x/fuel-plugin-contrail
Code Issues Proposed changes

Puppet neutron class added

Browse Source 
This commit contains puppet code, files and templates
to deploy the contrail neutron plugin packages and configuration
for neutron service on openstack controller nodes.

Change-Id: Ia67f1022b927f34cc5a085b990fc6edd9a20fd9d
This commit is contained in:
Oleksandr Martsyniuk
2015-08-21 16:26:36 +03:00
parent 4b0dcd2d41
commit d9cabd57ad
9 changed files with 167 additions and 316 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
deployment_scripts/puppet/manifests/site-controller-post1.pp
View File

@@ -14,9 +14,4 @@
include contrail
$node_role = 'controller'
class { 'contrail::package':
install => 'contrail-heat',
} ->
class { 'contrail::config':
node_role => $node_role,
}
class { 'contrail::controller': }

3
deployment_scripts/puppet/manifests/site-controller-post2.pp
View File

@@ -14,9 +14,6 @@
include contrail
$node_role = 'controller'
class {'contrail::provision':
node_role => $node_role,
} ->
class { 'contrail::service':
node_role => $node_role,
}

78
deployment_scripts/puppet/modules/contrail/manifests/config.pp
View File

@@ -15,85 +15,9 @@
class contrail::config ( $node_role ) {
case $node_role {
default: {}
'controller','primary-controller': {
nova_config {
'DEFAULT/network_api_class': value=> 'nova.network.neutronv2.api.API';
'DEFAULT/neutron_url': value => "http://${contrail::contrail_mgmt_vip}:9696";
'DEFAULT/neutron_admin_tenant_name': value=> 'services';
'DEFAULT/neutron_admin_username': value=> 'neutron';
'DEFAULT/neutron_admin_password': value=> $contrail::service_token;
'DEFAULT/neutron_url_timeout': value=> '300';
'DEFAULT/neutron_admin_auth_url': value=> "http://${contrail::mos_mgmt_vip}:35357/v2.0/";
'DEFAULT/firewall_driver': value=> 'nova.virt.firewall.NoopFirewallDriver';
'DEFAULT/enabled_apis': value=> 'ec2,osapi_compute,metadata';
'DEFAULT/security_group_api': value=> 'neutron';
'DEFAULT/service_neutron_metadata_proxy': value=> 'True';
} ->
keystone_endpoint {'RegionOne/neutron':
ensure => absent,
}
file {'/etc/haproxy/conf.d/094-web_for_contrail.cfg':
ensure => present,
content => template('contrail/094-web_for_contrail.cfg.erb'),
notify => Service['haproxy'],
} ->
file {'/etc/haproxy/conf.d/095-rabbit_for_contrail.cfg':
ensure => present,
content => template('contrail/095-rabbit_for_contrail.cfg.erb'),
notify => Service['haproxy'],
} ~>
service {'haproxy':
ensure => running,
hasrestart => true,
restart => '/sbin/ip netns exec haproxy service haproxy reload',
}
# Contrail-specific heat templates settings
ini_setting { 'contrail-user':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'user',
value => 'neutron',
}
ini_setting { 'contrail-password':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'password',
value => $contrail::service_token,
}
ini_setting { 'contrail-tenant':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'tenant',
value => 'services',
}
ini_setting { 'contrail-api_server':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'api_server',
value => $contrail::contrail_mgmt_vip,
}
ini_setting { 'contrail-auth_host_ip':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'auth_host_ip',
value => $contrail::mos_mgmt_vip,
}
ini_setting { 'contrail-api_base_url':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'api_base_url',
value => '/',
}
}
'compute': {
nova_config {
'DEFAULT/neutron_url': value => "http://${contrail::contrail_mgmt_vip}:9696";
'DEFAULT/neutron_url': value => "http://${contrail::mos_mgmt_vip}:9696";
'DEFAULT/neutron_admin_auth_url': value=> "http://${contrail::mos_mgmt_vip}:35357/v2.0/";
'DEFAULT/network_api_class': value=> 'nova_contrail_vif.contrailvif.ContrailNetworkAPI';
'DEFAULT/neutron_admin_tenant_name': value=> 'services';

149
deployment_scripts/puppet/modules/contrail/manifests/controller.pp Normal file
View File

