x/fuel-plugin-nsxv
Code Issues Proposed changes

Adapt plugin deployment tasks to changed Neutron deployment

Browse Source 
* Adapt deploy nsxv neutron plugin for granular neutron deployment
* Create predifined networks/router
* Enable loadbalancer v1 support

Change-Id: I5fdf351957fddba3fa61190b251a71fb5c907d3b
This commit is contained in:
Artem Savinov
2015-11-09 17:24:13 +03:00
parent 0b419ef938
commit 66ae379778
21 changed files with 381 additions and 248 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp
View File

@@ -1,3 +1,7 @@
notice('fuel-plugin-nsxv: compute_vmware_nova_config.pp')
class { '::nsxv::compute_vmware_nova_config': }
$use_neutron = hiera('use_neutron', false)
if $use_neutron {
class { '::nsxv::compute_vmware_nova_config': }
}

11
deployment_scripts/puppet/manifests/haproxy-neutron-timeouts.pp
View File

@@ -1,11 +0,0 @@
# Default haproxy timeouts are too small and neuton CLI client receive 504
# error (gateway timeout) from haproxy. We are increasing timeouts for neutron
# backend to avoid this.
$nsx_timeouts = " timeout client 600s\n timeout client-fin 30s\n timeout server 600s\n timeout server-fin 30s\n"
file_line { 'neutron-nsxv-timeouts':
path => '/etc/haproxy/conf.d/085-neutron.cfg',
after => '^listen\s+neutron$',
line => $nsx_timeouts,
}

6
deployment_scripts/puppet/manifests/haproxy-nova-metadata-config.pp
View File

@@ -1,3 +1,7 @@
notice('fuel-plugin-nsxv: haproxy-nova-metadata-config.pp')
class { 'nsxv::haproxy_nova_metadata_config': }
$use_neutron = hiera('use_neutron', false)
if $use_neutron {
class { 'nsxv::haproxy_nova_metadata_config': }
}

10
deployment_scripts/puppet/manifests/hiera-override.pp
View File

@@ -1,6 +1,10 @@
notice('fuel-plugin-nsxv: hiera-override.pp')
# Values are changed by pre_build_hook
class { '::nsxv::hiera_override':
plugin_name => 'NAME',
$use_neutron = hiera('use_neutron', false)
if $use_neutron {
# Values are changed by pre_build_hook
class { '::nsxv::hiera_override':
plugin_name => 'NAME',
}
}

19
deployment_scripts/puppet/manifests/horizon-enable-lbaas.pp Normal file
View File

@@ -0,0 +1,19 @@
notice('fuel-plugin-nsxv: horizon-enable-lbaas.pp')
$use_neutron = hiera('use_neutron', false)
if $use_neutron {
$horizon_settings_file ='/etc/openstack-dashboard/local_settings.py'
$apache_service ='apache2'
exec { 'enable_lbaas':
command => "sed -ri \"s/^(\\s*)'enable_lb':.*/\\1'enable_lb': True,/g\" $horizon_settings_file",
unless => "egrep \"^\\s*'enable_lb':\\s*True\" $horizon_settings_file",
path => '/bin:/usr/bin',
provider => 'shell',
}
service{ $apache_service:
ensure => 'running',
}
Exec['enable_lbaas'] ~> Service[$apache_service]
}

31
deployment_scripts/puppet/manifests/neutron-haproxy-config.pp Normal file
View File

@@ -0,0 +1,31 @@
notice('fuel-plugin-nsxv: openstack-haproxy-neutron-nsxv.pp')
# NOT enabled by default
$use_neutron = hiera('use_neutron', false)
$neutron_address_map = get_node_to_ipaddr_map_by_network_role(hiera_hash('neutron_nodes'), 'neutron/api')
if ($use_neutron) {
$server_names = hiera_array('neutron_names', keys($neutron_address_map))
$ipaddresses = hiera_array('neutron_ipaddresses', values($neutron_address_map))
$public_virtual_ip = hiera('public_vip')
$internal_virtual_ip = hiera('management_vip')
$public_ssl_hash = hiera('public_ssl')
# configure neutron ha proxy
openstack::ha::haproxy_service { 'neutron':
internal_virtual_ip => $internal_virtual_ip,
ipaddresses => $ipaddresses,
public_virtual_ip => $public_virtual_ip,
server_names => $server_names,
order => '085',
listen_port => 9696,
public => true,
public_ssl => $public_ssl_hash['services'],
define_backups => true,
haproxy_config_options => {
option => ['httpchk', 'httplog','httpclose'],
timeout => ['client 600s','client-fin 30s','server 600s','server-fin 30s'],
},
balancermember_options => 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3',
}
}

