon', 'public', 'path', [''])
#NOTE(AKirilochkin): Modern way to get the ssl values with understandable variables names
$public_horizon_endpoint = get_ssl_property($ssl_hash, {}, 'horizon', 'public', 'hostname', [$mos_public_vip])
$public_horizon_protocol = get_ssl_property($ssl_hash, {}, 'horizon', 'public', 'protocol', 'http')
$public_horizon_endpoint = get_ssl_property($ssl_hash, {}, 'horizon', 'public', 'hostname', [$mos_public_vip])
$public_horizon_protocol = get_ssl_property($ssl_hash, {}, 'horizon', 'public', 'protocol', 'http')
$internal_neutron_endpoint = get_ssl_property($ssl_hash, {}, 'neutron', 'internal', 'hostname', [$mos_mgmt_vip])
$internal_neutron_protocol = get_ssl_property($ssl_hash, {}, 'neutron', 'internal', 'protocol', 'http')
@@ -160,30 +160,22 @@ class contrail {
$vcenter_hash = hiera_hash('vcenter', {})
if $use_vcenter {
$mode = 'vcenter'
$orchestrator = 'openstack'
$hypervisor = 'libvirt'
$vmdk_vm_image = pick($settings['vmdk_vm_image'], "http://${::contrail::master_ip}:8080/plugins/contrail-3.0/ContrailVM-disk1.vmdk")
$vcenter_server_ip = pick($vcenter_hash['computes'][0]['vc_host'], '192.168.0.1')
$vcenter_server_user = pick($vcenter_hash['computes'][0]['vc_user'], 'admin')
$vcenter_server_pass = pick($vcenter_hash['computes'][0]['vc_password'], 'admin')
$vcenter_server_name = pick($vcenter_hash['computes'][0]['availability_zone_name'], 'vcenter')
$contrail_vcenter_datacenter = pick($settings['contrail_vcenter_datacenter'], 'datacenter')
$contrail_vcenter_dvswitch = pick($settings['contrail_vcenter_dvswitch'], 'Contrail_dvSwitch')
$contrail_vcenter_dvportgroup = pick($settings['contrail_vcenter_dvportgroup'], 'Contrail_DVPG')
$contrail_vcenter_dvportgroup_numberofports = pick($settings['contrail_vcenter_dvportgroup_numberofports'], '3')
$contrail_vcenter_prv_vswitchpg = pick($settings['fabric_vswitch_pg'], 'contrail-fab-pg')
$contrail_vcenter_esxi_for_fabric = pick($settings['contrail_vcenter_esxi_for_fabric'], '')
$provision_vmware = pick($settings['provision_vmware'], '')
$contrailvm_ntp = pick($settings['contrailvm_ntp'], '192.168.1.1')
$provision_vmware_type = pick($settings['provision_vmware_type'], '')
$contrail_vcenter_vm_ips = get_contrailvm_ips()
$contrail_compute_vmware_nodes_hash = get_nodes_hash_by_roles($network_metadata, ['compute-vmware'])
$contrail_compute_vmware_ips = values(get_node_to_ipaddr_map_by_network_role($contrail_compute_vmware_nodes_hash, 'neutron/mesh'))
$primary_controller_role = hiera('primary_controller_role', ['primary-controller'])
$contrail_fab_build_node_hash = get_nodes_hash_by_roles($network_metadata, $primary_controller_role)
$contrail_fab_build_ip = values(get_node_to_ipaddr_map_by_network_role($contrail_fab_build_node_hash, 'neutron/mesh'))
$contrail_fab_default = {'vmdk' => '/opt/contrail/ContrailVM-disk1.vmdk', 'vcenter_server' => 'vcenter1', 'mode' => $mode }
$mode = 'vcenter'
$orchestrator = 'openstack'
$hypervisor = 'libvirt'
$vcenter_server_ip = pick($vcenter_hash['computes'][0]['vc_host'], '192.168.0.1')
$vcenter_server_user = pick($vcenter_hash['computes'][0]['vc_user'], 'admin')
$vcenter_server_pass = pick($vcenter_hash['computes'][0]['vc_password'], 'admin')
$vcenter_server_name = pick($vcenter_hash['computes'][0]['availability_zone_name'], 'vcenter')
