Browse Source

Implement plugin actions: install package, configure nsx.ini

Implement two deployment actions:
* python-vmware-nsx (contains Neutron NSX plugin) installation
* pass UI parameters into nsx.ini file

Plugin contains custom type `nsx_config' to configure settings in
nsx.ini file.

Plugin reuses network:neutron:core:nsx component due to a hardcoded
restriction in fuel UI. This makes impossible simultaneous usage of
NSX-T and NSXv plugins.

Change-Id: I963a9a8c1d5d8c27324bf01a6ae10be23075f413
changes/39/355939/2
Igor Zinovik 2 years ago
parent
commit
c6eac64196

+ 4
- 3
README.md View File

@@ -1,4 +1,5 @@
1
-nsx
2
-============
1
+Fuel NSX-T plugin
2
+=================
3 3
 
4
-Plugin description
4
+The plugin allows Fuel deployment engineers install OpenStack that will use
5
+VMware NSX Transformers as network backend for Neutron.

+ 14
- 11
components.yaml View File

@@ -1,12 +1,15 @@
1
-# This file contains wizard components descriptions that are pretty similar to
2
-# the `environment_config.yaml`.
3
-# Please, take a look at following link for the details:
4
-# - https://blueprints.launchpad.net/fuel/+spec/component-registry
5
-# - https://specs.openstack.org/openstack/fuel-specs/specs/8.0/component-registry.html
6
-
7
-- name: additional_service:nsx
8
-  compatible: []
1
+- name: network:neutron:core:nsx
2
+  label: "Neutron with NSX-T plugin"
3
+  description: "NSX Transformers uses STT tunneling protocol. NSX must be up and running before OpenStack deployment!"
4
+  bind: !!pairs
5
+    - "cluster:net_segment_type": "tun"
6
+  compatible:
7
+    - name: "hypervisor:vmware"
8
+    - name: "hypervisor:qemu"
9
+    - name: "storage:block:lvm"
10
+    - name: "storage:image:ceph"
11
+    - name: "storage:object:ceph"
9 12
   requires: []
10
-  incompatible: []
11
-  label: "Plugin label, that will be shown on UI"
12
-  description: "Component description (optional)"
13
+  incompatible:
14
+    - name: "additional_service:ironic"
15
+

+ 0
- 4
deployment_scripts/deploy.sh View File

@@ -1,4 +0,0 @@
1
-#!/bin/bash
2
-
3
-# It's a script which deploys your plugin
4
-echo nsx > /tmp/nsx

+ 36
- 0
deployment_scripts/puppet/manifests/configure-plugin.pp View File

@@ -0,0 +1,36 @@
1
+notice('fuel-plugin-nsx-t: configure-plugin.pp')
2
+
3
+include ::nsxt::params
4
+
5
+file { $::nsxt::params::nsx_plugin_dir:
6
+  ensure => directory,
7
+}
8
+
9
+file { $::nsxt::params::nsx_plugin_config:
10
+  ensure  => present,
11
+  content => template("nsxt/nsx.ini")
12
+}
13
+
14
+
15
+$settings     = hiera($::nsxt::params::hiera_key)
16
+$managers     = $settings['nsx_api_managers']
17
+$user         = $settings['nsx_api_user']
18
+$password     = $settings['nsx_api_password']
19
+$overlay_tz   = $settings['default_overlay_tz_uuid']
20
+$vlan_tz      = $settings['default_vlan_tz_uuid']
21
+$tier0_router = $settings['default_tier0_router_uuid']
22
+$edge_cluster = $settings['default_edge_cluster_uuid']
23
+
24
+nsx_config {
25
+  'nsx_v3/nsx_api_managers':          value => $managers;
26
+  'nsx_v3/nsx_api_user':              value => $user;
27
+  'nsx_v3/nsx_api_password':          value => $password;
28
+  'nsx_v3/default_overlay_tz_uuid':   value => $overlay_tz;
29
+  'nsx_v3/default_vlan_tz_uuid':      value => $vlan_tz;
30
+  'nsx_v3/default_tier0_router_uuid': value => $tier0_router;
31
+  'nsx_v3/default_edge_cluster_uuid': value => $edge_cluster;
32
+}
33
+
34
+File[$::nsxt::params::nsx_plugin_dir]->
35
+File[$::nsxt::params::nsx_plugin_config]->
36
+Nsx_config<||>