67
deployment_scripts/puppet/manifests/neutron-network-create.pp Normal file
View File

@@ -0,0 +1,67 @@
notice('fuel-plugin-nsxv: neutron-network-create.pp')
# NOT enabled by default
$use_neutron = hiera('use_neutron', false)
if ($use_neutron) {
$access_hash = hiera_hash('access',{})
$controller_node = hiera('service_endpoint')
$neutron_config = hiera_hash('neutron_config')
$floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext')
$internal_net = try_get_value($neutron_config, 'default_private_net', 'net04')
$os_tenant_name = $access_hash['tenant']
$settings = hiera('nsxv')
if !empty($settings['nsxv_floating_ip_range']) and !empty($settings['nsxv_floating_net_cidr']) {
$floating_ip_range = split($settings['nsxv_floating_ip_range'], '-')
$floating_ip_range_start = $floating_ip_range[0]
$floating_ip_range_end = $floating_ip_range[1]
$floating_net_allocation_pool = "start=${floating_ip_range_start},end=${floating_ip_range_end}"
$floating_net_cidr = $settings['nsxv_floating_net_cidr']
$floating_net_gw = $settings['nsxv_floating_net_gw']
$default_floating_net_gw = regsubst($floating_net_cidr,'^(\d+\.\d+\.\d+)\.\d+/\d+$','\1.1')
neutron_network { $floating_net :
ensure => 'present',
provider_physical_network => $settings['nsxv_external_network'],
provider_network_type => 'flat',
router_external => true,
tenant_name => $os_tenant_name,
shared => true,
}
neutron_subnet { "${floating_net}__subnet" :
ensure => 'present',
cidr => $floating_net_cidr,
network_name => $floating_net,
tenant_name => $os_tenant_name,
gateway_ip => pick($floating_net_gw,$default_floating_net_gw),
enable_dhcp => false,
allocation_pools => $floating_net_allocation_pool,
require => Neutron_network[$floating_net],
}
}
if !empty($settings['nsxv_internal_net_cidr']) {
$internal_net_dns = split($settings['nsxv_internal_net_dns'], ',')
$internal_net_cidr = $settings['nsxv_internal_net_cidr']
neutron_network { $internal_net :
ensure => 'present',
provider_physical_network => false,
router_external => false,
tenant_name => $os_tenant_name,
shared => true,
}
neutron_subnet { "${internal_net}__subnet" :
ensure => 'present',
cidr => $internal_net_cidr,
network_name => $internal_net,
tenant_name => $os_tenant_name,
gateway_ip => regsubst($internal_net_cidr,'^(\d+\.\d+\.\d+)\.\d+/\d+$','\1.1'),
enable_dhcp => true,
dns_nameservers => pick($internal_net_dns,[]),
require => Neutron_network[$internal_net],
}
}
}

7
deployment_scripts/puppet/manifests/neutron-server-policy.pp Normal file
View File

@@ -0,0 +1,7 @@
notice('fuel-plugin-nsxv: neutron-server-policy.pp')
$use_neutron = hiera('use_neutron', false)
if $use_neutron {
class { '::nsxv::neutron_server_policy': }
}

66
deployment_scripts/puppet/manifests/neutron-server-start.pp Normal file
View File

