Initial plugin checkin
This checks in the astara plugin in its current state. It currently supports deploying into MOS 8.0/liberty only. Change-Id: Ibe7ca298c4adcdd237202b520271100231b2a1d2
This commit is contained in:
parent
cf3b401848
commit
a7614c8593
|
@ -0,0 +1,2 @@
|
|||
Adam Gandelman <adamg@ubuntu.com>
|
||||
Eric Lopez <eric.lopez@akanda.io>
|
|
@ -0,0 +1,27 @@
|
|||
Create Manually Installed Astara Fuel 8.0 Plugin on Ubuntu Trusty 14.04
|
||||
=======================================================================
|
||||
|
||||
``https://wiki.openstack.org/wiki/Fuel/Plugins#Preparing_an_environment_for_plugin_development``
|
||||
|
||||
sudo apt-get install createrepo rpm dpkg-dev
|
||||
easy_install pip
|
||||
pip install fuel-plugin-builder
|
||||
git clone https://github.com/stackforge/fuel-plugins.git
|
||||
cd fuel-plugins/fuel_plugin_builder/
|
||||
sudo python setup.py develop
|
||||
|
||||
``https://wiki.openstack.org/wiki/Fuel/Plugins#Using_Fuel_Plugin_Builder_tool``
|
||||
|
||||
fpb --create fuel-plugin-astara
|
||||
fpb --build fuel-plugin-astara
|
||||
|
||||
|
||||
Debug UI
|
||||
--------
|
||||
|
||||
blah blah
|
||||
|
||||
Debug Deployment
|
||||
----------------
|
||||
|
||||
blah blah
|
|
@ -0,0 +1,202 @@
|
|||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "{}"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright {yyyy} {name of copyright owner}
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
|
|
@ -0,0 +1,135 @@
|
|||
Astara plugin for Mirantis Fuel
|
||||
===============================
|
||||
|
||||
Astara is a network orchestration service designed for provisioning Neutron
|
||||
managed virtual network functions in an OpenStack deployment.
|
||||
|
||||
Limitations:
|
||||
------------
|
||||
Currently this plugin is not compatible with the following features:
|
||||
|
||||
- Neutron DVR
|
||||
- FWaaS
|
||||
- LBaaSv1
|
||||
- other SDN solutions
|
||||
|
||||
|
||||
Compatible versions:
|
||||
--------------------
|
||||
|
||||
- Mirantis Fuel 8.0
|
||||
- Akanda Astara 8.0
|
||||
|
||||
To obtain the plugin:
|
||||
---------------------
|
||||
|
||||
The Astara plugin can be downloaded from the [Fuel Plugin Catalog](
|
||||
https://www.mirantis.com/products/openstack-drivers-and-plugins/fuel-plugins/).
|
||||
|
||||
|
||||
To install the plugin:
|
||||
----------------------
|
||||
|
||||
- Prepare a clean fuel master node.
|
||||
|
||||
- Copy the plugin onto the fuel master node:
|
||||
|
||||
scp astara-fuel-plugin-1.0-1.0.0-0.noarch.rpm root@<Fuel_Master_Node_IP>:/tmp
|
||||
|
||||
- Install the plugin on the fuel master node:
|
||||
|
||||
cd /tmp
|
||||
|
||||
fuel plugins --install astara-fuel-plugin-1.0-1.0.0-0.noarch.rpm
|
||||
|
||||
- Check the plugin was installed:
|
||||
|
||||
fuel plugins --list
|
||||
|
||||
|
||||
User Guide
|
||||
----------
|
||||
|
||||
To deploy a cluster with the Astara plugin, use the Fuel web UI to deploy an
|
||||
OpenStack cluster in the usual way, with the following guidelines:
|
||||
|
||||
- Create a new OpenStack environment, selecting:
|
||||
|
||||
Liberty on Ubuntu Trusty
|
||||
|
||||
"Neutron with VLAN segmentation" or "Neutron with tunneling segmentation" as the networking setup
|
||||
|
||||
- Under the network tab, configure the 'Network' settings for your environment. For example (exact values will
|
||||
depend on your setup):
|
||||
|
||||
Public (External):
|
||||
|
||||
- IP Range: 172.16.0.2 - 172.16.0.126
|
||||
- CIDR: 172.16.0.0/24
|
||||
- Use VLAN tagging: No
|
||||
- Gateway: 172.16.0.1
|
||||
- Floating IP range: 172.16.0.130 - 172.16.0.254
|
||||
|
||||
|
||||
Management (Management):
|
||||
|
||||
- Under the settings tab, make sure the following options are checked:
|
||||
|
||||
"Use Astara Network Orchestrator"
|
||||
|
||||
- Under the setting tab, configure Astara Management Service Port, API Port, and Management IPv6 prefix
|
||||
|
||||
- Astara Management IPv6 Prefix
|
||||
- Astara Management Service Port
|
||||
- Astara API Service Port
|
||||
|
||||
- Add nodes
|
||||
|
||||
- Deploy changes
|
||||
|
||||
|
||||
Deployment details
|
||||
------------------
|
||||
Deployment of Openstack using Astara Network Orchestrator does the following:
|
||||
|
||||
- Configures Nova:
|
||||
|
||||
Enable Metadata Service
|
||||
|
||||
Enable IPv6
|
||||
|
||||
Enables Nova to attach external networks to an VM Instance
|
||||
|
||||
- Configures Neutron:
|
||||
|
||||
Disables Metadata Agent, L3 Agent, and DHCP Agent
|
||||
|
||||
Enables Astara API extensions
|
||||
|
||||
Enables Astara service plugin
|
||||
|
||||
Enables Astara core plugin
|
||||
|
||||
- Uploads Astara Router Service VM into Openstack Image Service (glance)
|
||||
|
||||
- Configure Horizon:
|
||||
|
||||
Enable Astara dashboard extensions
|
||||
|
||||
Configure Astara management service details
|
||||
|
||||
- Create Public and Management Networks for Openstack deployment
|
||||
|
||||
|
||||
Known issues
|
||||
------------
|
||||
|
||||
None.
