diff --git a/deployment_scripts/puppet/manifests/add-private-key-to-compute.pp b/deployment_scripts/puppet/manifests/add-private-key-to-compute.pp new file mode 100644 index 0000000..8e11caa --- /dev/null +++ b/deployment_scripts/puppet/manifests/add-private-key-to-compute.pp @@ -0,0 +1,3 @@ +notice('fuel-plugin-nsxv: add-private-key-to-compute.pp') + +class { '::nsxv::add_private_key_to_compute': } diff --git a/deployment_scripts/puppet/manifests/add-public-key-to-controller.pp b/deployment_scripts/puppet/manifests/add-public-key-to-controller.pp new file mode 100644 index 0000000..026bd17 --- /dev/null +++ b/deployment_scripts/puppet/manifests/add-public-key-to-controller.pp @@ -0,0 +1,3 @@ +notice('fuel-plugin-nsxv: add-public-key-to-controller.pp') + +class { '::nsxv::add_public_key_to_controller': } diff --git a/deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp b/deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp index 324dd8e..cfeea25 100644 --- a/deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp +++ b/deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp @@ -1,7 +1,3 @@ notice('fuel-plugin-nsxv: compute_vmware_nova_config.pp') -$use_neutron = hiera('use_neutron', false) - -if $use_neutron { - class { '::nsxv::compute_vmware_nova_config': } -} +class { '::nsxv::compute_vmware_nova_config': } diff --git a/deployment_scripts/puppet/manifests/gem-install.pp b/deployment_scripts/puppet/manifests/gem-install.pp new file mode 100644 index 0000000..8ef9673 --- /dev/null +++ b/deployment_scripts/puppet/manifests/gem-install.pp @@ -0,0 +1,6 @@ +notice('fuel-plugin-nsxv: gem-install.pp') + +# ruby gem package must be pre installed before puppet module used +package { 'ruby-rbvmomi': + ensure => latest, +} diff --git a/deployment_scripts/puppet/manifests/haproxy-nova-metadata-config.pp b/deployment_scripts/puppet/manifests/haproxy-nova-metadata-config.pp index e739e5d..a25eaf6 100644 --- a/deployment_scripts/puppet/manifests/haproxy-nova-metadata-config.pp +++ b/deployment_scripts/puppet/manifests/haproxy-nova-metadata-config.pp @@ -1,7 +1,3 @@ notice('fuel-plugin-nsxv: haproxy-nova-metadata-config.pp') -$use_neutron = hiera('use_neutron', false) - -if $use_neutron { - class { 'nsxv::haproxy_nova_metadata_config': } -} +class { 'nsxv::haproxy_nova_metadata_config': } diff --git a/deployment_scripts/puppet/manifests/hiera-override.pp b/deployment_scripts/puppet/manifests/hiera-override.pp index 809c3f4..36799a6 100644 --- a/deployment_scripts/puppet/manifests/hiera-override.pp +++ b/deployment_scripts/puppet/manifests/hiera-override.pp @@ -1,10 +1,5 @@ notice('fuel-plugin-nsxv: hiera-override.pp') -$use_neutron = hiera('use_neutron', false) - -if $use_neutron { - # Values are changed by pre_build_hook - class { '::nsxv::hiera_override': - plugin_name => 'NAME', - } +class { '::nsxv::hiera_override': + plugin_name => 'NAME', } diff --git a/deployment_scripts/puppet/manifests/horizon-enable-lbaas.pp b/deployment_scripts/puppet/manifests/horizon-enable-lbaas.pp index 9438636..d029907 100644 --- a/deployment_scripts/puppet/manifests/horizon-enable-lbaas.pp +++ b/deployment_scripts/puppet/manifests/horizon-enable-lbaas.pp @@ -1,19 +1,15 @@ notice('fuel-plugin-nsxv: horizon-enable-lbaas.pp') -$use_neutron = hiera('use_neutron', false) +$horizon_settings_file ='/etc/openstack-dashboard/local_settings.py' +$apache_service ='apache2' -if $use_neutron { - $horizon_settings_file ='/etc/openstack-dashboard/local_settings.py' - $apache_service ='apache2' - - exec { 'enable_lbaas': - command => "sed -ri \"s/^(\\s*)'enable_lb':.*/\\1'enable_lb': True,/g\" ${horizon_settings_file}", - unless => "egrep \"^\\s*'enable_lb':\\s*True\" ${horizon_settings_file}", - path => '/bin:/usr/bin', - provider => 'shell', - } - service{ $apache_service: - ensure => 'running', - } - Exec['enable_lbaas'] ~> Service[$apache_service] +exec { 'enable_lbaas': + command => "sed -ri \"s/^(\\s*)'enable_lb':.