@@ -0,0 +1,66 @@
notice('fuel-plugin-nsxv: neutron-server-start.pp')
$use_neutron = hiera('use_neutron', false)
if $use_neutron {
include ::neutron::params
$nsxv_config_file = '/etc/neutron/plugins/vmware/nsx.ini'
service { 'neutron-server':
ensure => 'running',
name => $::neutron::params::server_service,
enable => true,
hasstatus => true,
hasrestart => true,
}
neutron_config {
'DEFAULT/core_plugin': value => 'vmware_nsx.plugin.NsxVPlugin';
'DEFAULT/service_plugins': value => 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPlugin';
'service_providers/service_provider': value => 'LOADBALANCER:VMWareEdge:neutron_lbaas.services.loadbalancer.drivers.vmware.edge_driver.EdgeLoadbalancerDriver:default';
}
Neutron_config<||> ~> Service['neutron-server']
if 'primary-controller' in hiera('role') {
Exec['neutron-db-sync'] ~> Service['neutron-server']
Neutron_config<||> ~> Exec['neutron-db-sync']
$neutron_config = hiera_hash('neutron_config')
$management_vip = hiera('management_vip')
$service_endpoint = hiera('service_endpoint', $management_vip)
$auth_api_version = 'v2.0'
$identity_uri = "http://${service_endpoint}:5000"
$auth_url = "${identity_uri}/${auth_api_version}"
$auth_password = $neutron_config['keystone']['admin_password']
$auth_user = pick($neutron_config['keystone']['admin_user'], 'neutron')
$auth_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services')
$auth_region = hiera('region', 'RegionOne')
$auth_endpoint_type = 'internalURL'
exec { 'neutron-db-sync':
command => "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file ${nsxv_config_file} upgrade head",
path => '/usr/bin',
refreshonly => true,
logoutput => on_failure,
provider => 'shell',
}
exec { 'waiting-for-neutron-api':
environment => [
"OS_TENANT_NAME=${auth_tenant}",
"OS_USERNAME=${auth_user}",
"OS_PASSWORD=${auth_password}",
"OS_AUTH_URL=${auth_url}",
"OS_REGION_NAME=${auth_region}",
"OS_ENDPOINT_TYPE=${auth_endpoint_type}",
],
path => '/usr/sbin:/usr/bin:/sbin:/bin',
tries => '30',
try_sleep => '4',
command => 'neutron net-list --http-timeout=4 2>&1 > /dev/null',
provider => 'shell',
require => Service['neutron-server'],
}
}
}

6
deployment_scripts/puppet/manifests/nsxv-config.pp
View File

@@ -1,3 +1,7 @@
notice('fuel-plugin-nsxv: nsxv-config.pp')
class { '::nsxv': }
$use_neutron = hiera('use_neutron', false)
if $use_neutron {
class { '::nsxv': }
}

3
deployment_scripts/puppet/manifests/patch-neutron-manifest.pp
View File

@@ -1,3 +0,0 @@
notice('fuel-plugin-nsxv: patch-neutron-manifest.pp')
class { '::nsxv::patch_neutron_manifest': }

134
deployment_scripts/puppet/modules/nsxv/files/openstack-network-controller.pp
View File