|
||||
|
||||
Release Notes
|
||||
-------------
|
||||
|
||||
**1.0.0**
|
||||
|
||||
* Initial release of the plugin
|
||||
|
|
@ -0,0 +1,29 @@
|
|||
# This file contains wizard components descriptions that are pretty similar to
|
||||
# the `environment_config.yaml`.
|
||||
# Please, take a look at following link for the details:
|
||||
# - https://blueprints.launchpad.net/fuel/+spec/component-registry
|
||||
# - https://specs.openstack.org/openstack/fuel-specs/specs/8.0/component-registry.html
|
||||
|
||||
- name: 'additional_service:astara'
|
||||
label: "Install Astara (Openstack Network Orchestrator)"
|
||||
description: "If selected, Astara's Network Orchestrator will be installed. Astara
|
||||
is a production grade L3-L7 Network Service Platform for Neutron"
|
||||
bind: !!pairs
|
||||
- "cluster:net_provider": "neutron"
|
||||
requires:
|
||||
- name: 'network:neutron:core:ml2'
|
||||
compatible:
|
||||
- name: 'hypervisor:libvirt:*'
|
||||
- name: 'hypervisor:kvm'
|
||||
- name: 'hypervisor:qemu'
|
||||
- name: 'network:neutron:vlan'
|
||||
- name: 'network:neutron:tun'
|
||||
- name: "storage:block:lvm"
|
||||
- name: "storage:image:ceph"
|
||||
- name: "storage:object:ceph"
|
||||
- name: "additional_service:ceilometer"
|
||||
- name: "storage:block:ceph"
|
||||
- name: "storage:ephemeral:ceph"
|
||||
incompatible:
|
||||
- name: 'hypervisor:vmware'
|
||||
description: 'Astara is not compatible with VMware vSphere'
|
|
@ -0,0 +1,5 @@
|
|||
notice('MODULE: astara-neutron install')
|
||||
|
||||
include astara
|
||||
|
||||
class { 'astara::astara_neutron::install': }
|
|
@ -0,0 +1,123 @@
|
|||
notice('MODULAR: astara config')
|
||||
|
||||
$astara_settings = hiera('fuel-plugin-astara')
|
||||
|
||||
# pass through fuel plugin config
|
||||
astara_config {
|
||||
'DEFAULT/astara_api_port': value => $astara_settings['astara_api_port'];
|
||||
'DEFAULT/astara_mgt_service_port': value => $astara_settings['astra_mgmt_service_port'];
|
||||
'DEFAULT/management_prefix': value => $astara_settings['astra_mgmt_ipv6_prefix'];
|
||||
}
|
||||
|
||||
# piece together authtoken config from hiera, using neutron's service creds.
|
||||
$neutron_settings = hiera('quantum_settings')
|
||||
$neutron_keystone_settings = $neutron_settings['keystone']
|
||||
$keystone_settings = hiera_hash('keystone', {})
|
||||
$service_endpoint = hiera('service_endpoint')
|
||||
$management_vip = hiera('management_vip')
|
||||
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
$internal_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
|
||||
$internal_address = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$service_endpoint, $management_vip])
|
||||
$internal_port = '5000'
|
||||
|
||||
$public_url = "${public_protocol}://${public_address}:${public_port}"
|
||||
$admin_url = "${admin_protocol}://${admin_address}:${admin_port}"
|
||||
$internal_url = "${internal_protocol}://${internal_address}:${internal_port}"
|
||||
|
||||
$admin_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
|
||||
|
||||
$auth_suffix = pick($keystone_settings['auth_suffix'], '/')
|
||||
$auth_url = "${internal_url}${auth_suffix}"
|
||||
|
||||
# XXX need to replace with zookeeper
|
||||
$memcache_addresses = hiera('memcached_addresses')
|
||||
$memcache_address = $memcache_addresses[0]
|
||||
|
||||
$region = hiera('region', 'RegionOne')
|
||||
|
||||
# setup keystone authtoken middleware
|
||||
astara_config {
|
||||
'keystone_authtoken/auth_plugin': value => 'password';
|
||||
'DEFAULT/auth_url': value => $auth_url;
|
||||
'keystone_authtoken/auth_uri': value => $auth_url;
|
||||
'keystone_authtoken/auth_url': value => $internal_url;
|
||||
'keystone_authtoken/project_domain_id': value => 'default';
|
||||
'keystone_authtoken/user_domain_id': value => 'default';
|
||||
'keystone_authtoken/project_name': value => 'services';
|
||||
'keystone_authtoken/username': value => 'neutron';
|
||||
'keystone_authtoken/password': value => $neutron_keystone_settings['admin_password'];
|
||||
'keystone_authtoken/auth_region': value => $region;
|
||||
}
|
||||
|
||||
|
||||
# setup db access to the controller with the known password
|
||||
$database_vip = hiera('database_vip', $management_vip)
|
||||
$db_host = pick($astara_settings['db_host'], $database_vip)
|
||||
$db_user = pick($astara_settings['db_user'], 'astara')
|
||||
$db_name = pick($astara_settings['db_name'], 'astara')
|
||||
#$db_password = pick($astara_settings['astara_db_password'], 'astara')
|
||||
$db_password = 'astara'
|
||||
$database_connection = "mysql://${db_user}:${db_password}@${db_host}/${db_name}?charset=utf8"
|
||||
astara_config {
|
||||
'database/connection': value => $database_connection;
|
||||
}
|
||||
|
||||
# setup access to neutron's rabbit queue
|
||||
# matching neutron's rabbit setup here -- it uses nova's credentials?
|
||||
$rabbit_settings = hiera('rabbit')
|
||||
$rabbit_user = 'nova'
|
||||
$rabbit_password = $rabbit_settings['password']
|
||||
$rabbit_host = hiera('amqp_hosts')
|
||||
|
||||
astara_config {
|
||||
'DEFAULT/control_exchange': value => 'neturon';
|
||||
'DEFAULT/rpc_backend': value => 'rabbit';
|
||||
'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_user;
|
||||
'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true;
|
||||
'oslo_messaging_rabbit/rabbit_hosts': value => $rabbit_host;
|
||||
}
|
||||
|
||||
# setup the neutron L3 agent
|
||||
neutron_config {
|
||||
'agent/root_helper': value => 'sudo neutron-rootwrap /etc/neutron/rootwrap.conf';
|
||||
'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_user;
|
||||
'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true;
