x/fuel-plugin-opendaylight
Code Issues Proposed changes

Put Dlux Web Ui and restconf api behind haproxy

Browse Source 
Although it is not possible to make a cluster of OpenDaylight
controllers in Helium release, we can make services like Dlux and apidoc
explorer become accessible on public vip address.

Change-Id: Id51bdb2f5ebe881155a6432f22d188a364f11177
This commit is contained in:
Michal Skalski 2015-06-30 16:40:26 +02:00
parent f9c59a9c00
commit 3f9e86d9ac
12 changed files with 291 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
deployment_scripts/puppet/manifests/ml2-configuration.pp
View File

@ -1,6 +1,6 @@
include opendaylight
$address = $opendaylight::rest_api_address
$address = hiera('management_vip')
$port = $opendaylight::rest_api_port
$vni_start = $opendaylight::odl_settings['vni_range_start']
$vni_end = $opendaylight::odl_settings['vni_range_end']

3
deployment_scripts/puppet/manifests/odl-service.pp
View File

@ -2,5 +2,6 @@ include opendaylight
include firewall
class { 'opendaylight::service':
port => $opendaylight::rest_api_port,
tomcat_port => $opendaylight::rest_api_port,
bind_address => $opendaylight::node_internal_address
}

2
deployment_scripts/puppet/manifests/recreate-ovs.pp
View File

@ -20,7 +20,7 @@ exec { 'remove-ovs-db':
path => '/bin:/usr/sbin:/usr/bin',
}
exec { 'ovs-set-manager':
command => "ovs-vsctl set-manager tcp:${opendaylight::rest_api_address}:6640",
command => "ovs-vsctl set-manager tcp:${opendaylight::manager_ip_address}:6640",
path => '/usr/bin'
}

18
deployment_scripts/puppet/manifests/start-neutron.pp
View File

@ -32,16 +32,22 @@ service { 'neutron-server':
if $primary_controller {
exec {'refresh-dhcp-agent':
command => 'crm resource restart p_neutron-dhcp-agent',
path => '/usr/bin:/usr/sbin',
command => 'crm resource restart p_neutron-dhcp-agent',
path => '/usr/bin:/usr/sbin',
tries => 3,
try_sleep => 10,
} ->
exec {'refresh-metadata-agent':
command => 'crm resource restart p_neutron-metadata-agent',
path => '/usr/bin:/usr/sbin',
command => 'crm resource restart p_neutron-metadata-agent',
path => '/usr/bin:/usr/sbin',
tries => 3,
try_sleep => 10,
} ->
exec {'refresh-l3-agent':
command => 'crm resource restart p_neutron-l3-agent',
path => '/usr/bin:/usr/sbin',
command => 'crm resource restart p_neutron-l3-agent',
path => '/usr/bin:/usr/sbin',
tries => 3,
try_sleep => 10,
} ->
openstack::network::create_network{'net04':
netdata => $vm_net,

81
deployment_scripts/puppet/modules/opendaylight/manifests/ha/haproxy.pp Normal file
View File

@ -0,0 +1,81 @@
#
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
class opendaylight::ha::haproxy {
Haproxy::Service { use_include => true }
Haproxy::Balancermember { use_include => true }
$public_vip = hiera('public_vip')
$management_vip = hiera('management_vip')
$nodes_hash = hiera('nodes')
$primary_controller_nodes = filter_nodes($nodes_hash,'role','primary-controller')
$controllers = concat($primary_controller_nodes, filter_nodes($nodes_hash,'role','controller'))
Opendaylight::Ha::Haproxy_service {
server_names => filter_hash($controllers, 'name'),
ipaddresses => filter_hash($controllers, 'internal_address'),
public_virtual_ip => $public_vip,
internal_virtual_ip => $management_vip,
}
opendaylight::ha::haproxy_service { 'odl-jetty':
public => true,
order => '216',
listen_port => '8181',
balancermember_port => '8181',
haproxy_config_options => {
'option' => ['httpchk /dlux/index.html', 'httplog'],
'timeout client' => '3h',
'timeout server' => '3h',
'balance' => 'source',
'mode' => 'http'
},
balancermember_options => 'check inter 5000 rise 2 fall 3',
}
opendaylight::ha::haproxy_service { 'odl-tomcat':
public => true,
order => '215',
listen_port => $opendaylight::rest_api_port,
balancermember_port => $opendaylight::rest_api_port,
haproxy_config_options => {
'option' => ['httpchk /apidoc/explorer', 'httplog'],
'timeout client' => '3h',
'timeout server' => '3h',
'balance' => 'source',
'mode' => 'http'
},
balancermember_options => 'check inter 5000 rise 2 fall 3',
}
exec { 'haproxy reload':
command => 'export OCF_ROOT="/usr/lib/ocf"; (ip netns list | grep haproxy) && ip netns exec haproxy /usr/lib/ocf/resource.d/fuel/ns_haproxy reload',
path => '/usr/bin:/usr/sbin:/bin:/sbin',
logoutput => true,
provider => 'shell',
tries => 10,
try_sleep => 10,
returns => [0, ''],
}
Haproxy::Listen <||> -> Exec['haproxy reload']
Haproxy::Balancermember <||> -> Exec['haproxy reload']
}