@@ -1,134 +0,0 @@
notice('MODULAR: openstack-network-controller.pp(fuel-plugin-nsxv patch)')
$core_plugin = 'vmware_nsx.plugin.NsxVPlugin'
$neutron_config = hiera_hash('quantum_settings')
$rabbit_hash = hiera_hash('rabbit_hash', {})
$ceilometer_hash = hiera('ceilometer',{})
$nova_hash = hiera_hash('nova', {})
$network_scheme = hiera('network_scheme', {})
prepare_network_config($network_scheme)
# Neutron DB settings
$neutron_db_password = $neutron_config['database']['passwd']
$neutron_db_user = pick($neutron_config['database']['user'], 'neutron')
$neutron_db_name = pick($neutron_config['database']['name'], 'neutron')
$neutron_db_host = pick($neutron_config['database']['host'], hiera('database_vip'))
$neutron_db_uri = "mysql://${neutron_db_user}:${neutron_db_password}@${neutron_db_host}/${neutron_db_name}?&read_timeout=60"
# Neutron Keystone settings
$neutron_user_password = $neutron_config['keystone']['admin_password']
$keystone_user = pick($neutron_config['keystone']['admin_user'], 'neutron')
$keystone_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services')
# base
$neutron_local_address_for_bind = get_network_role_property('neutron/api', 'ipaddr') # prepare_network_config need
$region = hiera('region', 'RegionOne')
$management_vip = hiera('management_vip')
$service_workers = pick($neutron_config['workers'], min(max($::processorcount, 2), 16))
# endpoints
$service_endpoint = hiera('service_endpoint')
$nova_endpoint = hiera('nova_endpoint', $management_vip)
$neutron_endpoint = hiera('neutron_endpoint', $management_vip)
# logs
$debug = hiera('debug', true)
$use_syslog = hiera('use_syslog', true)
$use_stderr = hiera('use_stderr', false)
$syslog_log_facility_neutron = hiera('syslog_log_facility_neutron', 'LOG_LOCAL4')
# Queue settings
$queue_provider = hiera('queue_provider', 'rabbitmq')
$amqp_hosts = split(hiera('amqp_hosts', ''), ',')
class { 'l23network' :
use_ovs => false
}
include ::nova::params
service { 'nova-api':
ensure => 'running',
name => $::nova::params::api_service_name,
}
Nova_config<| |> ~> Service['nova-api']
class { 'openstack::network':
network_provider => 'neutron',
agents => [],
ha_agents => false,
verbose => true,
debug => $debug,
use_syslog => $use_syslog,
use_stderr => $use_stderr,
syslog_log_facility => $syslog_log_facility_neutron,
neutron_server => true,
neutron_server_enable => true,
neutron_db_uri => $neutron_db_uri,
nova_neutron => true,
base_mac => undef,
core_plugin => $core_plugin,
service_plugins => [],
net_mtu => undef,
network_device_mtu => undef,
bind_host => $neutron_local_address_for_bind,
dvr => false,
l2_population => false,
service_workers => $service_workers,
#ovs
mechanism_drivers => undef,
local_ip => undef,
bridge_mappings => undef,
network_vlan_ranges => undef,
enable_tunneling => undef,
tunnel_id_ranges => undef,
vni_ranges => undef,
tunnel_types => undef,
tenant_network_types => undef,
floating_bridge => undef,
#Queue settings
queue_provider => $queue_provider,
amqp_hosts => $amqp_hosts,
amqp_user => $rabbit_hash['user'],
amqp_password => $rabbit_hash['password'],
# keystone
admin_password => $neutron_user_password,
auth_url => "http://${service_endpoint}:35357/v2.0",
identity_uri => "http://${service_endpoint}:35357",
neutron_url => "http://${neutron_endpoint}:9696",
admin_tenant_name => $keystone_tenant,
admin_username => $keystone_user,
region => $region,
# Ceilometer notifications
ceilometer => $ceilometer_hash['enabled'],
#metadata
shared_secret => undef,
metadata_ip => undef,
isolated_metadata => undef,
#nova settings
private_interface => undef,
public_interface => undef,
fixed_range => undef,
floating_range => undef,
network_manager => undef,
network_config => undef,
create_networks => undef,
num_networks => undef,
network_size => undef,
nameservers => undef,
enable_nova_net => undef,
nova_admin_username => $nova_hash['user'],
nova_admin_tenant_name => $nova_hash['tenant'],
nova_admin_password => $nova_hash['user_password'],
nova_url => "http://${nova_endpoint}:8774/v2",
}

2
deployment_scripts/puppet/modules/nsxv/files/policy.d/02-nsxv-network-gateways.json
View File

@@ -6,5 +6,5 @@
"disconnect_network": "rule:admin_or_owner",
"create_gateway_device": "rule:admin_or_owner",
"update_gateway_device": "rule:admin_or_owner",
"delete_gateway_device": "rule_admin_or_owner"
"delete_gateway_device": "rule:admin_or_owner"
}

2
deployment_scripts/puppet/modules/nsxv/manifests/compute_vmware_nova_config.pp
View File

@@ -2,7 +2,7 @@ class nsxv::compute_vmware_nova_config (
) {
include ::nova::params
$neutron_config = hiera_hash('quantum_settings')
$neutron_config = hiera_hash('neutron_config')
$neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret']
$nova_parameters = {
'neutron/service_metadata_proxy' => { value => 'True' },