$contrail_vcenter_datacenter = pick($settings['contrail_vcenter_datacenter'], 'datacenter')
$contrail_vcenter_dvswitch = pick($settings['contrail_vcenter_dvswitch'], 'Contrail_dvSwitch')
$contrail_vcenter_dvportgroup = pick($settings['contrail_vcenter_dvportgroup'], 'Contrail_DVPG')
$contrail_vcenter_prv_vswitchpg = pick($settings['private_vswitch_pg'], 'contrail_pg')
$contrail_vcenter_esxi_yaml = pick($settings['contrail_vcenter_esxi_yaml'], '')
$contrail_compute_vmware_nodes_hash = get_nodes_hash_by_roles($network_metadata, ['compute-vmware'])
$contrail_compute_vmware_ips = values(get_node_to_ipaddr_map_by_network_role($contrail_compute_vmware_nodes_hash, 'neutron/mesh'))
$contrail_vmware_nodes_hash = get_nodes_hash_by_roles($contrail::network_metadata, ['contrail-vmware'])
$contrail_vcenter_vm_ips = sort(values(get_node_to_ipaddr_map_by_network_role($contrail_vmware_nodes_hash, 'neutron/mesh')))
}
# Settings for RabbitMQ on contrail controllers
@@ -192,23 +184,22 @@ class contrail {
$rabbit_hosts_ports = hiera('amqp_hosts')
# RabbitMQ nodes Mgmt IP list
$rabbit_ips = split(inline_template("<%= @rabbit_hosts_ports.split(',').map {|c| c.strip.gsub(/:[0-9]*$/,'')}.join(',') %>"),',')
$rabbit_ips = split(inline_template("<%= @rabbit_hosts_ports.split(',').map {|c| c.strip.gsub(/:[0-9]*$/,'')}.join(',') %>"),',')
# Contrail DB nodes Private IP list
$primary_contrail_db_nodes_hash = get_nodes_hash_by_roles($network_metadata, ['primary-contrail-db'])
$primary_contrail_db_ip = sort(values(get_node_to_ipaddr_map_by_network_role($primary_contrail_db_nodes_hash, 'neutron/mesh')))
$contrail_db_nodes_hash = get_nodes_hash_by_roles($network_metadata, ['primary-contrail-db', 'contrail-db'])
$contrail_db_ips = sort(values(get_node_to_ipaddr_map_by_network_role($contrail_db_nodes_hash, 'neutron/mesh')))
# Contrail Control nodes Private IP list
$contrail_control_nodes_hash = get_nodes_hash_by_roles($network_metadata, ['primary-contrail-control', 'contrail-control'])
$contrail_control_ips = sort(values(get_node_to_ipaddr_map_by_network_role($contrail_control_nodes_hash, 'neutron/mesh')))
$contrail_control_nodes_hash = get_nodes_hash_by_roles($network_metadata, ['primary-contrail-control', 'contrail-control'])
$contrail_control_ips = sort(values(get_node_to_ipaddr_map_by_network_role($contrail_control_nodes_hash, 'neutron/mesh')))
# Contrail Config nodes Private IP list
$contrail_config_nodes_hash = get_nodes_hash_by_roles($network_metadata, ['primary-contrail-config', 'contrail-config'])
$contrail_config_ips = sort(values(get_node_to_ipaddr_map_by_network_role($contrail_config_nodes_hash, 'neutron/mesh')))
$contrail_config_ips_adm = sort(values(get_node_to_ipaddr_map_by_network_role($contrail_config_nodes_hash, 'fw-admin')))
$contrail_config_nodes_hash = get_nodes_hash_by_roles($network_metadata, ['primary-contrail-config', 'contrail-config'])
$contrail_config_ips = sort(values(get_node_to_ipaddr_map_by_network_role($contrail_config_nodes_hash, 'neutron/mesh')))
$contrail_config_ips_adm = sort(values(get_node_to_ipaddr_map_by_network_role($contrail_config_nodes_hash, 'fw-admin')))
# Cassandra, Kafka & Zookeeper servers list
$cassandra_server_list = inline_template("<%= scope.lookupvar('contrail::contrail_db_ips').map{ |ip| \"#{ip}:9042\" }.join(' ') %>")