|
||||
# XXX note sure where non-default 5673 comes from?
|
||||
'oslo_messaging_rabbit/rabbit_hosts': value => $rabbit_host;
|
||||
}
|
||||
|
||||
|
||||
# drop an openrc for the neutron service tenant
|
||||
class { 'openstack::auth_file':
|
||||
admin_user => 'neutron',
|
||||
admin_password => $neutron_keystone_settings['admin_password'],
|
||||
admin_tenant => 'services',
|
||||
region_name => $region,
|
||||
auth_url => $auth_url,
|
||||
}
|
||||
|
||||
astara_config {
|
||||
'DEFAULT/endpoint_type': value => 'internalURL';
|
||||
'DEFAULT/log_file': value => '/var/log/astara/astara-orchestrator.log';
|
||||
}
|
||||
|
||||
# Setup coordination cluster services.
|
||||
# NOTE: we use memcache here for testing until a zookeeper module is available in feul
|
||||
astara_config {
|
||||
'coordination/enabled': value => 'True';
|
||||
'coordination/url': value => "memcached://${memcache_address}:11211";
|
||||
}
|
||||
|
||||
# setup metadata proxy access
|
||||
astara_config {
|
||||
'DEFAULT/nova_metadata_ip': value => $management_vip;
|
||||
'DEFAULT/neutron_metadata_proxy_shared_secret': value => $neutron_settings["metadata"]["metadata_proxy_shared_secret"];
|
||||
}
|
||||
|
||||
# TODO(adam_g): flavor ids are hard-coded as params to astara::flavor::create,
|
||||
# should be centralized somewhere.
|
||||
astara_config {
|
||||
'router/instance_flavor': value => "511";
|
||||
'loadbalancer/instance_flavor': value => "511";
|
||||
}
|
|
@ -0,0 +1,5 @@
|
|||
|
||||
class { 'astara::db::sync': }
|
||||
class { 'astara::flavor::create': }
|
||||
class { 'astara::networks::create': }
|
||||
|
|
@ -0,0 +1,58 @@
|
|||
|
||||
notice('MODULAR: astara/db.pp')
|
||||
|
||||
$node_name = hiera('node_name')
|
||||
|
||||
$astara_settings = hiera('fuel-plugin-astara')
|
||||
$mysql_hash = hiera_hash('mysql_hash', {})
|
||||
|
||||
$database_vip = hiera('database_vip')
|
||||
|
||||
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||
$mysql_root_password = $mysql_hash['root_password']
|
||||
|
||||
$db_user = 'astara'
|
||||
$db_name = 'astara'
|
||||
#$db_password = pick($astara_settings['astara_db_password'], $mysql_root_password)
|
||||
# XXX TODO pull generated passwd from environment config
|
||||
$db_password = 'astara'
|
||||
|
||||
$db_host = pick($astara_settings['metadata']['db_host'], $database_vip)
|
||||
$db_create = pick($astara_settings['metadata']['db_create'], $mysql_db_create)
|
||||
$db_root_user = pick($astara_settings['metadata']['root_user'], $mysql_root_user)
|
||||
$db_root_password = pick($astara_settings['metadata']['root_password'], $mysql_root_password)
|
||||
|
||||
$allowed_hosts = [ $node_name, 'localhost', '127.0.0.1', '%' ]
|
||||
|
||||
validate_string($mysql_root_user)
|
||||
|
||||
if $db_create {
|
||||
|
||||
class { 'galera::client':
|
||||
custom_setup_class => hiera('mysql_custom_setup_class', 'galera'),
|
||||
}
|
||||
|
||||
class { 'astara::db::mysql':
|
||||
user => $db_user,
|
||||
password => $db_password,
|
||||
dbname => $db_name,
|
||||
allowed_hosts => $allowed_hosts,
|
||||
}
|
||||
|
||||
class { 'osnailyfacter::mysql_access':
|
||||
db_host => $db_host,
|
||||
db_user => $db_root_user,
|
||||
db_password => $db_root_password,
|
||||
}
|
||||
|
||||
Class['galera::client'] ->
|
||||
Class['osnailyfacter::mysql_access'] ->
|
||||
Class['astara::db::mysql']
|
||||
|
||||
}
|
||||
|
||||
class mysql::config {}
|
||||
include mysql::config
|
||||
class mysql::server {}
|
||||
include mysql::server
|
|
@ -0,0 +1,103 @@
|
|||
notice('MODULAR: network-orchestrator-node/network_hiera_override.pp')
|
||||
|
||||
$network_node_plugin = hiera('astara', undef)
|
||||
$hiera_dir = '/etc/hiera/override'
|
||||
$plugin_name = 'network-orchestrator-node'
|
||||
$plugin_yaml = "${plugin_name}.yaml"
|
||||
|
||||
if $network_orchestrator_node_plugin {
|
||||
$network_metadata = hiera_hash('network_metadata')
|
||||
$network_roles = ['primary-network-orchestrator-node', 'network-orchestrator-node']
|
||||
$network_nodes = get_nodes_hash_by_roles($network_metadata, $network_roles)
|
||||
$management_vip = $network_metadata['vips']['management']['ipaddr']
|
||||
$public_vip = $network_metadata['vips']['public']['ipaddr']
|
||||
|
||||
$quantum_hash = hiera_hash('quantum_settings')
|
||||
|
||||
case hiera_array('role', 'none') {
|
||||
/network-orchestartor-node/: {
|
||||
|
||||
if hiera('role', 'none') == 'primary-network-orchestrator-node' {
|
||||
$primary_controller = true
|
||||
} else {
|
||||
$primary_controller = false
|
||||
}
|
||||
$use_neutron = true
|
||||
$corosync_roles = $network_roles
|
||||
$deploy_vrouter = false
|
||||
$haproxy_nodes = false
|
||||
$corosync_nodes = $network_nodes
|
||||
$new_quantum_settings_hash = {
|
||||
'neutron_agents' => [''],
|
||||
'neutron_server_enable' => false,
|
||||
'conf_nova' => false
|
||||
}
|
||||
$neutron_settings = merge($quantum_hash, $new_quantum_settings_hash)