78
deployment_scripts/puppet/modules/opendaylight/manifests/ha/haproxy_service.pp Normal file
View File

@ -0,0 +1,78 @@
#
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Register a service with HAProxy
define opendaylight::ha::haproxy_service (
$order,
$server_names,
$ipaddresses,
$listen_port,
$public_virtual_ip,
$internal_virtual_ip,
$mode = undef,
$haproxy_config_options = { 'option' => ['httplog'], 'balance' => 'roundrobin' },
$balancermember_options = 'check',
$balancermember_port = $listen_port,
$define_cookies = false,
# use active-passive failover, mark all backends except the first one
# as backups
$define_backups = false,
# by default, listen only on internal VIP
$public = false,
$internal = true,
# if defined, restart this service before registering it with HAProxy
$require_service = undef,
# if true, configure this service before starting the haproxy service;
# HAProxy will refuse to start with no listening services defined
$before_start = false,
) {
if $public and $internal {
$virtual_ips = [$public_virtual_ip, $internal_virtual_ip]
} elsif $internal {
$virtual_ips = [$internal_virtual_ip]
} elsif $public {
$virtual_ips = [$public_virtual_ip]
}
haproxy::listen { $name:
order => $order,
ipaddress => $virtual_ips,
ports => $listen_port,
options => $haproxy_config_options,
mode => $mode,
}
haproxy::balancermember { $name:
order => $order,
listening_service => $name,
server_names => $server_names,
ipaddresses => $ipaddresses,
ports => $balancermember_port,
options => $balancermember_options,
define_cookies => $define_cookies,
define_backups => $define_backups,
}
if $require_service {
Service[$require_service] -> Haproxy::Listen[$name]
Service[$require_service] -> Haproxy::Balancermember[$name]
}
}

4
deployment_scripts/puppet/modules/opendaylight/manifests/init.pp
View File

@ -5,7 +5,7 @@ class opendaylight {
$node = filter_nodes($nodes_hash,'name',$::hostname)
$rest_api_port = $odl_settings['rest_api_port']
$segmentation_type = $odl_settings['segmentation_type']
$rest_api_address = $primary_controller_hash[0]['internal_address']
$manager_ip_address = $primary_controller_hash[0]['internal_address']
$node_private_address = $node[0]['private_address']
$node_internal_address = $node[0]['internal_address']
}

21
deployment_scripts/puppet/modules/opendaylight/manifests/service.pp
View File

@ -1,5 +1,6 @@
class opendaylight::service (
$port = 8282,
$tomcat_port = 8282,
$bind_address = undef
) {
$role = hiera('role')
@ -15,15 +16,23 @@ class opendaylight::service (
service { 'opendaylight' :
ensure => running,
enable => true,
require => File['/opt/opendaylight/configuration/tomcat-server.xml'],
require => File[
'/opt/opendaylight/configuration/tomcat-server.xml',
'/opt/opendaylight/etc/jetty.xml'],
}
debug("Set odl rest api port to ${port}")
debug("Set odl rest api port to ${tomcat_port}")
file { '/opt/opendaylight/configuration/tomcat-server.xml':
ensure => file,
owner => 'odl',
content => template('opendaylight/tomcat-server.erb')
content => template('opendaylight/tomcat-server.xml.erb')
}
file { '/opt/opendaylight/etc/jetty.xml':
ensure => file,
owner => 'odl',
content => template('opendaylight/jetty.xml.erb')
}
exec { 'wait-until-odl-ready':
@ -35,6 +44,10 @@ class opendaylight::service (
}
}
if ($role == 'primary-controller') or ($role == 'controller') {
include opendaylight::ha::haproxy
}
if $opendaylight::odl_settings['use_vxlan'] {
firewall {'216 vxlan':
port => [4789],