+ 7
- 0
deployment_scripts/puppet/manifests/install-nsx-plugin.pp View File

@@ -0,0 +1,7 @@
1
+notice('fuel-plugin-nsx-t: install-nsx-plugin.pp')
2
+
3
+include ::nsxt::params
4
+
5
+package { $::nsxt::params::plugin_package:
6
+  ensure => present,
7
+}

+ 13
- 0
deployment_scripts/puppet/modules/nsxt/lib/puppet/provider/nsx_config/ini_setting.rb View File

@@ -0,0 +1,13 @@
1
+Puppet::Type.type(:nsx_config).provide(
2
+  :ini_setting,
3
+  :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting)
4
+) do
5
+
6
+  def file_path
7
+    '/etc/neutron/plugins/vmware/nsx.ini'
8
+  end
9
+
10
+  def separator
11
+    ' = '
12
+  end
13
+end

+ 28
- 0
deployment_scripts/puppet/modules/nsxt/lib/puppet/type/nsx_config.rb View File

@@ -0,0 +1,28 @@
1
+Puppet::Type::newtype(:nsx_config) do
2
+
3
+  ensurable
4
+
5
+  newparam(:name, :namevar => true) do
6
+    desc 'Section name to manage from nsx.ini'
7
+    newvalues(/\S+\/\S+/)
8
+  end
9
+
10
+  newparam(:secret, :boolean => true) do
11
+    newvalues(:true, :false)
12
+
13
+    defaultto false
14
+  end
15
+
16
+  newparam(:ensure_absent_val) do
17
+    defaultto('<DEFAULT>')
18
+  end
19
+
20
+  newproperty(:value) do
21
+    munge do |value|
22
+      value = value.to_s.strip
23
+      value
24
+    end
25
+    newvalues(/^[\S ]*$/)
26
+
27
+  end
28
+end

+ 7
- 0
deployment_scripts/puppet/modules/nsxt/manifests/params.pp View File

@@ -0,0 +1,7 @@
1
+class nsxt::params {
2
+  $hiera_key          = 'nsx-t'
3
+  $plugin_package     = 'python-vmware-nsx'
4
+  $core_plugin        = 'vmware_nsx.plugin.NsxV3Plugin'
5
+  $nsx_plugin_dir     = '/etc/neutron/plugins/vmware'
6
+  $nsx_plugin_config  = '/etc/neutron/plugins/vmware/nsx.ini'
7
+}