@@ -0,0 +1,149 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
class contrail::controller {
# Resources defaults
Package { ensure => present }
File {
ensure => present,
mode => '0644',
owner => root,
group => root,
require => Package['neutron-plugin-contrail'],
}
Exec { path => '/usr/bin:/usr/sbin:/bin:/sbin' }
# Packages
package { 'neutron-server': } ->
package { 'python-contrail': } ->
package { 'neutron-plugin-contrail': } ->
package { 'contrail-heat': }
# Configuration files for HAProxy
file {'/etc/haproxy/conf.d/094-web_for_contrail.cfg':
ensure => present,
content => template('contrail/094-web_for_contrail.cfg.erb'),
notify => Service['haproxy'],
}
file {'/etc/haproxy/conf.d/095-rabbit_for_contrail.cfg':
ensure => present,
content => template('contrail/095-rabbit_for_contrail.cfg.erb'),
notify => Service['haproxy'],
}
# Nova configuration
nova_config {
'DEFAULT/network_api_class': value=> 'nova.network.neutronv2.api.API';
'DEFAULT/neutron_url': value => "http://${contrail::mos_mgmt_vip}:9696";
'DEFAULT/neutron_url_timeout': value=> '300';
'DEFAULT/neutron_admin_auth_url': value=> "http://${contrail::mos_mgmt_vip}:35357/v2.0";
'DEFAULT/firewall_driver': value=> 'nova.virt.firewall.NoopFirewallDriver';
'DEFAULT/enabled_apis': value=> 'ec2,osapi_compute,metadata';
'DEFAULT/security_group_api': value=> 'neutron';
'DEFAULT/service_neutron_metadata_proxy': value=> 'True';
}
# Neutron configuration
neutron_config {
'DEFAULT/core_plugin': value => 'neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2';
'DEFAULT/api_extensions_path': value => 'extensions:/usr/lib/python2.7/dist-packages/neutron_plugin_contrail/extensions';
'DEFAULT/service_plugins': value => 'neutron_plugin_contrail.plugins.opencontrail.loadbalancer.plugin.LoadBalancerPlugin';
'DEFAULT/allow_overlapping_ips': value => 'True';
'service_providers/service_provider': value => 'LOADBALANCER:Opencontrail:neutron_plugin_contrail.plugins.opencontrail.loadbalancer.driver.OpencontrailLoadbalancerDriver:default';
'QUOTAS/quota_network': value => '-1';
'QUOTAS/quota_subnet': value => '-1';
'QUOTAS/quota_port': value => '-1';
} ->
file {'/etc/neutron/plugins/opencontrail/ContrailPlugin.ini':
content => template('contrail/ContrailPlugin.ini.erb'),
} ->
file {'/etc/neutron/plugin.ini':
ensure => link,
target => '/etc/neutron/plugins/opencontrail/ContrailPlugin.ini'
}
# Contrail-specific heat templates settings
ini_setting { 'contrail-user':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'user',
value => 'neutron',
} ->
ini_setting { 'contrail-password':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'password',
value => $contrail::service_token,
} ->
ini_setting { 'contrail-tenant':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'tenant',
value => 'services',
} ->
ini_setting { 'contrail-api_server':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'api_server',
value => $contrail::contrail_mgmt_vip,
} ->
ini_setting { 'contrail-auth_host_ip':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'auth_host_ip',
value => $contrail::mos_mgmt_vip,
} ->
ini_setting { 'contrail-api_base_url':
ensure => present,
path => '/etc/heat/heat.conf',
section => 'clients_contrail',
setting => 'api_base_url',
value => '/',
}
# Services
service {'haproxy':
ensure => running,
hasrestart => true,
restart => '/sbin/ip netns exec haproxy service haproxy reload',
subscribe => [File['/etc/haproxy/conf.d/094-web_for_contrail.cfg'],
File['/etc/haproxy/conf.d/095-rabbit_for_contrail.cfg'],
]
}
service {'heat-engine':
ensure => running,
enable => true,
require => Package['contrail-heat'],
subscribe => Ini_setting['contrail-api_base_url'],
}
service { 'neutron-server':
ensure => running,
enable => true,
require => [Package['neutron-server'],
Package['neutron-plugin-contrail'],
],
subscribe => [File['/etc/neutron/plugins/opencontrail/ContrailPlugin.ini'],
File['/etc/neutron/plugin.ini'],
],
}
}

8
deployment_scripts/puppet/modules/contrail/manifests/provision.pp
View File

@@ -57,14 +57,6 @@ class contrail::provision ( $node_role ) {
}
}
}
'controller','primary-controller': {
keystone_endpoint {'RegionOne/neutron':
ensure => present,
public_url => "http://${contrail::contrail_mgmt_vip}:9696/",
admin_url => "http://${contrail::contrail_mgmt_vip}:9696/",
internal_url => "http://${contrail::contrail_mgmt_vip}:9696/",
}
}
'compute': {
exec { 'provision-vrouter':
path => '/bin:/usr/bin/',