*/\\1'enable_lb': True,/g\" ${horizon_settings_file}", + unless => "egrep \"^\\s*'enable_lb':\\s*True\" ${horizon_settings_file}", + path => '/bin:/usr/bin', + provider => 'shell', } +service{ $apache_service: + ensure => 'running', +} +Exec['enable_lbaas'] ~> Service[$apache_service] diff --git a/deployment_scripts/puppet/manifests/neutron-haproxy-config.pp b/deployment_scripts/puppet/manifests/neutron-haproxy-config.pp index 6f5ccf9..c02bf03 100644 --- a/deployment_scripts/puppet/manifests/neutron-haproxy-config.pp +++ b/deployment_scripts/puppet/manifests/neutron-haproxy-config.pp @@ -1,7 +1,3 @@ notice('fuel-plugin-nsxv: neutron-haproxy-config.pp') -$use_neutron = hiera('use_neutron', false) - -if $use_neutron { - class { '::nsxv::neutron_haproxy_config': } -} +class { '::nsxv::neutron_haproxy_config': } diff --git a/deployment_scripts/puppet/manifests/neutron-network-create.pp b/deployment_scripts/puppet/manifests/neutron-network-create.pp index 6d4af87..11c2806 100644 --- a/deployment_scripts/puppet/manifests/neutron-network-create.pp +++ b/deployment_scripts/puppet/manifests/neutron-network-create.pp @@ -1,68 +1,64 @@ notice('fuel-plugin-nsxv: neutron-network-create.pp') -# NOT enabled by default $plugin_name = 'NAME' -$use_neutron = hiera('use_neutron', false) -if ($use_neutron) { - $access_hash = hiera_hash('access',{}) - $controller_node = hiera('service_endpoint') - $neutron_config = hiera_hash('neutron_config') - $floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext') - $internal_net = try_get_value($neutron_config, 'default_private_net', 'net04') - $os_tenant_name = $access_hash['tenant'] - $settings = hiera($plugin_name) +$access_hash = hiera_hash('access',{}) +$controller_node = hiera('service_endpoint') +$neutron_config = hiera_hash('neutron_config') +$floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext') +$internal_net = try_get_value($neutron_config, 'default_private_net', 'net04') +$os_tenant_name = $access_hash['tenant'] +$settings = hiera($plugin_name) - if !empty($settings['nsxv_floating_ip_range']) and !empty($settings['nsxv_floating_net_cidr']) { - $floating_ip_range = split($settings['nsxv_floating_ip_range'], '-') - $floating_ip_range_start = $floating_ip_range[0] - $floating_ip_range_end = $floating_ip_range[1] - $floating_net_allocation_pool = "start=${floating_ip_range_start},end=${floating_ip_range_end}" +if !empty($settings['nsxv_floating_ip_range']) and !empty($settings['nsxv_floating_net_cidr']) { + $floating_ip_range = split($settings['nsxv_floating_ip_range'], '-') + $floating_ip_range_start = $floating_ip_range[0] + $floating_ip_range_end = $floating_ip_range[1] + $floating_net_allocation_pool = "start=${floating_ip_range_start},end=${floating_ip_range_end}" - $floating_net_cidr = $settings['nsxv_floating_net_cidr'] - $floating_net_gw = $settings['nsxv_floating_net_gw'] - $default_floating_net_gw = regsubst($floating_net_cidr,'^(\d+\.\d+\.\d+)\.\d+/\d+$','\1.1') + $floating_net_cidr = $settings['nsxv_floating_net_cidr'] + $floating_net_gw = $settings['nsxv_floating_net_gw'] + $default_floating_net_gw = regsubst($floating_net_cidr,'^(\d+\.\d+\.\d+)\.\d+/\d+$','\1.1') - neutron_network { $floating_net : - ensure => 'present', - provider_physical_network => $settings['nsxv_external_network'], - provider_network_type => 'flat', - router_external => true, - tenant_name => $os_tenant_name, - shared => true, - } - neutron_subnet { "${floating_net}__subnet" : - ensure => 'present', - cidr => $floating_net_cidr, - network_name => $floating_net, - tenant_name => $os_tenant_name, - gateway_ip => pick($floating_net_gw,$default_floating_net_gw), - enable_dhcp => false, - allocation_pools => $floating_net_allocation_pool, - require => Neutron_network[$floating_net], - } + neutron_network { $floating_net : + ensure => 'present', + provider_physical_network => $settings['nsxv_external_network'], + provider_network_type => 'flat', + router_external => true, + tenant_name => $os_tenant_name, + shared => true, } - - if !empty($settings['nsxv_internal_net_cidr']) { - $internal_net_dns = split($settings['nsxv_internal_net_dns'], ',') - $internal_net_cidr = $settings['nsxv_internal_net_cidr'] - - neutron_network { $internal_net : - ensure => 'present', - provider_physical_network => false, - router_external => false, - tenant_name => $os_tenant_name, - shared => true, - } - neutron_subnet { "${internal_net}__subnet" : - ensure => 'present', - cidr => $internal_net_cidr, - network_name => $internal_net, - tenant_name => $os_tenant_name, - gateway_ip => regsubst($internal_net_cidr,'^(\d+\.\d+\.\d+)\.\d+/\d+$','\1.1'), - enable_dhcp => true, - dns_nameservers => pick($internal_net_dns,[]), - require => Neutron_network[$internal_net], - } + neutron_subnet { "${floating_net}__subnet" : + ensure => 'present', + cidr => $floating_net_cidr, + network_name => $floating_net, + tenant_name => $os_tenant_name, + gateway_ip => pick($floating_net_gw,$default_floating_net_gw), + enable_dhcp => false, + allocation_pools => $floating_net_allocation_pool, + require => Neutron_network[$floating_net], + } +} + +if !empty($settings['nsxv_internal_net_cidr']) { + $internal_net_dns = split($settings['nsxv_internal_net_dns'], ',') + $internal_net_cidr = $settings['nsxv_internal_net_cidr'] + + neutron_network { $internal_net : + ensure => 'present', + provider_physical_network => false, + router_external => false, + tenant_name => $os_tenant_name, + shared => true, + } + neutron_subnet { "${internal_net}__subnet" : + ensure => 'present', + cidr => $internal_net_cidr, + network_name => $internal_net, + tenant_name => $os_tenant_name, + gateway_ip => regsubst($internal_net_cidr,'^(\d+\.\d+\.\d+)\.\d+/\d+$','\1.1'), + enable_dhcp => true, + dns_nameservers => pick($internal_net_dns,[]), + require => Neutron_network[$internal_net], } } diff --git a/deployment_scripts/puppet/manifests/neutron-reconf-add-compute.pp b/deployment_scripts/puppet/manifests/neutron-reconf-add-compute.pp new file mode 100644 index 0000000..7c24873 --- /dev/null +++ b/deployment_scripts/puppet/manifests/neutron-reconf-add-compute.pp @@ -0,0 +1,22 @@ +notice('fuel-plugin-nsxv: neutron-reconf-add-compute.pp') + +$controllers = get_controllers_ip(hiera('nodes')) +exec { 'random_wait': + command => "/bin/bash -c 'sleep $((RANDOM%30))'", + provider => 'posix', +} +ssh_to_controller { $controllers: + require => Exec['random_wait'], +} + +# workaround for use $name, else not work +define ssh_to_controller() { + exec { $name: + command => "ssh -l root -i /root/.ssh/compute_vmware_key -T -o 'StrictHostKeyChecking no' -o 'UserKnownHostsFile /dev/null' ${name}", + path => '/usr/bin:/usr/sbin:/bin', + provider => shell, + tries => 3, + try_sleep => 10, + logoutput => on_failure, + } +} diff --git a/deployment_scripts/puppet/manifests/neutron-server-policy.pp b/deployment_scripts/puppet/manifests/neutron-server-policy.pp index 4fb1335..b7af8fa 100644 --- a/deployment_scripts/puppet/manifests/neutron-server-policy.pp +++ b/deployment_scripts/puppet/manifests/neutron-server-policy.pp @@ -1,7 +1,3 @@ notice('fuel-plugin-nsxv: neutron-server-policy.pp') -$use_neutron = hiera('use_neutron', false) - -if $use_neutron { - class { '::nsxv::neutron_server_policy': } -} +class { '::nsxv::neutron_server_policy': } diff --git a/deployment_scripts/puppet/manifests/neutron-server-start.pp b/deployment_scripts/puppet/manifests/neutron-server-start.pp index a8a2af2..6b82ef3 100644 --- a/deployment_scripts/puppet/manifests/neutron-server-start.pp +++ b/deployment_scripts/puppet/manifests/neutron-server-start.pp @@ -1,66 +1,62 @@ notice('fuel-plugin-nsxv: neutron-server-start.pp') -$use_neutron = hiera('use_neutron', false) +include ::neutron::params -if $use_neutron { - include ::neutron::params +$nsxv_config_file = '/etc/neutron/plugins/vmware/nsx.ini' - $nsxv_config_file = '/etc/neutron/plugins/vmware/nsx.ini' +service { 'neutron-server': + ensure => 'running', + name => $::neutron::params::server_service, + enable => true, + hasstatus => true, + hasrestart => true, +} - service { 'neutron-server': - ensure => 'running', - name => $::neutron::params::server_service, - enable => true, - hasstatus => true, - hasrestart => true, +neutron_config { + 'DEFAULT/core_plugin': value => 'vmware_nsx.plugin.NsxVPlugin'; + 'DEFAULT/service_plugins': value => 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPlugin'; + 'service_providers/service_provider': value => 'LOADBALANCER:VMWareEdge:neutron_lbaas.services.loadbalancer.drivers.vmware.edge_driver.EdgeLoadbalancerDriver:default'; +} +Neutron_config<||> ~> Service['neutron-server'] + +if 'primary-controller' in hiera('role') { + Exec['neutron-db-sync'] ~> Service['neutron-server'] + Neutron_config<||> ~> Exec['neutron-db-sync'] + + $neutron_config = hiera_hash('neutron_config') + $management_vip = hiera('management_vip') + $service_endpoint = hiera('service_endpoint', $management_vip) + $auth_api_version = 'v2.0' + $identity_uri = "http://${service_endpoint}:5000" + $auth_url = "${identity_uri}/${auth_api_version}" + $auth_password = $neutron_config['keystone']['admin_password'] + $auth_user = pick($neutron_config['keystone']['admin_user'], 'neutron') + $auth_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services') + $auth_region = hiera('region', 'RegionOne') + $auth_endpoint_type = 'internalURL' + + exec { 'neutron-db-sync': + command => "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file ${nsxv_config_file} upgrade head", + path => '/usr/bin', + refreshonly => true, + logoutput => on_failure, + provider => 'shell', } - neutron_config { - 'DEFAULT/core_plugin': value => 'vmware_nsx.plugin.NsxVPlugin'; - 'DEFAULT/service_plugins': value => 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPlugin'; - 'service_providers/service_provider': value => 'LOADBALANCER:VMWareEdge:neutron_lbaas.services.loadbalancer.drivers.vmware.edge_driver.EdgeLoadbalancerDriver:default'; - } - Neutron_config<||> ~> Service['neutron-server'] - - if 'primary-controller' in hiera('role') { - Exec['neutron-db-sync'] ~> Service['neutron-server'] - Neutron_config<||> ~> Exec['neutron-db-sync'] - - $neutron_config = hiera_hash('neutron_config') - $management_vip = hiera('management_vip') - $service_endpoint = hiera('service_endpoint', $management_vip) - $auth_api_version = 'v2.0' - $identity_uri = "http://${service_endpoint}:5000" - $auth_url = "${identity_uri}/${auth_api_version}" - $auth_password = $neutron_config['keystone']['admin_password'] - $auth_user = pick($neutron_config['keystone']['admin_user'], 'neutron') - $auth_tenant = pick($neutron_config['keystone']['admin_tenant'], 'services') - $auth_region = hiera('region', 'RegionOne') - $auth_endpoint_type = 'internalURL' - - exec { 'neutron-db-sync': - command => "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file ${nsxv_config_file} upgrade head", - path => '/usr/bin', - refreshonly => true, - logoutput => on_failure, - provider => 'shell', - } - - exec { 'waiting-for-neutron-api': - environment => [ - "OS_TENANT_NAME=${auth_tenant}", - "OS_USERNAME=${auth_user}", - "OS_PASSWORD=${auth_password}", - "OS_AUTH_URL=${auth_url}", - "OS_REGION_NAME=${auth_region}", - "OS_ENDPOINT_TYPE=${auth_endpoint_type}", - ], - path => '/usr/sbin:/usr/bin:/sbin:/bin', - tries => '30', - try_sleep => '4', - command => 'neutron net-list --http-timeout=4 2>&1 > /dev/null', - provider => 'shell', - require => Service['neutron-server'], - } + exec { 'waiting-for-neutron-api': + environment => [ + "OS_TENANT_NAME=${auth_tenant}", + "OS_USERNAME=${auth_user}", + "OS_PASSWORD=${auth_password}", + "OS_AUTH_URL=${auth_url}", + "OS_REGION_NAME=${auth_region}", + "OS_ENDPOINT_TYPE=${auth_endpoint_type}", + ], + path => '/usr/sbin:/usr/bin:/sbin:/bin', + tries => '30', + try_sleep => '4', + command => 'neutron net-list --http-timeout=4 2>&1 > /dev/null', + provider => 'shell', + require => Service['neutron-server'], } } diff --git a/deployment_scripts/puppet/manifests/nsxv-config.pp b/deployment_scripts/puppet/manifests/nsxv-config.pp index 2f2ce5c..6ba9afd 100644 --- a/deployment_scripts/puppet/manifests/nsxv-config.pp +++ b/deployment_scripts/puppet/manifests/nsxv-config.pp @@ -1,9 +1,5 @@ notice('fuel-plugin-nsxv: nsxv-config.pp') -$use_neutron = hiera('use_neutron', false) - -if $use_neutron { - class { '::nsxv': - plugin_name => 'NAME', - } +class { '::nsxv': + plugin_name => 'NAME', } diff --git a/deployment_scripts/puppet/modules/nsxv/files/reconf_neutron_with_new_compute.sh b/deployment_scripts/puppet/modules/nsxv/files/reconf_neutron_with_new_compute.sh new file mode 100644 index 0000000..21f2e96 --- /dev/null +++ b/deployment_scripts/puppet/modules/nsxv/files/reconf_neutron_with_new_compute.sh @@ -0,0 +1,63 @@ +#!/bin/bash -e +pluginConfFile='/etc/neutron/plugin.ini' +lockFile='/tmp/nsxv_lock' + +#check lockFile modified above 5 min ago(task timeout) +if [ -n "$(find `dirname $lockFile` -name `basename $lockFile` -mmin +5)" -o ! -e $lockFile ]; then + #create lock + touch $lockFile + + configuredClusters=$(sed -rn 's/^\s*cluster_moid\s*=\s*([^ ]+)\s*$/\1/p' $pluginConfFile) + + newConfiguredClusters=$(ruby -e " + + require 'hiera' + require 'hiera/util' + require 'rbvmomi' + + plugin_scope='NAME' + + def hiera(key,type=:priority) + hiera = Hiera.new(:config => File.join(Hiera::Util.config_dir, 'hiera.yaml')) + hiera.lookup(key, nil, {}, nil, type) + end + + datacenter_id=hiera(plugin_scope)['nsxv_datacenter_moid'] + vcenter_hash = hiera('vcenter',':hash') + clusters_id=[] + retry_count = 4 + + vcenter_hash['computes'].each do |cluster_settings| + vc_cluster = cluster_settings['vc_cluster'] + vc_host = cluster_settings['vc_host'] + vc_password = cluster_settings['vc_password'] + vc_user = cluster_settings['vc_user'] + + begin + vim = RbVmomi::VIM.connect(host: vc_host, ssl: true, insecure: true, user: vc_user, password: vc_password) + rootFolder = vim.serviceInstance.content.rootFolder + dc = rootFolder.childEntity.grep(RbVmomi::VIM::Datacenter).find { |x| x.to_s == 'Datacenter(\"'+datacenter_id+'\")' } or fail 'Can not search datacenter with id: ' + datacenter_id + cluster = dc.find_compute_resource(vc_cluster) or fail 'Can not search cluster: ' + vc_cluster + cluster_id = cluster.to_s.gsub!(/^[^\"]+\"([^\"]+)\"[^\"]*/, '\1') + clusters_id.push(cluster_id) + rescue + retry_count -= 1 + if retry_count > 0 + sleep 5 + retry + else + raise + end + end + end + + puts clusters_id.sort.join(',')") + + if [ "$configuredClusters" != "$newConfiguredClusters" ]; then + sed --follow-symlinks -ri "s|^\s*cluster_moid.*|cluster_moid = $newConfiguredClusters|" $pluginConfFile + $(which service) neutron-server restart + fi + + #delete lock + rm -f $lockFile +fi diff --git a/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/get_controllers_ip.rb b/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/get_controllers_ip.rb new file mode 100644 index 0000000..316a820 --- /dev/null +++ b/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/get_controllers_ip.rb @@ -0,0 +1,17 @@ +module Puppet::Parser::Functions + newfunction(:get_controllers_ip, :type => :rvalue, :doc => <<-EOS +Return a list of ip nodes with 'primary-controller', 'controller' roles. +The first argument - list of the nodes, ex: + get_controllers_ip(hiera('nodes')) +EOS + ) do |args| + nodes = args[0] + controllers = [] + nodes.each do |node| + if node['role'].include?