+ 89
- 0
deployment_scripts/puppet/modules/nsxt/templates/nsx.ini View File

@@ -0,0 +1,89 @@
1
+[nsx_v3]
2
+# IP address of one or more NSX managers separated by commas.
3
+# The IP address should be of the form:
4
+#   [<scheme>://]<ip_adress>[:<port>]
5
+# If scheme is not provided https is used. If port is not provided
6
+# port 80 is used for http and port 443 for https.
7
+nsx_api_managers =
8
+
9
+# User name of NSX Manager
10
+nsx_api_user =
11
+
12
+# Password of NSX Manager
13
+nsx_api_password =
14
+
15
+# UUID of the default NSX overlay transport zone that will be used for creating
16
+# tunneled isolated Neutron networks. If no physical network is specified when
17
+# creating a logical network, this transport zone will be used by default
18
+default_overlay_tz_uuid =
19
+
20
+# (Optional) Only required when creating VLAN or flat provider networks. UUID
21
+# of default NSX VLAN transport zone that will be used for bridging between
22
+# Neutron networks, if no physical network has been specified
23
+default_vlan_tz_uuid =
24
+
25
+# Default Edge Cluster Identifier
26
+default_edge_cluster_uuid =
27
+
28
+# Maximum number of times to retry API requests upon stale revision errors.
29
+# retries = 10
30
+
31
+# Specify a CA bundle file to use in verifying the NSX Manager
32
+# server certificate. This option is ignored if "insecure" is set to True.
33
+# If "insecure" is set to False and ca_file is unset, the system root CAs
34
+# will be used to verify the server certificate.
35
+# ca_file =
36
+
37
+# If true, the NSX Manager server certificate is not verified. If false
38
+# the CA bundle specified via "ca_file" will be used or if unset the
39
+# default system root CAs will be used.
40
+# insecure = True
41
+
42
+# The time in seconds before aborting a HTTP connection to a NSX manager.
43
+http_timeout = 10
44
+
45
+# The time in seconds before aborting a HTTP read response from a NSX manager.
46
+http_read_timeout = 180
47
+
48
+# Maximum number of times to retry a HTTP connection.
49
+http_retries = 3
50
+
51
+# Maximum number of connection connections to each NSX manager.
52
+concurrent_connections = 10
53
+
54
+# The amount of time in seconds to wait before ensuring connectivity to
55
+# the NSX manager if no manager connection has been used.
56
+conn_idle_timeout = 10
57
+
58
+# UUID of the default tier0 router that will be used for connecting to
59
+# tier1 logical routers and configuring external networks
60
+default_tier0_router_uuid =
61
+
62
+# (Optional) UUID of the default NSX bridge cluster that will be used to
63
+# perform L2 gateway bridging between VXLAN and VLAN networks. It is an
64
+# optional field. If default bridge cluster UUID is not specified, admin will
65
+# have to manually create a L2 gateway corresponding to a NSX Bridge Cluster
66
+# using L2 gateway APIs. This field must be specified on one of the active
67
+# neutron servers only.
68
+# default_bridge_cluster_uuid =
69
+
70
+# (Optional) The number of nested groups which are used by the plugin,
71
+# each Neutron security-groups is added to one nested group, and each nested
72
+# group can contain as maximum as 500 security-groups, therefore, the maximum
73
+# number of security groups that can be created is
74
+# 500 * number_of_nested_groups.
75
+# The default is 8 nested groups, which allows a maximum of 4k security-groups,
76
+# to allow creation of more security-groups, modify this figure.
77
+# number_of_nested_groups =
78
+
79
+# Acceptable values for 'metadata_mode' are:
80
+#   - 'access_network': this enables a dedicated connection to the metadata
81
+#     proxy for metadata server access via Neutron router.
82
+#   - 'dhcp_host_route': this enables host route injection via the dhcp agent.
83
+# This option is only useful if running on a host that does not support
84
+# namespaces otherwise access_network should be used.
85
+# metadata_mode = access_network
86
+
87
+# If True, an internal metadata network will be created for a router only when
88
+# the router is attached to a DHCP-disabled subnet.
89
+# metadata_on_demand = False

+ 25
- 58
deployment_tasks.yaml View File

@@ -1,62 +1,29 @@
1
-# These tasks will be merged into deployment graph. Here you
2
-# can specify new tasks for any roles, even built-in ones.
3
-
4
-- id: nsx_role
5
-  type: group
6
-  role: [nsx_role]
7
-  parameters:
8
-    strategy:
9
-      type: parallel
10
-
11
-- id: nsx-deployment-puppet
1
+- id: nsx-t-install-plugin
2
+  version: 2.0.0
12 3
   type: puppet
13
-  role: [nsx_role]
14
-
15
-# If you do not want to use task-based deployment that is introduced as experimental
16
-# in fuel v8.0 comment code section below this comment, uncomment two lines below it
17
-# and do the same for tasks below.
4
+  groups:
5
+    - primary-controller
6
+    - controller
7
+  required_for:
8
+    - nsx-t-configure-plugin
9
+  requires:
10
+    - openstack-network-common-config
11
+  parameters:
12
+    puppet_manifest: puppet/manifests/install-nsx-plugin.pp
13
+    puppet_modules: puppet/modules
14
+    timeout: 60
18 15
 
