Add Ironic multitenancy support

This patch removes hardcoded type for 'baremetal' Neutron network.
Update ironic conductor config with new config option:
  * enabled_network_interfaces - list of enabled network interfaces on
    Ironic conductor
  * cleaning_network_name - name of Neutron network to be used
    during node cleaning
  * provisioning_network_name - name of Neutron network to be used
    during node provisioning

Add openrc generation task for nodes with ironic role, needed as it is
required for translation from name to uuid.

Change-Id: I63da8332cade0e76bdd687f0522bbc4c3006a68f
Related-Bug: #1588380
This commit is contained in:
Vasyl Saienko 2017-03-13 15:41:09 +02:00
parent 9b13f574ea
commit ee596db56e
7 changed files with 46 additions and 14 deletions

View File

@ -37,7 +37,7 @@
- id: keystone-openrc-generate
type: puppet
version: 2.2.0
tags: [primary-controller, controller, primary-neutron, neutron]
tags: [primary-controller, controller, primary-neutron, neutron, ironic]
requires: [openrc-delete, primary-keystone, keystone]
cross-depends:
- name: openrc-delete

View File

@ -148,10 +148,10 @@
- id: ironic-conductor
type: puppet
version: 2.1.0
version: 2.2.0
groups: [ironic]
required_for: [deploy_end]
requires: [hosts, firewall]
requires: [hosts, firewall, keystone-openrc-generate]
condition:
yaql_exp: >
$.ironic.enabled and changedAny($.network_scheme, $.ironic,
@ -167,6 +167,8 @@
- name: ironic-api
- name: ironic-db
- name: /^(primary-)?rabbitmq$/
- name: openstack-network-networks
role: ["/^(primary-)?neutron$/"]
parameters:
puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/roles/ironic-conductor.pp
puppet_modules: /etc/puppet/modules

View File

@ -88,10 +88,18 @@ class openstack_tasks::openstack_network::networks {
$baremetal_router_external = dig44($nets, ['baremetal', 'L2', 'router_ext'])
$baremetal_shared = dig44($nets, ['baremetal', 'shared'], false)
$ironic_settings_hash = hiera_hash('ironic_settings', {})
$ironic_provision_network = dig44($ironic_settings_hash, ['ironic_provision_network'], false)
if $ironic_provision_network {
$baremetal_provider_network_type = 'vlan'
} else {
$baremetal_provider_network_type = 'flat'
}
neutron_network { 'baremetal' :
ensure => 'present',
provider_physical_network => $baremetal_physnet,
provider_network_type => 'flat',
provider_network_type => $baremetal_provider_network_type,
provider_segmentation_id => $baremetal_segment_id,
router_external => $baremetal_router_external,
tenant_name => $tenant_name,

View File

@ -107,9 +107,16 @@ class openstack_tasks::roles::ironic_conductor {
class { '::ironic::client': }
class { '::ironic::conductor':
api_url => "http://${baremetal_vip}:6385",
enabled_drivers => ['fuel_ssh', 'fuel_ipmitool', 'fake', 'fuel_libvirt'],
swift_temp_url_key => $ironic_swift_tempurl_key,
api_url => "http://${baremetal_vip}:6385",
enabled_drivers => ['fuel_ssh', 'fuel_ipmitool', 'fake', 'fuel_libvirt'],
swift_temp_url_key => $ironic_swift_tempurl_key,
cleaning_network_name => 'baremetal',
provisioning_network_name => 'baremetal',
}
class { '::ironic::drivers::interfaces':
enabled_network_interfaces => ['noop', 'flat', 'neutron']
}
class { '::ironic::drivers::pxe':

View File

@ -2,7 +2,7 @@
type: puppet
version: 2.2.0
tags: [primary-controller, controller, compute, cinder, primary-mongo, mongo, ceph-osd, virt,
primary-keystone, keystone]
primary-keystone, keystone, ironic]
requires: [firewall]
condition:
yaql_exp: >
@ -22,7 +22,7 @@
type: puppet
version: 2.2.0
tags: [primary-controller, controller, compute, cinder, primary-mongo, mongo, ceph-osd, virt,
primary-keystone, keystone]
primary-keystone, keystone, ironic]
requires: [firewall, ssl-keys-saving]
condition:
yaql_exp: &public_ssl_enabled >
@ -42,7 +42,7 @@
version: 2.1.0
groups: [primary-controller, controller, compute, cinder, primary-mongo, mongo, ceph-osd, virt,
primary-rabbitmq, rabbitmq, primary-database, database,
primary-keystone, keystone, primary-neutron, neutron]
primary-keystone, keystone, primary-neutron, neutron, ironic]
requires: [firewall, ssl-add-trust-chain]
condition:
yaql_exp: *public_ssl_enabled

View File

@ -91,11 +91,18 @@ describe manifest do
end
context 'Ironic baremetal network', :if => nets.has_key?('baremetal') do
let(:baremetal_provider_network_type) do
if Noop.hiera_structure('ironic_settings/ironic_provision_network', false)
'vlan'
else
'flat'
end
end
it 'should create baremetal network' do
should contain_neutron_network('baremetal').with(
should contain_neutron_network('baremetal').with(
'ensure' => 'present',
'provider_physical_network' => nets['baremetal']['L2']['physnet'],
'provider_network_type' => 'flat',
'provider_network_type' => baremetal_provider_network_type,
'provider_segmentation_id' => nets['baremetal']['L2']['segment_id'],
'router_external' => nets['baremetal']['L2']['router_ext'],
'shared' => nets['baremetal']['shared'],

View File

@ -38,11 +38,19 @@ describe manifest do
it 'should declare ironic::conductor class correctly' do
should contain_class('ironic::conductor').with(
'api_url' => "http://#{baremetal_vip}:6385",
'enabled_drivers' => ['fuel_ssh', 'fuel_ipmitool', 'fake', 'fuel_libvirt'],
'api_url' => "http://#{baremetal_vip}:6385",
'enabled_drivers' => ['fuel_ssh', 'fuel_ipmitool', 'fake', 'fuel_libvirt'],
'cleaning_network_name' => "baremetal",
'provisioning_network_name' => "baremetal",
)
end
it 'should declare ironic::drivers:interfaces correctly' do
should contain_class('ironic::drivers::interfaces').with(
'enabled_network_interfaces' => ['noop', 'flat', 'neutron']
)
end
it 'should configure the database connection string' do
if facts[:os_package_type] == 'debian'
extra_params = '?charset=utf8&read_timeout=60'