|
||||
}
|
||||
/controller/: {
|
||||
$use_neutron = true
|
||||
$new_quantum_settings_hash = {
|
||||
'neutron_agents' => [''],
|
||||
}
|
||||
$neutron_settings = merge($quantum_hash, $new_quantum_settings_hash)
|
||||
|
||||
if hiera('role', 'none') =~ /^primary/ {
|
||||
$primary_controller = 'true'
|
||||
} else {
|
||||
$primary_controller = 'false'
|
||||
}
|
||||
}
|
||||
default: {
|
||||
$use_neutron = true
|
||||
}
|
||||
}
|
||||
|
||||
###################
|
||||
$calculated_content = inline_template('
|
||||
<% if @corosync_nodes -%>
|
||||
<% require "yaml" -%>
|
||||
corosync_nodes:
|
||||
<%= YAML.dump(@corosync_nodes).sub(/--- *$/,"") %>
|
||||
<% end -%>
|
||||
<% if @corosync_roles -%>
|
||||
corosync_roles:
|
||||
<%
|
||||
@corosync_roles.each do |crole|
|
||||
%> - <%= crole %>
|
||||
<% end -%>
|
||||
<% end -%>
|
||||
<% if @neutron_settings -%>
|
||||
<% require "yaml" -%>
|
||||
quantum_settings:
|
||||
<%= YAML.dump(@neutron_settings).sub(/--- *$/,"") %>
|
||||
<% end -%>
|
||||
deploy_vrouter: <%= @deploy_vrouter %>
|
||||
primary_controller: <%= @primary_controller %>
|
||||
management_vip: <%= @management_vip %>
|
||||
database_vip: <%= @management_vip %>
|
||||
service_endpoint: <%= @management_vip %>
|
||||
public_vip: <%= @public_vip %>
|
||||
use_neutron: <%= @use_neutron %>
|
||||
')
|
||||
|
||||
###################
|
||||
|
||||
file {'/etc/hiera/override':
|
||||
ensure => directory,
|
||||
} ->
|
||||
file { '/etc/hiera/override/common.yaml':
|
||||
ensure => file,
|
||||
content => "${calculated_content}\n",
|
||||
}
|
||||
|
||||
package {'ruby-deep-merge':
|
||||
ensure => 'installed',
|
||||
}
|
||||
|
||||
file_line {'hiera.yaml':
|
||||
path => '/etc/hiera.yaml',
|
||||
line => " - override/${plugin_name}",
|
||||
after => ' - override/module/%{calling_module}',
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,2 @@
|
|||
|
||||
class { 'astara::image': }
|
|
@ -0,0 +1,5 @@
|
|||
notice('MODULAR: astara install')
|
||||
|
||||
include astara
|
||||
|
||||
class { 'astara::install': }
|
|
@ -0,0 +1 @@
|
|||
notice('MODULAR: no-op astara pre-deployment task')
|
|
@ -0,0 +1,3 @@
|
|||
|
||||
class { 'astara::networks::set': }
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
Puppet::Type.type(:astara_config).provide(
|
||||
:ini_setting,
|
||||
:parent => Puppet::Type.type(:ini_setting).provider(:ruby)
|
||||
) do
|
||||
|
||||
def section
|
||||
resource[:name].split('/', 2).first
|
||||
end
|
||||
|
||||
def setting
|
||||
resource[:name].split('/', 2).last
|
||||
end
|
||||
|
||||
def separator
|
||||
'='
|
||||
end
|
||||
|
||||
def self.file_path
|
||||
'/etc/astara/orchestrator.ini'
|
||||
end
|
||||
|
||||
# added for backwards compatibility with older versions of inifile
|
||||
def file_path
|
||||
self.class.file_path
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,47 @@
|
|||
Puppet::Type.newtype(:astara_config) do
|
||||
|
||||
ensurable
|
||||
|
||||
newparam(:name, :namevar => true) do
|
||||
desc 'Section/setting name to manage from /etc/astara/orchestrator.ini'
|
||||
newvalues(/\S+\/\S+/)
|
||||
end
|
||||
|
||||
newproperty(:value) do
|
||||
desc 'The value of the setting to be defined.'
|
||||
munge do |value|
|
||||
value = value.to_s.strip
|
||||
value.capitalize! if value =~ /^(true|false)$/i
|
||||
value
|
||||
end
|
||||
|
||||
def is_to_s( currentvalue )
|
||||
if resource.secret?
|
||||
return '[old secret redacted]'
|
||||
else
|
||||
return currentvalue
|
||||
end
|
||||
end
|
||||
|
||||
def should_to_s( newvalue )
|
||||
if resource.secret?
|
||||
return '[new secret redacted]'
|
||||
else
|
||||
return newvalue
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
newparam(:secret, :boolean => true) do
|
||||
desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
|
||||
|
||||
newvalues(:true, :false)
|
||||
|
||||
defaultto false
|
||||
end
|
||||
|
||||
autorequire(:package) do
|
||||
'astara-common'
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,21 @@
|
|||
|
||||
notice('MODULAR: astara::astara_neutron::install')
|
||||
|
||||
class astara::astara_neutron::install {
|
||||
class { 'astara::repo::liberty': }
|
||||
|
||||
package { 'neutron-plugin-astara':
|
||||
ensure => present,
|
||||
require => Class['astara::repo::liberty'],
|
||||
}
|
||||
|
||||
# TODO: These will need to be special cased for when we deploy the Mitaka
|
||||
# version (akanda -> astara)
|
||||
neutron_config {
|
||||
'DEFAULT/core_plugin': value => 'akanda.neutron.plugins.ml2_neutron_plugin.Ml2Plugin';
|
||||
'DEFAULT/api_extensions_path': value => '/usr/lib/python2.7/dist-packages/akanda/neutron/extensions';
|
||||
'DEFAULT/service_plugins': value => 'akanda.neutron.plugins.ml2_neutron_plugin.L3RouterPlugin';
|
||||
'DEFAULT/notification_driver': value => 'neutron.openstack.common.notifier.rpc_notifier';
|
||||
'DEFAULT/astara_auto_add_resources': value => 'False';