16
+- id: nsx-t-configure-plugin
19 17
   version: 2.0.0
20
-  cross-depends:
21
-    - name: deploy_start
22
-  cross-depended-by:
23
-    - name: deploy_end
24
-#  requires: [deploy_start] # version 1.0.0
25
-#  required_for: [deploy_end]
26
-
18
+  type: puppet
19
+  groups:
20
+    - primary-controller
21
+    - controller
22
+  required_for:
23
+    - openstack-network-neutron-start
24
+  requires:
25
+    - openstack-network-server-nova
27 26
   parameters:
28
-    puppet_manifest: "deploy.pp"
29
-    puppet_modules: "."
30
-    timeout: 3600
31
-
32
-#- id: nsx-post-deployment-sh
33
-#  type: shell
34
-#  role: [nsx_role]
35
-#  version: 2.0.0
36
-#  cross-depends:
37
-#    - name: post_deployment_start
38
-#  cross-depended-by:
39
-#    - name: post_deployment_end
40
-# #  requires: [post_deployment_start]
41
-# #  required_for: [post_deployment_end]
42
-#  parameters:
43
-#    cmd: echo post_deployment_task_executed > /tmp/post_deployment
44
-#    retries: 3
45
-#    interval: 20
46
-#    timeout: 180
47
-
48
-#- id: nsx-pre-deployment-sh
49
-#  type: shell
50
-#  role: [nsx_role]
51
-#  version: 2.0.0
52
-#  cross-depends:
53
-#    - name: pre_deployment_start
54
-#  cross-depended-by:
55
-#    - name: pre_deployment_end
56
-# #  requires: [pre_deployment_start]
57
-# #  required_for: [pre_deployment_end]
58
-#  parameters:
59
-#    cmd: echo pre_deployment_task_executed > /tmp/pre_deployment
60
-#    retries: 3
61
-#    interval: 20
62
-#    timeout: 180
27
+    puppet_manifest: puppet/manifests/configure-plugin.pp
28
+    puppet_modules: puppet/modules:/etc/puppet/modules
29
+    timeout: 60

+ 60
- 7
environment_config.yaml View File

@@ -1,11 +1,64 @@
1 1
 attributes:
2 2
   metadata:
3
-    # Settings group can be one of "general", "security", "compute", "network",
4
-    # "storage", "logging", "openstack_services" and "other".
5
-    group: 'other'
6
-  nsx_text:
7
-    value: 'Set default value'
8
-    label: 'Text field'
9
-    description: 'Description for text field'
3
+    group: network
4
+  nsx_api_managers:
5
+    value: ''
6
+    label: 'NSX Manager'
7
+    description: 'Multiple IP addresses can be separated by commas'
8
+    weight: 10
9
+    type: "text"
10
+    regex:
11
+      source: &non_empty '^.+$'
12
+      error: 'Enter IPv4 address'
13
+  nsx_api_user:
14
+    value: admin
15
+    label: 'User'
16
+    description: ''
17
+    weight: 15
18
+    type: "text"
19
+    regex:
20
+      source: *non_empty
21
+      error: 'User field cannot be empty'
22
+  nsx_api_password:
23
+    value: ''
24
+    label: 'Password'
25
+    description: ''
26
+    weight: 20
27
+    type: "password"
28
+    regex:
29
+      source: *non_empty
30
+      error: 'Password field cannot be empty'
31
+  default_overlay_tz_uuid:
32
+    value: ''
33
+    label: 'Overlay transport zone ID'
34
+    description: ''
10 35
     weight: 25
11 36
     type: "text"
37
+    regex:
38
+      source: &uuid '[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89ab][a-f0-9]{3}-[a-f0-9]{12}'
39
+      error: 'Enter transport zone UUID'
40
+  default_vlan_tz_uuid:
41
+    value: ''
42
+    label: 'VLAN transport zone ID'
43
+    description: ''
44
+    weight: 30
45
+    type: "text"
46
+    regex:
47
+      source: *uuid
48
+      error: 'Enter transport zone UUID'
49
+  default_tier0_router_uuid:
50
+    value: ''
51
+    label: 'Tier-0 router ID'
52
+    weight: 35
53
+    regex:
54
+      source: *uuid
55
+      error: 'Enter tier-0 router UUID'
56
+    type: "text"
57
+  default_edge_cluster_uuid:
58
+    value: ''
59
+    label: 'Edge cluster'
60
+    weight: 40
61
+    regex:
62
+      source: *uuid
63
+      error: 'Enter cluster UUID'
64
+    type: "text"