145
deployment_scripts/puppet/modules/contrail/manifests/provision_contrailvm.pp
View File

@@ -1,145 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
define contrail::provision_contrailvm (
$host = split($title, '@'),
)
{
$self_ip = $host[1]
$cfgm_ip = $contrail::contrail_private_vip
$ncontrols = size($contrail::contrail_control_ips)
$amqp_server_ip = $contrail::contrail_private_vip
$service_token = $contrail::admin_token
$orchestrator = 'openstack'
$hypervisor = 'libvirt'
$keystone_ip = $contrail::mos_mgmt_vip
#$openstack_mgmt_ip
$keystone_auth_protocol = 'http'
$keystone_auth_port = '35357'
$quantum_service_protocol = 'http'
$keystone_admin_user = 'neutron'
$keystone_admin_password = $contrail::service_token
#$nova_password admin
#$neutron_password
$service_tenant_name = 'services'
$internal_vip = $contrail::mos_mgmt_vip
$external_vip = $contrail::mos_public_vip
$contrail_internal_vip = $contrail::contrail_private_vip
$mgmt_self_ip = $host[1]
$esxi_data = fetch_esxi_data($title)
$vmware = $esxi_data['ip']
$vmware_username = $esxi_data['username']
$vmware_passwd = $esxi_data['password']
$vmware_vmpg_vswitch = $esxi_data['fabric_vswitch']
$vmware_vmpg_vswitch_mtu = '9000'
$mode = 'vcenter'
$oktets = split($self_ip, '\.')
$last_oktet = $oktets[3]
$vm_hostname = "ContrailVM-${last_oktet}"
$contrailvm_ntp = $contrail::contrailvm_ntp
$provisioning_cmd = "setup-vnc-compute --self_ip ${self_ip} \
--cfgm_ip ${cfgm_ip} \
--ncontrols ${ncontrols} \
--amqp_server_ip ${amqp_server_ip} \
--service_token ${service_token} \
--orchestrator ${orchestrator} \
--hypervisor ${hypervisor} \
--keystone_ip ${keystone_ip} \
--keystone_auth_protocol ${keystone_auth_protocol} \
--keystone_auth_port ${keystone_auth_port} \
--quantum_service_protocol ${quantum_service_protocol} \
--keystone_admin_user ${keystone_admin_user} \
--keystone_admin_password ${keystone_admin_password} \
--service_tenant_name ${service_tenant_name} \
--internal_vip ${internal_vip} \
--external_vip ${external_vip} \
--no_contrail_openstack \
--no_nova_config \
--contrail_internal_vip ${contrail_internal_vip} \
--mgmt_self_ip ${mgmt_self_ip} \
--vmware ${vmware} \
--vmware_username ${vmware_username} \
--vmware_passwd ${vmware_passwd} \
--vmware_vmpg_vswitch ${vmware_vmpg_vswitch} \
--vmware_vmpg_vswitch_mtu ${vmware_vmpg_vswitch_mtu} \
--mode ${mode}"
$register_cmd = "python provision_vrouter.py --host_name ${vm_hostname} \
--host_ip ${self_ip} \
--api_server_ip ${contrail_internal_vip} \
--oper add \
--admin_user ${keystone_admin_user} \
--admin_password ${keystone_admin_password} \
--admin_tenant_name ${service_tenant_name} \
--openstack_ip ${internal_vip}"
exec { "disable_add_vnc_config-${self_ip}":
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "fab -H ${title} disable_add_vnc_config && touch /opt/contrail/disable_add_vnc_config-${self_ip}-DONE",
creates => "/opt/contrail/disable_add_vnc_config-${self_ip}-DONE",
} ->
exec { "change_hostname-${self_ip}":
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "fab -H ${title} change_hostname:'${vm_hostname}' && touch /opt/contrail/change_hostname-${self_ip}-DONE",
creates => "/opt/contrail/change_hostname-${self_ip}-DONE",
} ->
exec { "deploy_agent_param_${self_ip}":
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "fab -H ${title} deploy_agent_param && touch /opt/contrail/fab_deploy_agent_param-${self_ip}-DONE",
creates => "/opt/contrail/fab_deploy_agent_param-${self_ip}-DONE",
} ->
exec { "redeploy_vrouter_module_${self_ip}":
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "fab -H ${title} redeploy_vrouter_module && touch /opt/contrail/fab_redeploy_vrouter_module-${self_ip}-DONE",
creates => "/opt/contrail/fab_redeploy_vrouter_module-${self_ip}-DONE",
} ->
exec{ "set_ntp-${self_ip}":
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "fab -H ${title} set_ntp:'${contrailvm_ntp}' && touch /opt/contrail/set_ntp-${self_ip}-DONE",
creates => "/opt/contrail/set_ntp-${self_ip}-DONE",
} ->
exec { "provision_contrailvm-${self_ip}":
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "fab -H ${title} provision_contrailvm:'${provisioning_cmd}' && touch /opt/contrail/provision_contrailvm-${self_ip}-DONE",
creates => "/opt/contrail/provision_contrailvm-${self_ip}-DONE",
} ->
exec { "register_contrailvm_vrouter-${self_ip}":
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "${register_cmd} && touch /opt/contrail/register_contrailvm_vrouter-${self_ip}-DONE",
creates => "/opt/contrail/register_contrailvm_vrouter-${self_ip}-DONE",
} ->
exec { "reboot_contrailvm-${self_ip}":
path => '/usr/local/bin:/bin:/usr/bin/',
cwd => '/opt/contrail/utils',
command => "fab -H ${title} provision_contrailvm:'reboot' && touch /opt/contrail/reboot_contrailvm-${self_ip}-DONE",
creates => "/opt/contrail/reboot_contrailvm-${self_ip}-DONE",
}
}