88
deployment_scripts/puppet/modules/opendaylight/templates/jetty.xml.erb Normal file
View File

@ -0,0 +1,88 @@
<?xml version="1.0"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//
DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd">
<Configure class="org.eclipse.jetty.server.Server">
<!-- =========================================================== -->
<!-- Set connectors -->
<!-- =========================================================== -->
<!-- One of each type! -->
<!-- =========================================================== -->
<!-- Use this connector for many frequently idle connections and for
threadless continuations. -->
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
<Set name="host">
<Property name="jetty.host" <% if @bind_address %> default="<%= @bind_address %>" <% end %> />
</Set>
<Set name="port">
<Property name="jetty.port" default="8181" />
</Set>
<Set name="maxIdleTime">300000</Set>
<Set name="Acceptors">2</Set>
<Set name="statsOn">false</Set>
<Set name="confidentialPort">8443</Set>
<Set name="lowResourcesConnections">20000</Set>
<Set name="lowResourcesMaxIdleTime">5000</Set>
</New>
</Arg>
</Call>
<!-- =========================================================== -->
<!-- Configure Authentication Realms -->
<!-- Realms may be configured for the entire server here, or -->
<!-- they can be configured for a specific web app in a context -->
<!-- configuration (see $(jetty.home)/contexts/test.xml for an -->
<!-- example). -->
<!-- =========================================================== -->
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<Set name="name">karaf</Set>
<Set name="loginModuleName">karaf</Set>
<Set name="roleClassNames">
<Array type="java.lang.String">
<Item>org.apache.karaf.jaas.boot.principal.RolePrincipal
</Item>
</Array>
</Set>
</New>
</Arg>
</Call>
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
<Set name="name">default</Set>
<Set name="loginModuleName">karaf</Set>
<Set name="roleClassNames">
<Array type="java.lang.String">
<Item>org.apache.karaf.jaas.boot.principal.RolePrincipal
</Item>
</Array>
</Set>
</New>
</Arg>
</Call>
</Configure>

3
deployment_scripts/puppet/modules/opendaylight/templates/tomcat-server.erb → deployment_scripts/puppet/modules/opendaylight/templates/tomcat-server.xml.erb
View File

@ -37,7 +37,8 @@
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="<%= @port %>" protocol="HTTP/1.1"
<Connector port="<%= @tomcat_port %>" protocol="HTTP/1.1"
address="<%= @bind_address %>"
connectionTimeout="20000"
redirectPort="8443" />

9
metadata.yaml
View File

@ -3,9 +3,12 @@ name: opendaylight
# Human-readable name for your plugin
title: OpenDaylight Helium plugin
# Plugin version
version: '0.5.0'
version: '0.5.1'
# Description
description: This plugin provides OpenDaylight as a backend for neutron.
description: 'This plugin provides OpenDaylight as a backend for neutron.
Use the same IP address as for OpenStack Horizon and port 8181 to reach dlux web ui and apidoc explorer.
DLUX: http://horizon_ip:8181/dlux/index.html,
APIDOC: http://horizon_ip:8181/apidoc/explorer/index.html'
# Required fuel version
fuel_version: ['6.1']
# Specify license of your plugin
@ -13,7 +16,7 @@ licenses: ['Apache License Version 2.0']
# Specify author or company name
authors: ['Michal Skalski, Mirantis']
# A link to the plugin's page
homepage: 'https://github.com/stackforge/fuel-plugins'
homepage: 'https://github.com/stackforge/fuel-plugin-opendaylight'
# Specify a group which your plugin implements, possible options:
# network, storage, storage::cinder, storage::glance, hypervisor
groups: ['network']

2
tasks.yaml
View File

@ -76,4 +76,4 @@
parameters:
puppet_manifest: puppet/manifests/start-neutron.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 180
timeout: 210