|
||||
}
|
||||
}
|
|
@ -0,0 +1,55 @@
|
|||
# The astara::db::mysql class creates a MySQL database for astara.
|
||||
# It must be used on the MySQL server
|
||||
#
|
||||
# == Parameters
|
||||
#
|
||||
# [*password*]
|
||||
# password to connect to the database. Mandatory.
|
||||
#
|
||||
# [*dbname*]
|
||||
# name of the database. Optional. Defaults to astara.
|
||||
#
|
||||
# [*user*]
|
||||
# user to connect to the database. Optional. Defaults to astara.
|
||||
#
|
||||
# [*host*]
|
||||
# the default source host user is allowed to connect from.
|
||||
# Optional. Defaults to 'localhost'
|
||||
#
|
||||
# [*allowed_hosts*]
|
||||
# other hosts the user is allowd to connect from.
|
||||
# Optional. Defaults to undef.
|
||||
#
|
||||
# [*charset*]
|
||||
# the database charset. Optional. Defaults to 'utf8'
|
||||
#
|
||||
# [*collate*]
|
||||
# the database collation. Optional. Defaults to 'utf8_general_ci'
|
||||
#
|
||||
# [*mysql_module*]
|
||||
# (optional) Deprecated. Does nothing.
|
||||
#
|
||||
# [*cluster_id*]
|
||||
# (optional) Deprecated. Does nothing.
|
||||
|
||||
class astara::db::mysql(
|
||||
$password,
|
||||
$dbname = 'astara',
|
||||
$user = 'astara',
|
||||
$host = '127.0.0.1',
|
||||
$charset = 'utf8',
|
||||
$collate = 'utf8_general_ci',
|
||||
$allowed_hosts = undef,
|
||||
) {
|
||||
|
||||
::openstacklib::db::mysql { 'astara':
|
||||
user => $user,
|
||||
password_hash => mysql_password($password),
|
||||
dbname => $dbname,
|
||||
host => $host,
|
||||
charset => $charset,
|
||||
collate => $collate,
|
||||
allowed_hosts => $allowed_hosts,
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
notice('MODULAR: astara::db::sync')
|
||||
|
||||
class astara::db::sync {
|
||||
exec { 'astara-db-sync':
|
||||
command => 'astara-dbsync --config-file /etc/astara/orchestrator.ini upgrade head',
|
||||
path => '/usr/bin',
|
||||
user => 'astara',
|
||||
logoutput => on_failure,
|
||||
}
|
||||
}
|
|
@ -0,0 +1,15 @@
|
|||
notice('MODULAR: astara::flavor::create')
|
||||
|
||||
class astara::flavor::create (
|
||||
$ram = '512',
|
||||
$disk = '3',
|
||||
$vcpus = '1',
|
||||
$flavor_name = 'm1.astara',
|
||||
$flavor_id = '511',
|
||||
) {
|
||||
exec { 'create':
|
||||
path => '/bin:/usr/bin',
|
||||
command => '/bin/bash ./scripts/create_nova_flavor.sh ${ram} ${disk} ${vcpus} ${flavor_name} ${id}',
|
||||
logoutput => true,
|
||||
}
|
||||
}
|
|
@ -0,0 +1,25 @@
|
|||
notice('MODULAR: Grabbing astara appliance image')
|
||||
|
||||
class astara::image {
|
||||
|
||||
$astara_settings = hiera('fuel-plugin-astara')
|
||||
$image_url = $astara_settings['astara_appliance_image_location']
|
||||
|
||||
exec { 'need_image':
|
||||
command => '/bin/true',
|
||||
onlyif => '/usr/bin/test ! -e /root/astara_appliance.qcow2',
|
||||
}
|
||||
notice("Downloading astara applinace from ${image_url}")
|
||||
|
||||
exec { "/usr/bin/wget -O astara_appliance.qcow2 --timestamping ${image_url}":
|
||||
alias => "get-image",
|
||||
cwd => "/tmp",
|
||||
require => Exec['need_image'],
|
||||
}
|
||||
|
||||
file { "/root/astara_appliance.qcow2":
|
||||
ensure => present,
|
||||
source => "/tmp/astara_appliance.qcow2",
|
||||
require => Exec["get-image"] }
|
||||
|
||||
}
|
|
@ -0,0 +1,100 @@
|
|||
#
|
||||
# Copyright (c) 2016, Akanda Inc, http://akanda.io
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
notice('MODULAR: astara/init.pp')
|
||||
|
||||
# Parameters for configuring Astara Fuel plugin
|
||||
class astara {
|
||||
$astara_settings = hiera('fuel-plugin-astara')
|
||||
$mgt_service_port = $astara_settings['astara_mgmt_service_port']
|
||||
}
|
||||
#
|
||||
# $astara_settings = hiera('astara', {})
|
||||
# $management_vip = hiera('management_vip')
|
||||
#
|
||||
# # Settings for Neutron
|
||||
# $neutron_settings = hiera_hash('quantum_settings', {})
|
||||
#
|
||||
# # Setting for Authenication
|
||||
# $ssl_hash = hiera_hash('use_ssl', {})
|
||||
# $internal_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
|
||||
# $internal_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [hiera('service_endpoint', ''), $management_vip])
|
||||
# $admin_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
|
||||
# $admin_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [hiera('service_endpoint', ''), $management_vip])
|
||||
#
|
||||
# $auth_uri = "${internal_auth_protocol}://${internal_auth_address}:5000/v2.0/"
|
||||
# $auth_url = "${admin_auth_protocol}://${admin_auth_address}:35357/"
|
||||
# $identity_uri = "${admin_auth_protocol}://${admin_auth_address}:35357/"
|
||||
# $auth_region = hiera('region', 'RegionOne')
|
||||
# $project_domain_id = hiera('project_domain', 'default')
|
||||
# $project_name = hiera('$hiera workloads_collector['tenant']', 'services')
|
||||
# $user_domain_id = hiera('user_domain', 'default')
|
||||
# $neutron_user = hiera('neutron_user', 'neutron')
|
||||
# $neutron_password = hiera('neutron_user_password')
|
||||
#
|
||||
# # Settings for Database
|
||||
# $database_vip = hiera('database_vip', undef)
|
||||
# $db_type = 'mysql'
|
||||
# $db_host = pick($astara_settings['db_host'], $database_vip)
|
||||
# $db_user = pick($astara_settings['username'], 'astara')
|
||||
# $db_password = $astara_settings['db_password']
|
||||
# $db_name = pick($astara_settings['db_name'], 'astara')
|
||||
# $db_connection = os_database_connection({
|
||||
# 'dialect' => $db_type,
|
||||
# 'host' => $db_host,
|
||||
# 'database' => $db_name,
|
||||
# 'username' => $db_user,
|
||||