2
deployment_scripts/puppet/modules/contrail/manifests/utils.pp
View File

@@ -30,7 +30,7 @@ class contrail::utils {
$pkgs = [
'contrail-nodemgr', 'contrail-setup', 'contrail-utils', 'ifenslave-2.6',
'openjdk-7-jre-headless', 'patch', 'python-contrail', 'python-crypto',
'python-netaddr', 'python-paramiko', 'supervisor', 'tzdata'
'python-netaddr', 'python-paramiko', 'supervisor', 'tzdata', 'python-urllib3',
]
Package<| (title == 'tzdata') |> {
require => Apt::Pin['contrail-pin-100'],

4
deployment_scripts/puppet/modules/contrail/templates/ESXiToVRouterIp.map.erb
View File

@@ -1,4 +0,0 @@
<% scope.function_create_esxi_map([]).each do |line| -%>
<%= line %>
<% end %>

36
deployment_scripts/puppet/modules/contrail/templates/contrail-vcenter-plugin.conf.erb
View File

@@ -1,36 +0,0 @@
#
# Copyright (c) 2014 Juniper Networks, Inc. All rights reserved.
#
# Vcenter Plugin configuration options
#
[DEFAULT]
# Everything in this section is optional
# Vcenter plugin URL
vcenter.url=https://<%= scope.lookupvar('contrail::vcenter_server_ip') %>/sdk
#Vcenter credentials
vcenter.username=<%= scope.lookupvar('contrail::vcenter_server_user') %>
vcenter.password=<%= scope.lookupvar('contrail::vcenter_server_pass') %>
vcenter.datacenter=<%= scope.lookupvar('contrail::contrail_vcenter_datacenter') %>
vcenter.dvswitch=<%= scope.lookupvar('contrail::contrail_vcenter_dvswitch') %>
vcenter.ipfabricpg=<%= scope.lookupvar('contrail::contrail_vcenter_prv_vswitchpg') %>
mode=vcenter-as-compute
auth_url=<%= scope.lookupvar('contrail::internal_auth_protocol') %>://<%= scope.lookupvar('contrail::internal_auth_address') %>:35357/v2.0
admin_user=neutron
admin_password=<%= scope.lookupvar('contrail::service_token') %>
admin_tenant_name=services
# IP address and port to be used to connect to api server.
api.hostname=<%= scope.lookupvar('contrail::contrail_private_vip') %>
api.port=8082
zookeeper.serverlist=<%= scope.lookupvar('contrail::contrail_db_ips').map{ |ip| "#{ip}:2181" }.join(',') %>
# HTTP Introspect
introspect.port=8234

82
deployment_scripts/puppet/modules/contrail/templates/vmware_testbed.py.erb
View File

@@ -1,82 +0,0 @@
# Note(AKirilochkin):
# This file provides configuration for fabric subsystem. This is default way how Juniper deploys
# the contrail things. We have used this as a default solution to get default configuration.
# The better way is to use FUEL-based deployment to have all nodes managed by FUEL.
<%-
fab_default=scope.lookupvar('contrail::contrail_fab_default')
contrailvm=scope.lookupvar('contrail::contrail_vcenter_vm_ips')
vcenter_compute=scope.lookupvar('contrail::contrail_compute_vmware_ips')[0]
fab_build=scope.lookupvar('contrail::contrail_fab_build_ip')[0]
-%>
from fabric.api import env
#Role definition of the hosts.
env.roledefs = {
'compute' : <%= contrailvm %>,
'vcenter_compute' : ["root@<%= vcenter_compute %>"],
'build' : ["root@<%= fab_build %>"],
'all' : ["root@<%= fab_build %>"],
'cfgm' : ["root@<%= fab_build %>"],
'control' : ["root@<%= fab_build %>"],
'openstack' : ["root@<%= fab_build %>"],
}
env.passwords = {
<%- contrailvm.each do |ip| -%>
'<%= ip %>': 'c0ntrail123',
<%- end -%>
}
env.command_timeout=3600
#Openstack admin password
env.openstack_admin_password = '<%= scope.lookupvar('contrail::admin_password') %>'
#Default ssh key for fabric usage
env.key_filename = '/var/lib/astute/vmware/vmware'
env.keystone = {
'admin_token' : '<%= scope.lookupvar('contrail::admin_token') %>',
'service_tenant' : 'services',
'manage_neutron' : 'no',
}
env.ha = {
'internal_vip' : '<%= scope.lookupvar('contrail::mos_mgmt_vip') %>',
'external_vip' : '<%= scope.lookupvar('contrail::mos_public_vip') %>',
'contrail_internal_vip' : '<%= scope.lookupvar('contrail::contrail_private_vip') %>',
'contrail_external_vip' : '<%= scope.lookupvar('contrail::mos_public_vip') %>',
}
env.openstack = {
'service_token' : '<%= scope.lookupvar('contrail::admin_token') %>',
}
#service token need to define to do restore of backup data
service_token = '<%= scope.lookupvar('contrail::admin_token') %>'
#To disable installing contrail interface rename package
env.interface_rename = False
#vcenter provisioning
env.vcenter_servers = {
'vcenter1': {
'server':'<%= scope.lookupvar('contrail::vcenter_server_ip') %>',
'port': '443',
'username': '<%= scope.lookupvar('contrail::vcenter_server_user') %>',
'password': '<%= scope.lookupvar('contrail::vcenter_server_pass') %>',
'auth': 'https',
'datacenter': '<%= scope.lookupvar('contrail::contrail_vcenter_datacenter') %>',
'cluster': <%= scope.lookupvar('vcenter_server_cluster').split(',').map(&:strip) %>,
'vcenter_compute': '<%= scope.lookupvar('contrail::contrail_compute_vmware_ips')[0] %>',
'dv_switch': { 'dv_switch_name': '<%= scope.lookupvar('contrail::contrail_vcenter_dvswitch') %>',},
'dv_port_group': {
'dv_portgroup_name': '<%= scope.lookupvar('contrail::contrail_vcenter_dvportgroup') %>',
'number_of_ports': '<%= scope.lookupvar('contrail::contrail_vcenter_dvportgroup_numberofports') %>',
},
},
}
# The compute vm provisioning on ESXI host
esxi_hosts = <%= scope.function_prepare_user_fab([fab_default]) %>