16
deployment_scripts/puppet/modules/nsxv/manifests/hiera_override.pp
View File

@@ -4,13 +4,13 @@ class nsxv::hiera_override (
$override_file = "/etc/hiera/override/${plugin_name}.yaml"
$override_dir = dirname($override_file)
$quantum_settings = inline_template("<%-
$neutron_config = inline_template("<%-
require 'yaml'
settings = scope.function_hiera(['quantum_settings'])
settings = scope.function_hiera(['neutron_config'])
settings['predefined_networks'] = {}
quantum_settings = { 'quantum_settings' => settings }
neutron_config = { 'neutron_config' => settings }
-%>
<%= quantum_settings.to_yaml %>")
<%= neutron_config.to_yaml %>")
$network_metadata = inline_template("<%-
require 'yaml'
@@ -76,9 +76,15 @@ class nsxv::hiera_override (
concat::fragment{ 'quantum_settings':
ensure => present,
target => $override_file,
content => $quantum_settings,
content => regsubst($neutron_config,'neutron_config','quantum_settings'),
order => '01'
}
concat::fragment{ 'neutron_config':
ensure => present,
target => $override_file,
content => regsubst($neutron_config,'---',''),
order => '05'
}
concat::fragment{ 'network_metadata':
ensure => present,
target => $override_file,

26
deployment_scripts/puppet/modules/nsxv/manifests/init.pp
View File

@@ -1,37 +1,41 @@
class nsxv (
$nsxv_config_dir = '/etc/neutron/plugins/vmware',
$neutron_plugin_name = 'python-vmware-nsx',
$neutron_plugin_file = '/etc/neutron/plugin.ini',
$lbaas_plugin_name = 'python-neutron-lbaas',
) {
$quantum_settings = hiera('quantum_settings')
$neutron_config = hiera('neutron_config')
$settings = hiera('nsxv')
# Do not remove unused variables: template nsx.ini.erb refers to them
$nova_metadata_ips = hiera('public_vip')
$nova_metadata_port = '8775'
$metadata_shared_secret = $quantum_settings['metadata']['metadata_proxy_shared_secret']
$metadata_shared_secret = $neutron_config['metadata']['metadata_proxy_shared_secret']
$nsxv_config_dirs = [ '/etc/neutron', '/etc/neutron/plugins', '/etc/neutron/plugins/vmware' ]
if ! $settings['nsxv_insecure'] {
$ca_certificate_content = $settings['nsxv_ca_file']['content']
$ca_file = "${nsxv_config_dir}/ca.pem"
$ca_filename = $settings['nsxv_ca_file']['name']
$ca_file = "${nsxv_config_dir}/${ca_filename}"
file { $ca_file:
ensure => present,
content => $ca_certificate_content,
require => Exec['nsxv_config_dir'],
require => File[$nsxv_config_dirs],
}
}
package { $neutron_plugin_name:
ensure => latest,
}
package { $lbaas_plugin_name:
ensure => latest,
}
package { 'tcl-testvm':
ensure => latest,
}
$nsxv_config_dirs = [ '/etc/neutron', '/etc/neutron/plugins', '/etc/neutron/plugins/vmware' ]
file { $nsxv_config_dirs:
ensure => directory
}
@@ -41,15 +45,9 @@ class nsxv (
content => template("${module_name}/nsx.ini.erb"),
require => File[$nsxv_config_dirs],
}
# temprorary workaround for use nsx.ini
file { '/etc/default/neutron-server':
ensure => file,
content => "CONF_ARG='--config-file ${neutron_plugin_file}'",
}
# need for work db_sync
file { $neutron_plugin_file:
ensure => link,
target => "${nsxv_config_dir}/nsx.ini",
replace => true,
require => File[$nsxv_config_dirs]
content => "CONF_ARG='--config-file ${nsxv_config_dir}/nsx.ini'",
}
}

10
deployment_scripts/puppet/modules/nsxv/manifests/neutron_server_policy.pp Normal file
View File