# 'password' => $db_password,
|
||||
# 'charset' => 'utf8'
|
||||
# })
|
||||
#
|
||||
# # Settings for RabbitMQ
|
||||
# $rabbit = hiera_hash('rabbit_hash')
|
||||
# $rabbit_user = $rabbit['user']
|
||||
# $rabbit_password = $rabbit['password']
|
||||
# $rabbit_hosts = split(hiera('amqp_hosts',''), ',')
|
||||
#
|
||||
# # Settings for Astara
|
||||
## $mangement_network_id =
|
||||
## $management_subnet_id =
|
||||
# $management_prefix = $astara_settings['astara-mgmt-ipv6-prefix']
|
||||
## $external_network_id =
|
||||
## $external_subnet_id =
|
||||
# $external_prefix = $neutron_settings['predefined_networks']['admin_floating_net']['L3']['subnet']
|
||||
# $enable_drivers = pick($astara_settings['enable_drivers'], 'router')
|
||||
# $interface_driver = pick($astara_settings['interface_driver'], 'astara.common.linux.interface.OVSInterfaceDriver')
|
||||
# $instance_provider = pick($astara_settings['instance_provider'], 'on-demand')
|
||||
# $bind_api_port = $astara_settings['astara-api-port']
|
||||
# $bind_mgmt_port = $astara_settings['astara-mgmt-service-port']
|
||||
#
|
||||
# #$appliance_router_image = {
|
||||
# # "os_name" => "astara_router",
|
||||
# # "loc_path" => $settings['astara_appliance_image_loc']
|
||||
# # "container_format" => "bare",
|
||||
# # "disk_format" => "qcow2",
|
||||
# # "glance_properties" => "",
|
||||
# # "img_name" => "astara_router",
|
||||
# # "public" => "true"
|
||||
# #}
|
||||
# #$appliance_lb_image = {
|
||||
# # "os_name" => "astara_nginx",
|
||||
# # "loc_path" => $settings['astara_appliance_image_loc']
|
||||
# # "container_format" => "bare",
|
||||
# # "disk_format" => "qcow2",
|
||||
# # "glance_properties" => "",
|
||||
# # "img_name" => "astara_nginx",
|
||||
# # "public" => "true"
|
||||
# #}
|
||||
#}
|
|
@ -0,0 +1,24 @@
|
|||
|
||||
# dependency issues between liberty and mitaka prevent a packaged
|
||||
# installation right now
|
||||
#class astara::install {
|
||||
# class { 'astara::repo': }
|
||||
#
|
||||
# package { 'astara-orchestrator':
|
||||
# ensure => 'present',
|
||||
# require => Class['astara::repo'],
|
||||
# tag => ['openstack', 'astara-orchestrator-package'],
|
||||
# }
|
||||
#}
|
||||
|
||||
|
||||
# install from src in a venv instead.
|
||||
class astara::install {
|
||||
$astara_settings = hiera('fuel-plugin-astara')
|
||||
$astara_repo_url = pick($astara_settings['git_repo_url'], 'https://github.com/openstack/astara.git')
|
||||
$astara_repo_branch = pick($astara_settings['git_branch'], 'stable/mitaka')
|
||||
$repo_dir = '/opt/astara'
|
||||
exec { 'install-from-src':
|
||||
command => "/bin/bash ./scripts/install_astara_from_src.sh ${astara_repo_url} ${astara_repo_branch} ${$repo_dir}"
|
||||
}
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
notice('MODULAR: astara::networks::create')
|
||||
|
||||
$astara_settings = hiera('fuel-plugin-astara')
|
||||
$mgt_net_name = $astara_settings['astara_mgmt_name']
|
||||
$mgt_prefix = $astara_settings['astara_mgmt_ipv6_prefix']
|
||||
|
||||
class astara::networks::create {
|
||||
exec { 'create networks':
|
||||
path => '/bin:/usr/bin',
|
||||
command => '/bin/bash ./scripts/create_neutron_networks.sh ${mgt_net_name} ${mgt_prefix}',
|
||||
logoutput => true,
|
||||
}
|
||||
}
|
|
@ -0,0 +1,14 @@
|
|||
notice('MODULAR: astara::networks::set')
|
||||
|
||||
$astara_settings = hiera('fuel-plugin-astara')
|
||||
|
||||
$mgt_net_name = $astara_settings['astara_mgmt_name']
|
||||
$mgt_prefix = $astara_settings['astara_mgmt_ipv6_prefix']
|
||||
|
||||
class astara::networks::set {
|
||||
exec { 'set networks':
|
||||
path => '/bin:/usr/bin',
|
||||
command => '/bin/bash ./scripts/set_neutron_networks.sh ${mgt_net_name} ${mgt_prefix}',
|
||||
logoutput => true,
|
||||
}
|
||||
}
|
|
@ -0,0 +1,15 @@
|
|||
class astara::repo::liberty {
|
||||
include apt
|
||||
if hiera('fuel_version') != '8.0' {
|
||||
fail('Currently Astara deployment supported only with Fuel 8.0/liberty')
|
||||
}
|
||||
|
||||
# we install liberty on all nodes except the astara nodes
|
||||
notice('MODULAR: astara - Installing controller version for Liberty')
|
||||
apt::ppa { 'ppa:astara-drivers/astara-liberty': }
|
||||
exec {
|
||||
'apt-get update':
|
||||
path => '/usr/bin/',
|
||||
require => Apt::Ppa['ppa:astara-drivers/astara-liberty']
|
||||
}
|
||||
}
|
|
@ -0,0 +1,74 @@
|
|||
[DEFAULT] <% settings = scope.lookupvar('@fuel-plugin-astara') %>
|
||||
debug = False
|
||||
|
||||
log_dir = /var/log/astara
|
||||
log_file = /var/log/astara/orchestrator.log
|
||||
|
||||
auth_region = <%= @astara_settings['auth_region'] %>
|
||||
auth_url = <%= @astara_settings['auth_url'] %>
|
||||
|
||||
instance_provider = <%= @astara_settings['instance_provider'] %>
|
||||
management_network_id = <%= @astara_settings['management_network_id'] %>
|
||||
management_subnet_id = <%= @astara_settings['management_subnet_id'] %>
|
||||
management_prefix = <%= @astara_settings['management_prefix'] %>
|
||||
|
||||
enabled_drivers = <%= @astara_settings['enabled_drivers'] %>
|
||||
|
||||
external_network_id = <%= @astara_settings['external_network_id'] %>
|
||||
external_subnet_id = <%= @astara_settings['external_subnet_id'] %>
|
||||
external_prefix = <%= @astara_settings['external_prefix'] %>
|
||||
|
||||
interface_driver = <%= @astara_settings['interface_driver'] %>
|
||||
|
||||
plug_external_port = True
|
||||
|
||||
ssh_public_key = /etc/astara/id_rsa.pub
|
||||
|
||||
provider_rules_path = /etc/astara/provider_rules.json
|
||||
|
||||
reboot_error_threshold =32