145
deployment_scripts/puppet/modules/contrail/templates/vrouter_to_esxi_map.py.erb Normal file
View File

@@ -0,0 +1,145 @@
#!/usr/bin/env python
import sys
import atexit
import argparse
import urllib3
import yaml
import time
from pyVim import connect
#import ssl
#ssl._create_default_https_context = ssl._create_unverified_context
urllib3.disable_warnings()
# $ virtual_machine_device_info.py -s vcsa -u my_user -i 172.16.254.101
class VrouterMap(object):
_options = None
_search_index = None
_data = None
@property
def options(self):
if self._options:
return self._options
parser = argparse.ArgumentParser()
parser.add_argument('-s', '--host',
required = True,
action = 'store',
help = 'Remote host to connect to')
parser.add_argument('-u', '--user',
required = True,
action = 'store',
help = 'User name to use when connecting to host')
parser.add_argument('-p', '--password',
required = False,
action = 'store',
help = 'Password to use when connecting to host')
parser.add_argument('-i', '--ip',
required = True,
action = 'store',
nargs = '+',
help = 'IP address of the VM to search for')
parser.add_argument('-y', '--yaml',
required = False,
action='store_true',
default = False,
help ='Yaml format output')
parser.set_defaults(yaml = False)
self._options = parser.parse_args()
return self._options
@property
def search_index(self):
if self._search_index:
return self._search_index
# form a connection...
si = connect.SmartConnect(
host=self.options.host,
user=self.options.user,
pwd=self.options.password,
port=443,
)
# Note: from daemons use a shutdown hook to do this, not the atexit
atexit.register(connect.Disconnect, si)
# http://pubs.vmware.com/vsphere-55/topic/com.vmware.wssdk.apiref.doc/vim.SearchIndex.html
self._search_index = si.content.searchIndex
return self._search_index
def esxi_ip_get(self, vrouter_private_ip=None):
try:
esxi_object = self.search_index.FindByIp(None, vrouter_private_ip, True)
if not esxi_object:
return None
esxi_host_name = esxi_object.runtime.host.name
if not esxi_host_name:
return None
return esxi_host_name
except TypeError:
return None
def retrieve_esxi_ip(self, vrouter_private_ip=None):
for retry in xrange(10):
esxi_ip = self.esxi_ip_get(vrouter_private_ip)
if esxi_ip is not None:
return esxi_ip
self.debug("Can not get ip will try one more time")
time.sleep(5)
self.debug("Could not get association for that ip: ", vrouter_private_ip)
return None
@property
def data(self):
"""
:return: Mappings of the vcenter ips to the esxi ips
:rtype: dict
"""
if self._data:
return self._data
self._data = {}
for vrouter_ip in self.options.ip:
esxi_ip = self.retrieve_esxi_ip(vrouter_ip)
if esxi_ip is None:
continue
self._data[vrouter_ip] = esxi_ip
return self._data
def output_yaml(self):
print(yaml.dump(
{'esxi_mapping': self.data},
explicit_start=True,
default_flow_style=False,
))
def output_text(self):
map_mask = '{vcenter}:{vrouter}'
for vrouter_ip in self.data:
print(map_mask.format(vcenter=self.data[vrouter_ip], vrouter=vrouter_ip))
def debug(self, *args):
sys.stderr.write(' '.join(args) + "\n")
def main(self):
if self.options.yaml:
self.output_yaml()
else:
self.output_text()
if __name__ == '__main__':
vm = VrouterMap()
vm.main(
)