+ 10
- 21
metadata.yaml View File

@@ -1,26 +1,14 @@
1
-# Plugin name
2
-name: nsx
3
-# Human-readable name for your plugin
4
-title: Title for nsx plugin
5
-# Plugin version
1
+name: nsx-t
2
+title: NSX Transformers plugin
6 3
 version: '1.0.0'
7
-# Description
8
-description: Please describe your plugin here
9
-# Required fuel version
10
-fuel_version: ['8.0']
11
-# Specify license of your plugin
4
+description: ''
5
+fuel_version: ['9.0']
12 6
 licenses: ['Apache License Version 2.0']
13
-# Specify author or company name
14
-authors: ['Specify author or company name']
15
-# A link to the plugin's page
16
-homepage: 'https://github.com/openstack/fuel-plugins'
17
-# Specify a group which your plugin implements, possible options:
18
-# network, storage, storage::cinder, storage::glance, hypervisor,
19
-# equipment
20
-groups: []
21
-# Change `false` to `true` if the plugin can be installed in the environment
22
-# after the deployment.
23
-is_hotpluggable: false
7
+authors:
8
+  - 'Artem Savinov, Mirantis'
9
+  - 'Igor Zinovik, Mirantis'
10
+homepage: https://github.com/openstack/fuel-plugin-nsx-t
11
+groups: ['network']
24 12
 
25 13
 # The plugin is compatible with releases in the list
26 14
 releases:
@@ -32,3 +20,4 @@ releases:
32 20
 
33 21
 # Version of plugin package
34 22
 package_version: '4.0.0'
23
+is_hotpluggable: false

+ 0
- 15
network_roles.yaml View File

@@ -1,15 +0,0 @@
1
-# Unique network role name
2
-- id: "example_net_role"
3
-  # Role mapping to network
4
-  default_mapping: "public"
5
-  properties:
6
-    # Should be true if network role requires subnet being set
7
-    subnet: true
8
-    # Should be true if network role requires gateway being set
9
-    gateway: false
10
-    # List of VIPs to be allocated
11
-    vip:
12
-         # Unique VIP name
13
-       - name: "vip_name"
14
-         # Optional linux namespace for VIP
15
-         namespace: "haproxy"

+ 0
- 13
node_roles.yaml View File

@@ -1,13 +0,0 @@
1
-nsx_role:
2
-  # Role name
3
-  name: "Set here the name for the role. This name will be displayed in the Fuel web UI"
4
-  # Role description
5
-  description: "Write description for your role"
6
-  # If primary then during orchestration this role will be
7
-  # separated into primary-role and role
8
-  has_primary: false
9
-  # Assign public IP to node if true
10
-  public_ip_required: false
11
-  # Weight that will be used to sort out the
12
-  # roles on the Fuel web UI
13
-  weight: 1000

BIN
repositories/ubuntu/python-vmware-nsx_8.0.0-1~u14.04+mos0_all.deb View File


+ 0
- 26
tasks.yaml View File

@@ -1,26 +0,0 @@
1
-# WARNING: `tasks.yaml` will be deprecated in further releases.
2
-# Please, use `deployment_tasks.yaml` to describe tasks instead.
3
-
4
-# This tasks will be applied on controller nodes,
5
-# here you can also specify several roles, for example
6
-# ['cinder', 'compute'] will be applied only on
7
-# cinder and compute nodes
8
-- role: ['controller']
9
-  stage: post_deployment
10
-  type: shell
11
-  parameters:
12
-    cmd: bash deploy.sh
13
-    timeout: 42
14
-# Task is applied for all roles
15
-- role: '*'
16
-  stage: pre_deployment
17
-  type: shell
18
-  parameters:
19
-    cmd: echo all > /tmp/plugin.all
20
-    timeout: 42
21
-# "reboot" task reboots the nodes and waits until they get back online
22
-# - role: '*'
23
-#   stage: pre_deployment
24
-#   type: reboot
25
-#   parameters:
26
-#     timeout: 600

+ 0
- 7
volumes.yaml View File

@@ -1,7 +0,0 @@
1
-volumes_roles_mapping:
2
-  # Default role mapping
3
-  nsx_role:
4
-    - {allocate_size: "min", id: "os"}
5
-
6
-# Set here new volumes for your role
7
-volumes: []

Loading…
Cancel
Save