|
||||
num_worker_threads = 2
|
||||
num_worker_processes = 2
|
||||
boot_timeout = 3000
|
||||
|
||||
host = <%= @astara_settings['controller'] %>
|
||||
|
||||
[AGENT]
|
||||
root_helper = sudo /usr/bin/astara-rootwrap /etc/astara/rootwrap.conf
|
||||
|
||||
[ceilometer]
|
||||
|
||||
[coordination]
|
||||
|
||||
[database]
|
||||
connection = <%= @astara_settings['db_connection'] %>
|
||||
|
||||
[keystone_authtoken]
|
||||
auth_plugin = password
|
||||
auth_uri = <%= @astara_settings['auth_uri'] %>
|
||||
auth_url = <%= @astara_settings['auth_url'] %>
|
||||
identity_uri = <%= @astara_settings['identity_uri'] %>
|
||||
project_domain_id = <%= @astara_settings['project_domain_id'] %>
|
||||
project_name = <%= @astara_settings['project_name'] %>
|
||||
user_domain_id = <%= @astara_settings['user_domain_id'] %>
|
||||
password = <%= @astara_settings['keystone_passwd'] %>
|
||||
username = <%= @astara_settings['keystone_user'] %>
|
||||
|
||||
[loadbalancer]
|
||||
# image_uuid = <%= @astara_settings['lb_image_uuid'] %>
|
||||
# instance_flavor = <%= @astara_settings['lb_instance_flavor'] %>
|
||||
|
||||
[matchmaker_redis]
|
||||
|
||||
[oslo_messaging_amqp]
|
||||
|
||||
[oslo_messaging_rabbit]
|
||||
rabbit_host = <%= @astara_settings['rabbit_host'] %>
|
||||
rabbit_userid = <%= @astara_settings['rabbit_user'] %>
|
||||
rabbit_password = <%= @astara_settings['rabbit_password'] %>
|
||||
|
||||
[pez]
|
||||
|
||||
[router]
|
||||
image_uuid = <%= @astara_settings['router_image_uuid'] %>
|
||||
instance_flavor = <%= @astara_settings['router_instance_flavor'] %>
|
|
@ -0,0 +1,111 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
# Publish or find the astara image, set its id in config
|
||||
# Install the fuel public ssh pub key as the astara ssh key
|
||||
# Restart astara + neutron l2
|
||||
|
||||
source $(dirname $0)/functions
|
||||
source /root/openrc
|
||||
export OS_ENDPOINT_TYPE=internalURL
|
||||
|
||||
ROLE=${1:-"network-orchestrator-node"}
|
||||
|
||||
echo "Running post-deployment task for $role"
|
||||
|
||||
TIMEOUT=600
|
||||
|
||||
IMG_FILE="/root/astara_appliance.qcow2"
|
||||
IMG_NAME="astara_appliance"
|
||||
|
||||
if [[ ! -e $IMG_FILE ]]; then
|
||||
echo "No image file found at $IMG_FILE" && exit 1
|
||||
fi
|
||||
|
||||
if ! which glance; then
|
||||
sudo apt-get install -y python-glanceclient
|
||||
fi
|
||||
|
||||
if ! which openstack; then
|
||||
sudo apt-get install -y python-openstackclient
|
||||
fi
|
||||
|
||||
if ! which neutron; then
|
||||
sudo apt-get -y install python-neutronclient
|
||||
fi
|
||||
|
||||
# glanceclient + openstack clients are a mess and cannot request at the internal
|
||||
# url.... :(
|
||||
internal_url=`openstack catalog show image -c endpoints -f value | grep internal | awk '{ print $2 }'`
|
||||
OS_IMG_URL="--os-image-url=$internal_url"
|
||||
|
||||
function publish_image {
|
||||
if glance $OS_IMG_URL image-list | grep $IMG_NAME; then
|
||||
return
|
||||
fi
|
||||
echo "Publishing astara image into glance"
|
||||
glance $OS_IMG_URL image-create --name $IMG_NAME --visibility=public --container-format=bare --disk-format=qcow2 --file $IMG_FILE
|
||||
echo "Published astara image $IMG_FILE into glance"
|
||||
}
|
||||
|
||||
|
||||
function find_image {
|
||||
echo "Finding astara image in glance"
|
||||
for i in $(seq 0 $TIMEOUT); do
|
||||
IMG_ID=$(glance $OS_IMG_URL image-list | grep $IMG_NAME | awk '{ print $2 }')
|
||||
echo $IMG_ID
|
||||
if [[ -n "$IMG_ID" ]]; then
|
||||
echo "Found astara applinace image in glance /w id $IMG_ID"
|
||||
return
|
||||
fi
|
||||
echo 'zzz'
|
||||
sleep 1
|
||||
done
|
||||
echo "Did not find astara appliance image in glance after $TIMEOUT seconds"
|
||||
exit 1
|
||||
}
|
||||
|
||||
function scrub_neutron {
|
||||
# scrub the fuel created routers and ports that existed before the l3 agent was
|
||||
# removed
|
||||
for router in $(neutron router-list -c id -f value); do
|
||||
subnets=$(neutron router-port-list -c id -c fixed_ips -f value $router | awk '{ print $3 }' | sed -e 's/,//g')
|
||||
for subnet in $subnets; do
|
||||
subnet=$(echo $subnet | sed -e's/"//g')
|
||||
neutron router-gateway-clear $router $subnet || true
|
||||
neutron router-interface-delete $router $subnet || true
|
||||
done
|
||||
done
|
||||
|
||||
for router in $(neutron router-list -c id -f value); do
|
||||
neutron router-delete $router
|
||||
done
|
||||
sleep 3
|
||||
for port in $(neutron port-list -c id -f value); do
|
||||
neutron port-delete $port
|
||||
done
|
||||
}
|
||||
|
||||
if [[ "$ROLE" == "primary-network-orchestrator-node" ]]; then
|
||||
publish_image
|
||||
scrub_neutron
|
||||
fi
|
||||
|
||||
find_image
|
||||
|
||||
iniset /etc/astara/orchestrator.ini router image_uuid $IMG_ID
|
||||
iniset /etc/astara/orchestrator.ini loadbalancer image_uuid $IMG_ID
|
||||
|
||||
# ssh key installation
|
||||
echo "$(cat /root/.ssh/authorized_keys)" >/etc/astara/appliance_key.pub
|
||||
iniset /etc/astara/orchestrator.ini DEFAULT ssh_public_key /etc/astara/appliance_key.pub
|
||||
|
||||
service astara-orchestrator stop || true
|
||||
|
||||
service neutron-plugin-openvswitch-agent restart
|
||||
|
||||
# ensure bridges get created first
|
||||
sleep 5
|
||||
|
||||
service astara-orchestrator start
|
||||
|
||||
exit 0
|
|
@ -0,0 +1,21 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
source /root/openrc
|
||||
|
||||
for agent in dhcp metadata l3; do
|
||||
echo "Disablng $agent neutron agent in pacemaker cluster."