34
deployment_tasks.yaml
View File

@@ -563,20 +563,6 @@
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 120
#################
# Configure vmware integration
#################
- id: primary-controller-vmware
type: puppet
groups: [primary-controller]
required_for: [post_deployment_end]
requires: [controller-hiera-post]
parameters:
puppet_manifest: puppet/manifests/controller-vmware.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 3600
#################
# Create networks for ostf-tests and provision route target
#################
@@ -644,6 +630,11 @@
puppet_manifest: puppet/manifests/contrail-compute-vmware.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 720
cross-depends:
- name: contrail-vmware-pre-task
role: contrail-vmware
- name: contrail-vmware-task
role: contrail-vmware
##############################################################
# Compute tasks section
@@ -797,12 +788,25 @@
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 120
- id: contrail-vmware-pre-task
type: puppet
version: 2.0.0
groups: [contrail-vmware]
required_for: [contrail-vmware-network, contrail-vmware-task]
requires: [hosts, ssl-dns-setup]
parameters:
puppet_manifest: puppet/manifests/contrail-vmware-pre.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 720
cross-depends:
- name: contrail-db-provision-all
- id: contrail-vmware-task
type: puppet
version: 2.0.0
groups: [contrail-vmware]
required_for: [contrail-vmware-network]
requires: [hosts, ssl-dns-setup]
requires: [contrail-vmware-pre-task]
parameters:
puppet_manifest: puppet/manifests/contrail-vmware.pp
puppet_modules: puppet/modules:/etc/puppet/modules