73
deployment_scripts/puppet/modules/contrail/manifests/setup.pp
View File

@@ -1,73 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
class contrail::setup ($node_name)
{
if $node_name == $contrail::deployment_node {
$pythonpath = $operatingsystem ? {
'Ubuntu' => '/usr/local/lib/python2.7/dist-packages',
'CentOS' => '/usr/lib/python2.6/site-packages'
}
file {'/tmp/install.py.patch':
ensure => file,
source => 'puppet:///modules/contrail/install.py.patch'
} ->
exec {'install.py.patch':
command => 'patch /opt/contrail/utils/fabfile/tasks/install.py /tmp/install.py.patch && touch /opt/contrail/install.py.patch-DONE',
creates => '/opt/contrail/install.py.patch-DONE'
} ->
file {'/tmp/commandline.py.patch':
ensure => file,
source => 'puppet:///modules/contrail/commandline.py.patch'
} ->
exec {'commandline.py.patch':
command => 'patch /opt/contrail/utils/fabfile/utils/commandline.py /tmp/commandline.py.patch && touch /opt/contrail/commandline.py.patch-DONE',
creates => '/opt/contrail/commandline.py.patch-DONE'
} ->
# Database installation
#run_fabric { 'install_database': } ->
#run_fabric { 'setup_database': } ->
notify{"Waiting for cassandra nodes: ${contrail::contrail_node_num}":} ->
exec {'wait_for_cassandra':
provider => 'shell',
command => "if [ `nodetool status|grep ^UN|wc -l` -lt ${contrail::contrail_node_num} ]; then exit 1; fi",
tries => 10, # wait for whole cluster is up: 10 tries every 30 seconds = 5 min
try_sleep => 30,
} ->
# Installing components
#run_fabric { 'install_cfgm': } ->
#run_fabric { 'install_control': } ->
#run_fabric { 'install_collector': } ->
#run_fabric { 'install_webui': } ->
# Some fixups
#run_fabric { 'setup_contrail_keepalived': } ->
#run_fabric { 'fixup_restart_haproxy_in_collector': } ->
run_fabric { 'fix-service-tenant-name':
hostgroup => 'control',
command => "sed -i '49s/service/services/g' ${pythonpath}/contrail_provisioning/config/quantum_in_keystone_setup.py",
} ->
# Setting up the components
#run_fabric { 'setup_cfgm': } ->
exec {'update_neutron_pwd':
command => "keystone --os-endpoint http://${contrail::mos_mgmt_vip}:35357/v2.0 --os-token ${contrail::admin_token} \
--os-tenant-name services user-password-update --pass ${contrail::service_token} neutron"}
#run_fabric { 'setup_control': } ->
#run_fabric { 'setup_collector': } ->
#run_fabric { 'setup_webui': }
}
}

20
deployment_scripts/puppet/modules/contrail/manifests/testbed.pp
View File

@@ -1,20 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
class contrail::testbed {
file {'/opt/contrail/utils/fabfile/testbeds/testbed.py':
ensure => present,
content => template('contrail/testbed.py.erb'),
}
}

16
deployment_scripts/puppet/modules/contrail/templates/ContrailPlugin.ini.erb Normal file
View File

@@ -0,0 +1,16 @@
[APISERVER]
api_server_ip = <%= scope.lookupvar('contrail::contrail_mgmt_vip') %>
api_server_port = 8082
multi_tenancy = True
contrail_extensions = ipam:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_ipam.NeutronPluginContrailIpam,policy:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_policy.NeutronPluginContrailPolicy,route-table:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_vpc.NeutronPluginContrailVpc,contrail:None
[COLLECTOR]
analytics_api_ip = <%= scope.lookupvar('contrail::contrail_mgmt_vip') %>
analytics_api_port = 8081
[KEYSTONE]
auth_url = http://<%= scope.lookupvar('contrail::mos_mgmt_vip') %>:35357/v2.0
admin_token = <%= scope.lookupvar('contrail::admin_token') %>
admin_user=neutron
admin_password=<%= scope.lookupvar('contrail::service_token') %>
admin_tenant_name=services

129
deployment_scripts/puppet/modules/contrail/templates/testbed.py.erb
View File