('controller') or node['role'].include?('primary-controller') + controllers.push(node['internal_address']) + end + end + return controllers + end +end diff --git a/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/get_vcenter_cluster_id.rb b/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/get_vcenter_cluster_id.rb new file mode 100644 index 0000000..35ef916 --- /dev/null +++ b/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/get_vcenter_cluster_id.rb @@ -0,0 +1,44 @@ +require 'rbvmomi' + +module Puppet::Parser::Functions + newfunction(:get_vcenter_cluster_id, :type => :rvalue, :doc => <<-EOS +Return a string of vcenter cluster moref id, clusters names get from hiera +vcenter hash. The first argument - vcenter datacenter moref id, where +search clusters, ex: + get_vcenter_cluster_id('datacenter-126') +EOS + ) do |args| + + datacenter_id=args[0] + vcenter_hash = function_hiera_hash(['vcenter']) + clusters_id=[] + retry_count = 4 + + vcenter_hash['computes'].each do |cluster_settings| + vc_cluster = cluster_settings['vc_cluster'] + vc_host = cluster_settings['vc_host'] + vc_password = cluster_settings['vc_password'] + vc_user = cluster_settings['vc_user'] + + begin + vim = RbVmomi::VIM.connect(host: vc_host, ssl: true, insecure: true, user: vc_user, password: vc_password) + rootFolder = vim.serviceInstance.content.rootFolder + dc = rootFolder.childEntity.grep(RbVmomi::VIM::Datacenter).find { |x| x.to_s == 'Datacenter("'+datacenter_id+'")' } or fail 'Can not search datacenter with id: ' + datacenter_id + cluster = dc.find_compute_resource(vc_cluster) or fail 'Can not search cluster: ' + vc_cluster + cluster_id = cluster.to_s.gsub!(/^[^"]+"([^"]+)"[^"]*/, '\1') + clusters_id.push(cluster_id) + rescue + retry_count -= 1 + if retry_count > 0 + sleep 5 + retry + else + warning('Can not get moRefId for ' + vc_cluster + ' cluster') + raise + end + end + end + + return clusters_id.sort.join(',') + end +end diff --git a/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/hiera_overrides.rb b/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/hiera_overrides.rb index 134815b..d2d0667 100644 --- a/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/hiera_overrides.rb +++ b/deployment_scripts/puppet/modules/nsxv/lib/puppet/parser/functions/hiera_overrides.rb @@ -1,7 +1,12 @@ require 'yaml' module Puppet::Parser::Functions - newfunction(:hiera_overrides) do |args| + newfunction(:hiera_overrides, :doc => <<-EOS +Custom function to override hiera parameters, the first argument - +file name, where write new parameters in yaml format, ex: + hiera_overrides('/etc/hiera/test.yaml') +EOS + ) do |args| filename = args[0] hiera_overrides = {} diff --git a/deployment_scripts/puppet/modules/nsxv/manifests/add_private_key_to_compute.pp b/deployment_scripts/puppet/modules/nsxv/manifests/add_private_key_to_compute.pp new file mode 100644 index 0000000..3448ea4 --- /dev/null +++ b/deployment_scripts/puppet/modules/nsxv/manifests/add_private_key_to_compute.pp @@ -0,0 +1,8 @@ +class nsxv::add_private_key_to_compute { + file { '/root/.ssh/compute_vmware_key': + ensure => file, + mode => '0600', + source => "puppet:///modules/${module_name}/compute_vmware_key", + replace => true, + } +} diff --git a/deployment_scripts/puppet/modules/nsxv/manifests/add_public_key_to_controller.pp b/deployment_scripts/puppet/modules/nsxv/manifests/add_public_key_to_controller.pp new file mode 100644 index 0000000..b983f99 --- /dev/null +++ b/deployment_scripts/puppet/modules/nsxv/manifests/add_public_key_to_controller.pp @@ -0,0 +1,20 @@ +class nsxv::add_public_key_to_controller { + $script_path = '/usr/local/sbin/reconf_neutron_with_new_compute.sh' + $script_name = basename($script_path) + $ssh_key = file("${module_name}/compute_vmware_key.pub") + + file_line { 'add_private_key': + ensure => present, + path => '/root/.ssh/authorized_keys', + line => "command=\"${script_path}\",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ${ssh_key}", + match => "^command=\"${script_path}\"", + replace => true, + } + + file { $script_path: + ensure => file, + mode => '0755', + source => "puppet:///modules/${module_name}/${script_name}", + replace => true, + } +} diff --git a/deployment_scripts/puppet/modules/nsxv/manifests/init.pp b/deployment_scripts/puppet/modules/nsxv/manifests/init.pp index 093aaea..1d1bea7 100644 --- a/deployment_scripts/puppet/modules/nsxv/manifests/init.pp +++ b/deployment_scripts/puppet/modules/nsxv/manifests/init.pp @@ -14,6 +14,7 @@ class nsxv ( $nova_metadata_port = '8775' $metadata_shared_secret = $neutron_config['metadata']['metadata_proxy_shared_secret'] $nsxv_config_dirs = [ '/etc/neutron', '/etc/neutron/plugins', '/etc/neutron/plugins/vmware' ] + $cluster_moid = get_vcenter_cluster_id($settings['nsxv_datacenter_moid']) if ! $settings['nsxv_insecure'] { $ca_certificate_content = $settings['nsxv_ca_file']['content'] diff --git a/deployment_scripts/puppet/modules/nsxv/templates/nsx.ini.erb b/deployment_scripts/puppet/modules/nsxv/templates/nsx.ini.erb index 3742757..39fe706 100644 --- a/deployment_scripts/puppet/modules/nsxv/templates/nsx.ini.erb +++ b/deployment_scripts/puppet/modules/nsxv/templates/nsx.ini.erb @@ -24,7 +24,7 @@ password = <%= settings['nsxv_password'] %> datacenter_moid = <%= settings['nsxv_datacenter_moid'] %> # (Required) Cluster IDs for clusters containing OpenStack hosts, comma separated -cluster_moid = <%= settings['nsxv_cluster_moid'] %> +cluster_moid = <%= scope.lookupvar('cluster_moid') %> # (Optional) Resource pool ID for NSX Edge deployment resource_pool_id = <%= settings['nsxv_resource_pool_id'] %> diff --git a/deployment_tasks.yaml b/deployment_tasks.yaml index 93f5cc0..2df9bdc 100644 --- a/deployment_tasks.yaml +++ b/deployment_tasks.yaml @@ -7,6 +7,15 @@ puppet_manifest: puppet/manifests/hiera-override.pp puppet_modules: puppet/modules:/etc/puppet/modules timeout: 120 +- id: gem-install + type: puppet + groups: [primary-controller,controller] + required_for: [nsxv-install] + requires: [globals] + parameters: + puppet_manifest: puppet/manifests/gem-install.pp + puppet_modules: puppet/modules + timeout: 300 - id: compute-vmware-nova-config type: puppet groups: [compute-vmware] diff --git a/doc/user/image/nsxv-settings-filled.png b/doc/user/image/nsxv-settings-filled.png index 7a10b1b..9af73c0 100644 Binary files a/doc/user/image/nsxv-settings-filled.png and b/doc/user/image/nsxv-settings-filled.png differ diff --git a/doc/user/source/configuration.rst b/doc/user/source/configuration.rst index 9dcdfb3..48818e5 100644 --- a/doc/user/source/configuration.rst +++ b/doc/user/source/configuration.rst @@ -26,15 +26,11 @@ Plugin contains the following settings: #. Datacenter MoRef ID -- ID of Datacenter where NSX Edge nodes will be deployed. -#. Cluster MoRef IDs for OpenStack VMs -- list of comma separated IDs of - cluster where OpenStack VM instances will be launched. You must obtain IDs - for clusters that you specified on VMware tab. - #. Resource pool MoRef ID -- resource pool for NSX Edge nodes deployment. #. Datastore MoRef ID -- datastore for NSX Edge nodes. -#. External portgroup -- portgroup through which NSX Edge nodes get +#. External portgroup MoRef ID -- portgroup through which NSX Edge nodes get connectivity with physical network #. Transport zone MoRef ID -- transport zone for VXLAN logical networks. @@ -102,6 +98,22 @@ Plugin contains the following settings: #. Management network default gateway -- management network gateway for metadata proxy service. + Plugin automatically