119
environment_config.yaml
View File

@@ -60,7 +60,7 @@ attributes:
action: "hide"
patch_nova:
value: true
label: "Patch Nova"
label: "Patch Nova for DPDK support"
description: "Patch Nova packages for dpdk-vrouter"
weight: 140
type: "checkbox"
@@ -121,9 +121,9 @@ attributes:
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
fabric_vswitch_pg:
value: "contrail-fab-pg"
label: "vCenter DV Port Group"
private_vswitch_pg:
value: "contrail_pg"
label: "vCenter Private Port Group"
description: "Contrail vSwitch Port Group name"
weight: 180
type: "text"
@@ -133,18 +133,6 @@ attributes:
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
contrail_vcenter_dvportgroup_numberofports:
value: "3"
label: "vCenter DV Port Group number of ports"
description: "vCenter number of ports DV Port Group for Contrail"
weight: 190
type: "text"
regex:
source: '^[1-9]\d*$'
error: "Invalid vCenter DV Port Group number of ports"
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
patch_nova_vmware:
value: true
label: "Patch Nova for VCenter support"
@@ -156,61 +144,14 @@ attributes:
condition: "settings:contrail.metadata.enabled == false"
- action: "hide"
condition: "settings:common.use_vcenter.value == false"
provision_vmware:
value: true
label: "Provision VMware hosts"
description: >
Enable this option to allow the plugin to provision ContrailVMs to ESXi hosts
and create Contrail_dvSwitch.
Can be disabled, if VMs are already created or this must be done manually.
weight: 192
type: "checkbox"
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
provision_vmware_type:
value: "fuel"
label: "Select the type of ContrailVM provision."
description: "Fabric - Creates the network topology, bootstraps the VM and configures it. Fuel - uses precreated VM bootstrap it by PXE. You still have to configure ESXi network topology by-hand."
weight: 194
type: "radio"
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
- condition: "settings:contrail.metadata.enabled == false"
action: "hide"
- condition: "not (settings:contrail.provision_vmware.value == true)"
action: "hide"
values:
- data: "fuel"
label: "Fuel"
- data: "fabric"
label: "Fabric"
contrail_vcenter_esxi_for_fabric:
contrail_vcenter_esxi_yaml:
value: |
'esxi1':
# The username of VMware ESXi ssh-access [Scope: Fabric]
'username': 'root'
# The ip-address of ESXi [Scope: Fabric and Fuel]
# The ip-address of ESXi that has the following parameters
'ip': 'e.s.x.i'
# The private vSwitch [Scope: Fabric and Fuel]
'fabric_vswitch': 'vSwitch3'
# for example vnic0 [Scope: Fabric]
'uplink_nic': ''
# The cluster name [Scope: Fabric]
'cluster': 'cluster1'
# Where vm have to be stored [Scope: Fabric]
'datastore': '/vmfs/volumes/datastore1'
# The ssh password of ESXi [Scope: Fabric]
'password': 'esxi_ssh_password'
# These options are used by Fabric to deploy the ContrailVM [Scope: Fabric]
'contrail_vm':
# You still have to configure DHCP in private net to dootstrap the VM [Scope: Fabric]
'mac': '01:12:23:34:56:AB'