@@ -0,0 +1,10 @@
class nsxv::neutron_server_policy (
$policy_dir = '/etc/neutron/policy.d'
) {
file { $policy_dir:
ensure => directory,
mode => '0755',
source => "puppet:///modules/${module_name}/policy.d",
recurse => true,
}
}

24
deployment_scripts/puppet/modules/nsxv/manifests/patch_neutron_manifest.pp
View File

@@ -1,24 +0,0 @@
class nsxv::patch_neutron_manifest (
$manifest_file = '/etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-controller.pp',
$policy_dir = '/etc/neutron/policy.d'
) {
$neutron_dir = '/etc/neutron'
file { $manifest_file:
ensure => file,
source => "puppet:///modules/${module_name}/openstack-network-controller.pp",
mode => '0644',
replace => true,
}
file { $neutron_dir:
ensure => directory,
mode => '0755',
}
file { $policy_dir:
ensure => directory,
mode => '0755',
source => "puppet:///modules/${module_name}/policy.d",
recurse => true,
require => File[$neutron_dir],
}
}

70
deployment_tasks.yaml
View File

@@ -25,20 +25,11 @@
puppet_manifest: puppet/manifests/haproxy-nova-metadata-config.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 120
- id: haproxy-increase-neutron-timeouts
type: puppet
groups: ['primary-controller','controller']
required_for: [openstack-haproxy]
requires: [openstack-haproxy-neutron]
parameters:
puppet_manifest: puppet/manifests/haproxy-neutron-timeouts.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 30
- id: nsxv-install
type: puppet
groups: ['primary-controller','controller']
required_for: [openstack-network]
requires: [hiera-override]
required_for: [openstack-network-neutron-start]
requires: [hiera-override,openstack-network-server-config]
parameters:
puppet_manifest: puppet/manifests/nsxv-config.pp
puppet_modules: puppet/modules:/etc/puppet/modules
@@ -61,3 +52,60 @@
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/netconfig/configure_default_route.pp
puppet_modules: /etc/puppet/modules
timeout: 300
- id: openstack-haproxy-neutron
type: skipped
- id: openstack-haproxy-neutron-nsxv
type: puppet
groups: [primary-controller, controller]
required_for: [openstack-haproxy]
requires: [deploy_start, cluster-haproxy]
parameters:
puppet_manifest: puppet/manifests/neutron-haproxy-config.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 300
- id: openstack-network-plugins-l2
type: skipped
- id: openstack-network-networks
type: skipped
- id: openstack-network-agents-l3
type: skipped
- id: openstack-network-agents-dhcp
type: skipped
- id: openstack-network-agents-metadata
type: skipped
- id: openstack-network-neutron-policy
type: puppet
groups: [primary-controller,controller]
required_for: [openstack-network-neutron-start]
requires: [openstack-network-server-config]
parameters:
puppet_manifest: puppet/manifests/neutron-server-policy.pp
puppet_modules: puppet/modules
timeout: 300
- id: openstack-network-neutron-start
type: puppet
groups: [primary-controller,controller]
required_for: [openstack-network-server-nova]
requires: [openstack-network-neutron-policy]
parameters:
puppet_manifest: puppet/manifests/neutron-server-start.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 1800
- id: openstack-network-networks-nsxv
type: puppet
groups: [primary-controller]
required_for: [openstack-network-end,openstack-network-routers]
requires: [openstack-network-neutron-start]
parameters:
puppet_manifest: puppet/manifests/neutron-network-create.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 600
- id: horizon-enable-lbaas
type: puppet
groups: [primary-controller,controller]
required_for: [deploy_end]
requires: [horizon]
parameters:
puppet_manifest: puppet/manifests/horizon-enable-lbaas.pp
puppet_modules: puppet/modules
timeout: 120