create tenant, provider networks and + router connected to these networks. + +#. Floating IP ranges -- dash separated IP addresses allocation pool from + external network, e.g. "start_ip_address-end_ip_address". + +#. External network CIDR -- network in CIDR notation that includes floating IP ranges. + +#. Gateway -- default gateway for external network, if not defined, first IP address + of the network is used. + +#. Internal network CIDR -- network in CIDR notation for use as internal. + +#. DNS for internal network -- comma separated IP addresses of DNS server for + internal network. + If you tick *Additional settings* checkbox following options will become available for configuration: diff --git a/environment_config.yaml b/environment_config.yaml index 4a82a3c..bfac7a6 100644 --- a/environment_config.yaml +++ b/environment_config.yaml @@ -40,15 +40,6 @@ attributes: regex: source: '^[a-z]+-[a-z0-9]+$' error: 'Invalid datacenter MoRef ID' - nsxv_cluster_moid: - value: '' - label: 'Cluster MoRef IDs for OpenStack VMs' - description: 'Comma separated cluster MoRef IDs for OpenStack VMs, e.g. domain-c133,domain-c134' - weight: 40 - type: 'text' - regex: - source: '^(?:[a-z]+-[a-z0-9]+)(?:,[a-z]+-[a-z0-9]+)*' - error: 'Invalid cluster MoRef IDs' nsxv_resource_pool_id: value: '' label: 'Resource pool MoRef ID' @@ -160,7 +151,7 @@ attributes: nsxv_floating_net_cidr: value: '' label: 'External network CIDR' - description: 'Network in CIDR notation includes floating IP ranges' + description: 'Network in CIDR notation that includes floating IP ranges' weight: 115 type: 'text' regex: @@ -169,7 +160,7 @@ attributes: nsxv_floating_net_gw: value: '' label: 'Gateway' - description: 'Default gateway for external network, if not defined use first IP of the network address' + description: 'Default gateway for external network, if not defined, first IP address of the network is used' weight: 120 type: 'text' nsxv_internal_net_cidr: diff --git a/post_install.sh b/post_install.sh new file mode 100644 index 0000000..56be3bd --- /dev/null +++ b/post_install.sh @@ -0,0 +1,7 @@ +keyFile='/var/www/nailgun/plugins/%{name}/deployment_scripts/puppet/modules/nsxv/files/compute_vmware_key' +if [ -f $keyFile ]; then + echo " Ssh key file exists, skip generation" +else + echo -n " Ssh key file for nsxv plugin not found, " + ssh-keygen -t rsa -b 2048 -N "" -f $keyFile +fi diff --git a/pre_build_hook b/pre_build_hook index 35708c3..04893e8 100755 --- a/pre_build_hook +++ b/pre_build_hook @@ -11,3 +11,4 @@ version=$(sed -rn 's/^version:\s*([0-9.])/\1/p' $ROOT/metadata.yaml) name=$(sed -rn 's/^name:\s*(.*)/\1/p' $ROOT/metadata.yaml) sed -i "s/'NAME'/'$name'/" $ROOT/deployment_scripts/puppet/manifests/*.pp +sed -i "s/'NAME'/'$name'/" $ROOT/deployment_scripts/puppet/modules/nsxv/files/reconf_neutron_with_new_compute.sh diff --git a/repositories/ubuntu/ruby-rbvmomi_1.8.2-1_all.deb b/repositories/ubuntu/ruby-rbvmomi_1.8.2-1_all.deb new file mode 100644 index 0000000..2f7e15d Binary files /dev/null and b/repositories/ubuntu/ruby-rbvmomi_1.8.2-1_all.deb differ diff --git a/tasks.yaml b/tasks.yaml new file mode 100644 index 0000000..910b852 --- /dev/null +++ b/tasks.yaml @@ -0,0 +1,21 @@ +- role: ['primary-controller', 'controller'] + stage: post_deployment/6010 + type: puppet + parameters: + puppet_manifest: puppet/manifests/add-public-key-to-controller.pp + puppet_modules: puppet/modules:/etc/puppet/modules + timeout: 120 +- role: ['compute-vmware'] + stage: post_deployment/6010 + type: puppet + parameters: + puppet_manifest: puppet/manifests/add-private-key-to-compute.pp + puppet_modules: puppet/modules + timeout: 120 +- role: ['compute-vmware'] + stage: post_deployment/6020 + type: puppet + parameters: + puppet_manifest: puppet/manifests/neutron-reconf-add-compute.pp + puppet_modules: puppet/modules + timeout: 300