@@ -1,129 +0,0 @@
from fabric.api import env
<%-
nodes=scope.function_hiera(['nodes'])
keystone=scope.function_hiera(['keystone'])
os_management_vip=scope.function_hiera(['management_vip'])
os_public_vip=scope.function_hiera(['public_vip'])
contrail_node_basename=scope.lookupvar('contrail::contrail_node_basename')
deployment_node_priv_ip=''
mgm_ip=Array.new
mgm_ip_baseos=Array.new
priv_ip=Array.new
role_all=[]
role_ctrl=[]
role_os=[]
role_db=[]
nodes.each do |node|
case node['role']
when /^(primary-)?controller$/
mgm_ip << node['internal_address']
role_all << 'os_ctrl_'+mgm_ip.count.to_s
role_os << 'os_ctrl_'+mgm_ip.count.to_s
when 'base-os'
if node['user_node_name'] =~ /^#{contrail_node_basename}-.*/
priv_ip << node['private_address']
mgm_ip_baseos << node['internal_address']
# Also find out a deployment node
if node['user_node_name'] == scope.lookupvar('contrail::deployment_node')
deployment_node_priv_ip=priv_ip.last
end
role_all << 'c_ctrl_'+priv_ip.count.to_s
role_all << 'c_db_'+priv_ip.count.to_s
role_ctrl << 'c_ctrl_'+priv_ip.count.to_s
role_db << 'c_db_'+priv_ip.count.to_s
end
end
end
-%>
#Management ip addresses of hosts in the cluster
<%- mgm_ip.each_with_index do |ip, i| -%>
os_ctrl_<%= i+1 %> = 'root@<%= ip %>'
<%- end -%>
<%- priv_ip.each_with_index do |ip, i| -%>
c_ctrl_<%= i+1 %> = 'root@<%= ip %>'
<%- end -%>
<%- priv_ip.each_with_index do |ip, i| -%>
c_db_<%= i+1 %> = 'root@<%= ip %>'
<%- end -%>
env.hoststring_mgm_ip= {
<%- mgm_ip_baseos.each_with_index do |ip, i| -%>
c_ctrl_<%= i+1 %> : '<%= ip %>',
<%- end -%>
}
#External routers
ext_routers = [
<%-
gateways=scope.lookupvar('contrail::settings')['contrail_gateways'].split(',').map{|x|x.lstrip}
gateways.each_with_index do |gw, i|
-%>
('gateway<%= i+1 %>','<%= gw %>'),
<%- end -%>
]
#Autonomous system number
router_asn = <%= scope.lookupvar('contrail::settings')['contrail_asnum'] %>
#Host from which the fab commands are triggered to install and provision
<%-
if not defined?(deployment_node_priv_ip)
raise "ERROR: Node named scope.lookupvar('contrail::deployment_node') not found. Cant continue deploy"
end
-%>
deploy_node = 'root@<%= deployment_node_priv_ip %>'
#Role definition of the hosts.
env.roledefs = {
'all': [<%= role_all*',' %>],
'cfgm': [<%= role_ctrl*',' %>],
'openstack': [<%= role_os*',' %>],
'control': [<%= role_ctrl*',' %>],
'compute': [],
'collector': [<%= role_ctrl*',' %>],
'webui': [<%= role_ctrl*',' %>],
'database': [<%= role_db*',' %>],
'build': [deploy_node],
'storage-master': [],
'storage-compute': [],
}
#Openstack admin password
env.openstack_admin_password = '<%= scope.lookupvar('contrail::admin_password') %>'
env.password = 'r00tme'
#Passwords of each host
env.passwords = {
<%- role_all.each do |role| -%>
<%= role %>: 'r00tme',
<%- end -%>
deploy_node: 'r00tme',
}
#For reimage purpose
env.ostypes = {
<%- role_all.each do |role| -%>
<%= role %>: 'ubuntu',
<%- end -%>
}
env.openstack = {
'service_token' : '<%= scope.lookupvar('contrail::admin_token') %>'
}
env.ha = {
'internal_vip' : '<%= os_management_vip %>',
'external_vip' : '<%= os_public_vip %>',
'contrail_internal_vip' : '<%= scope.lookupvar('contrail::contrail_private_vip') %>',
'contrail_external_vip' : '<%= scope.lookupvar('contrail::contrail_mgmt_vip') %>',
}
env.keystone = {
'service_tenant': 'services',
'admin_token' : '<%= scope.lookupvar('contrail::admin_token') %>',
'manage_neutron': 'no',
}
multi_tenancy = True