106
environment_config.yaml
View File

@@ -8,7 +8,7 @@ attributes:
value: ''
label: 'NSX Manager hostname (or IP)'
description: ''
weight: 5
weight: 20
type: 'text'
regex:
source: '^.+$'
@@ -17,7 +17,7 @@ attributes:
value: ''
label: 'NSX Manager user'
description: ''
weight: 10
weight: 25
type: 'text'
regex:
source: '^.+$'
@@ -26,7 +26,7 @@ attributes:
value: ''
label: 'NSX Manager password'
description: ''
weight: 15
weight: 30
type: 'password'
regex:
source: '^.+$'
@@ -35,7 +35,7 @@ attributes:
value: ''
label: 'Datacenter MoRef ID'
description: 'Datacenter MoRef ID for Edge deployment, e.g. datacenter-126'
weight: 20
weight: 35
type: 'text'
regex:
source: '^[a-z]+-[a-z0-9]+$'
@@ -44,7 +44,7 @@ attributes:
value: ''
label: 'Cluster MoRef IDs for OpenStack VMs'
description: 'Comma separated cluster MoRef IDs for OpenStack VMs, e.g. domain-c133,domain-c134'
weight: 25
weight: 40
type: 'text'
regex:
source: '^(?:[a-z]+-[a-z0-9]+)(?:,[a-z]+-[a-z0-9]+)*'
@@ -53,7 +53,7 @@ attributes:
value: ''
label: 'Resource pool MoRef ID'
description: 'Resource pool MoRef ID for NSX Edge nodes deployment'
weight: 35
weight: 45
type: 'text'
regex:
source: '^[a-z]+-[a-z0-9]+$'
@@ -62,7 +62,7 @@ attributes:
value: ''
label: 'Datastore MoRef ID'
description: 'Datastore MoRef ID for NSX Edge nodes deployment'
weight: 40
weight: 50
type: 'text'
regex:
source: '^[a-z]+-[a-z0-9]+$'
@@ -71,7 +71,7 @@ attributes:
value: ''
label: 'External portgroup MoRef ID'
description: 'External portgroup MoRef ID for NSX Edge physical connectivity'
weight: 45
weight: 55
type: 'text'
regex:
source: '^[a-z]+-[a-z0-9]+$'
@@ -80,19 +80,25 @@ attributes:
value: ''
label: 'Transport zone MoRef ID'
description: 'Transport zone MoRef ID for VXLAN networks'
weight: 50
weight: 60
type: 'text'
regex:
source: '^vdnscope-[0-9]+$'
error: 'Invalid transport zone MoRef ID'
nsxv_dvs_id:
value: ''
label: 'Distributed virtual switch MoRef ID'
description: 'DVS MoRef ID connected to Edge cluster'
weight: 55
weight: 65
type: 'text'
regex:
source: '^dvs-[0-9]+$'
error: 'Invalid DVS MoRef ID'
nsxv_backup_edge_pool:
value: ''
label: 'NSX backup Edge pool'
description: 'Define backup edge pools management range with the four-tuple: <edge_type>:[edge_size]:<minimum_pooled_edges>:<maximum_pooled_edges>'
weight: 60
weight: 70
type: 'text'
regex:
source: '^(?:(?:service|vdr):(?:compact|large|xlarge|quadlarge):[0-9]+:[0-9]+)(?:,(?:service|vdr):(?:compact|large|xlarge|quadlarge):[0-9]+:[0-9]+)*$'
@@ -101,19 +107,19 @@ attributes:
value: true
label: 'Enable HA for NSX Edges'
description: 'Deploy NSX Edges in HA pair'
weight: 65
weight: 75
type: 'checkbox'
nsxv_insecure:
value: true
label: 'Bypass NSX Manager certificate verification'
description: ''
weight: 70
weight: 80
type: 'checkbox'
nsxv_ca_file:
value: ''
label: 'CA certificate file'
description: 'Specify a CA certificate file to use in verifying NSX Manager certificate'
weight: 75
weight: 85
type: 'file'
restrictions:
- condition: 'settings:nsxv.nsxv_insecure.value == true'
@@ -122,37 +128,76 @@ attributes:
value: ''
label: 'Metadata portgroup MoRef ID'
description: 'Portgroup MoRef ID for metadata proxy management network'
weight: 80
weight: 90
type: 'text'
nsxv_mgt_net_proxy_ips:
value: ''
label: 'Metadata proxy IP addresses'
description: 'Management network IP address for metadata proxy, comma separated'
weight: 85
weight: 95
type: 'text'
nsxv_mgt_net_proxy_netmask:
value: ''
label: 'Management network netmask'
description: 'Management network netmask for metadata proxy'
weight: 90
weight: 100
type: 'text'
nsxv_mgt_net_default_gateway:
value: ''
label: 'Management network default gateway'
description: 'Management network default gateway for metadata proxy'
weight: 95
weight: 105
type: 'text'
nsxv_floating_ip_range:
value: ''
label: 'Floating IP ranges'