# The interface name, connected to Contrail_dvSwitch [Scope: Fuel]"
# The interface name, connected to Contrail_DVSwitch
"vmware_iface_name": "ens161"
# This ip should be configured in DCHP and binded to mac [Scope: Fabric and Fuel]"
'host': 'root@192.168.x.y'
label: "vCenter ESXi data"
description: "vCenter ESXi data in YAML format"
weight: 200
@@ -221,49 +162,3 @@ attributes:
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
- condition: "not (settings:contrail.provision_vmware.value == true)"
action: "hide"
vmdk_vm_image:
value: ""
label: "ContrailVM image for ESXi"
description: "URL to download ContrailVM image. Keep empty if you have it on FUEL-master in contrail-plugin folder at /var/www/nailgun/plugins/contrail-3.0/ContrailVM-disk1.vmdk"
weight: 196
type: "text"
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
- condition: "not (settings:contrail.provision_vmware.value == true)"
action: "hide"
- condition: "settings:contrail.provision_vmware_type.value == 'fuel'"
action: "hide"
contrailvm_ntp:
value: "10.109.3.1"
label: "NTP server for ContrailVM"
description: "NTP server address for ContrailVM, reachable from Private network. Should be deployed by-hands. [Scope: Fabric]"
weight: 205
type: "text"
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
- condition: "not (settings:contrail.provision_vmware.value == true)"
action: "hide"
- condition: "settings:contrail.provision_vmware_type.value == 'fuel'"
action: "hide"
contrail_environment:
type: "select"
weight: 210
value: "prod"
label: "ContrailVM flavor"
description: "Choose the flavor for ContrailVM. Flavor with less RAM may be used for development/test environments."
values:
- data: "dev"
label: "development"
- data: "prod"
label: "production"
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: "hide"
- condition: "not (settings:contrail.provision_vmware.value == true)"
action: "hide"
- condition: "settings:contrail.provision_vmware_type.value == 'fuel'"
action: "hide"

7
node_roles.yaml
View File

@@ -10,6 +10,7 @@ contrail-db:
- ceph-osd
- cinder
- contrail-vmware
- compute-vmware
contrail-config:
name: Contrail - Config
@@ -25,6 +26,7 @@ contrail-config:
- ceph-osd
- cinder
- contrail-vmware
- compute-vmware
contrail-control:
name: Contrail - Control
@@ -39,6 +41,7 @@ contrail-control:
- ceph-osd
- cinder
- contrail-vmware
- compute-vmware
dpdk:
name: DPDK compute
@@ -55,12 +58,13 @@ dpdk:
- ceph-osd
- cinder
- contrail-vmware
- compute-vmware
restrictions:
- condition: "settings:contrail.contrail_global_dpdk.value == false"
action: hide
contrail-vmware:
name: Contrail - VMware
name: Contrail - VMware vRouter
description: >
Contrail VMware vRouter role. Provides bridge between ESXi-host and Contrail.
has_primary: false
@@ -75,6 +79,7 @@ contrail-vmware:
- cinder
- dpdk
- compute
- compute-vmware
restrictions:
- condition: "settings:common.use_vcenter.value == false"
action: hide