description: 'Dash separated IP addresses allocation pool from external network, e.g. "start_ip_address-end_ip_address"'
weight: 110
type: 'text'
regex:
source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}-(?:[0-9]{1,3}\.){3}[0-9]{1,3}$'
error: 'Invalid IP ranges'
nsxv_floating_net_cidr:
value: ''
label: 'External network CIDR'
description: 'Network in CIDR notation includes floating IP ranges'
weight: 115
type: 'text'
regex:
source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$'
error: 'Invalid network in CIDR notation'
nsxv_floating_net_gw:
value: ''
label: 'Gateway'
description: 'Default gateway for external network, if not defined use first IP of the network address'
weight: 120
type: 'text'
nsxv_internal_net_cidr:
value: ''
label: 'Internal network CIDR'
description: 'Network in CIDR notation for use as internal'
weight: 125
type: 'text'
regex:
source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$'
error: 'Invalid network in CIDR notation'
nsxv_internal_net_dns:
value: ''
label: 'DNS for internal network'
description: 'Comma separated IP addresses of DNS server for internal network'
weight: 130
type: 'text'
nsxv_additional:
value: false
label: 'Additional settings'
description: ''
weight: 100
weight: 135
type: 'checkbox'
nsxv_task_status_check_interval:
value: ''
label: 'Task status check interval (millisecond)'
description: 'Asynchronous task status check interval'
weight: 105
weight: 140
type: 'text'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
@@ -161,7 +206,7 @@ attributes:
value: ''
label: 'Maximum tunnels per vnic'
description: 'Maximum number of sub interfaces supported per vnic in edge'
weight: 110
weight: 145
type: 'text'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
@@ -170,7 +215,7 @@ attributes:
value: ''
label: 'API retries'
description: 'Maximum number of API retries'
weight: 115
weight: 150
type: 'text'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
@@ -179,7 +224,7 @@ attributes:
value: false
label: 'Enable SpoofGuard'
description: 'Indicates if NSXv SpoofGuard component is used to implement port-security feature'
weight: 120
weight: 155
type: 'checkbox'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
@@ -188,17 +233,16 @@ attributes:
value: ''
label: 'Tenant router types'
description: 'Ordered list of router types to allocate as tenant routers'
weight: 125
weight: 160
type: 'text'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
action: 'hide'
nsxv_exclusive_router_appliance_size:
value: ''
label: 'Exclusive router type'
label: 'Exclusive router size'
description: 'Edge form factor for exclusive router'
regex: ^(compact|large|quadlarge|xlarge)$
weight: 130
weight: 165
type: 'text'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
@@ -207,7 +251,7 @@ attributes:
value: ''
label: 'Edge user'
description: 'User for Edge node login'
weight: 135
weight: 170
type: 'text'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
@@ -216,7 +260,7 @@ attributes:
value: ''
label: 'Edge password'
description: 'Password for Edge node login'
weight: 140
weight: 175
type: 'password'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
@@ -225,7 +269,7 @@ attributes:
value: ''
label: 'DHCP lease time'
description: ''
weight: 145
weight: 180
type: 'text'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'
@@ -234,7 +278,7 @@ attributes:
value: ''
label: 'Coordinator url'
description: 'URL for distributed locking coordinator'
weight: 150
weight: 185
type: 'text'
restrictions:
- condition: 'settings:nsxv.nsxv_additional.value == false'

7
tasks.yaml
View File

@@ -1,7 +0,0 @@
- role: ['primary-controller','controller']
stage: pre_deployment/4010
type: puppet
parameters:
puppet_manifest: puppet/manifests/patch-neutron-manifest.pp
puppet_modules: puppet/modules
timeout: 120