|
||||
pcs resource disable clone_p_neutron-${agent}-agent
|
||||
for id in $(neutron agent-list | grep $agent | awk '{ print $2 }'); do
|
||||
echo "Deleting $agent $id from neutron."
|
||||
neutron agent-delete $id
|
||||
done
|
||||
done
|
||||
|
||||
# The debian/ubuntu packaging has a bug that makes it impossible to gracefully
|
||||
# load your specific config files without mangling its upstart conf.
|
||||
sed -i 's/\$CONF_ARG$/--config-file \/etc\/neutron\/plugins\/ml2\/ml2_conf.ini/g' /etc/init/neutron-server.conf
|
||||
|
||||
# Kick neutron-server after everythings been installed + configured
|
||||
service neutron-server restart || true
|
||||
|
||||
exit 0
|
|
@ -0,0 +1,39 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
if ! which neutron; then
|
||||
sudo apt-get -y install python-neutronclient
|
||||
fi
|
||||
|
||||
source /root/openrc
|
||||
|
||||
source $(dirname $0)/functions
|
||||
|
||||
|
||||
mgt_name=${1:-"astara_mgmt"}
|
||||
mgt_prefix=${2:-"fdca:3ba5:a17a:acda::/64"}
|
||||
|
||||
|
||||
net_id="$(neutron net-list | grep " $mgt_name " | awk '{ print $2 }')"
|
||||
if [[ -z "$net_id" ]]; then
|
||||
echo "Creating astara mgt net: $mgt_name"
|
||||
net_id=$(neutron net-create $mgt_name | grep " id " | awk '{ print $4 }')
|
||||
echo "Created astara mgt net: $net_id"
|
||||
else
|
||||
echo "Found existing astara mgt net: $net_id"
|
||||
fi
|
||||
|
||||
subnet_id="$(neutron subnet-list | grep " $mgt_prefix " | awk '{ print $2 }')"
|
||||
if [[ -z "$subnet_id" ]]; then
|
||||
echo "Creating new astara mgt subnet for $mgt_prefix"
|
||||
if [[ "$mgt_prefix" =~ ':' ]]; then
|
||||
subnet_create_args="--name astara_mgmt --ip-version=6 --ipv6_address_mode=slaac --enable_dhcp"
|
||||
fi
|
||||
subnet_id=$(neutron subnet-create $mgt_name $mgt_prefix $subnet_create_args | grep ' id ' | awk '{ print $4 }')
|
||||
|
||||
else
|
||||
echo "Found existing mgt subnet for $mgt_prefix; $subnet_id"
|
||||
fi
|
||||
|
||||
|
||||
iniset /etc/astara/orchestrator.ini DEFAULT management_network_id $net_id
|
||||
iniset /etc/astara/orchestrator.ini DEFAULT management_subnet_id $subnet_id
|
|
@ -0,0 +1,17 @@
|
|||
#!/bin/bash
|
||||
|
||||
if ! which nova; then
|
||||
sudo apt-get -y install python-novaclient
|
||||
fi
|
||||
|
||||
ram=${1:-512}
|
||||
disk=${2:-3}
|
||||
vcpus=${3:-1}
|
||||
flavor_name=${4:-m1.astara}
|
||||
id=${5:-511}
|
||||
|
||||
source /root/openrc
|
||||
|
||||
if ! nova flavor-list | awk '{ print $4 }' | grep "^$flavor_name" ; then
|
||||
nova flavor-create $flavor_name $id $ram $disk $vcpus
|
||||
fi
|
|
@ -0,0 +1,258 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# **inc/ini-config** - Configuration/INI functions
|
||||
#
|
||||
# Support for manipulating INI-style configuration files
|
||||
#
|
||||
# These functions have no external dependencies and no side-effects
|
||||
|
||||
# Save trace setting
|
||||
INC_CONF_TRACE=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
|
||||
|
||||
# Config Functions
|
||||
# ================
|
||||
|
||||
# Append a new option in an ini file without replacing the old value
|
||||
# iniadd [-sudo] config-file section option value1 value2 value3 ...
|
||||
function iniadd {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local sudo=""
|
||||
if [ $1 == "-sudo" ]; then
|
||||
sudo="-sudo "
|
||||
shift
|
||||
fi
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
shift 3
|
||||
|
||||
local values="$(iniget_multiline $file $section $option) $@"
|
||||
iniset_multiline $sudo $file $section $option $values
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Comment an option in an INI file
|
||||
# inicomment [-sudo] config-file section option
|
||||
function inicomment {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local sudo=""
|
||||
if [ $1 == "-sudo" ]; then
|
||||
sudo="sudo "
|
||||
shift
|
||||
fi
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
|
||||
$sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ s|^\($option[ \t]*=.*$\)|#\1|" "$file"
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Get an option from an INI file
|
||||
# iniget config-file section option
|
||||
function iniget {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
local line
|
||||
|
||||
line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file")
|
||||
echo ${line#*=}
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Get a multiple line option from an INI file
|
||||
# iniget_multiline config-file section option
|
||||
function iniget_multiline {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
local values
|
||||
|
||||
values=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { s/^$option[ \t]*=[ \t]*//gp; }" "$file")
|
||||
echo ${values}
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Determinate is the given option present in the INI file
|
||||
# ini_has_option config-file section option
|
||||
function ini_has_option {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
local line
|
||||
|
||||
line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file")
|
||||
$xtrace
|
||||
[ -n "$line" ]
|
||||
}
|
||||
|
||||
# Add another config line for a multi-line option.
|
||||
# It's normally called after iniset of the same option and assumes
|
||||
# that the section already exists.
|
||||
#
|
||||
# Note that iniset_multiline requires all the 'lines' to be supplied
|
||||
# in the argument list. Doing that will cause incorrect configuration
|
||||
# if spaces are used in the config values.
|
||||
#
|
||||
# iniadd_literal [-sudo] config-file section option value
|
||||
function iniadd_literal {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local sudo=""
|
||||
if [ $1 == "-sudo" ]; then
|
||||
sudo="sudo "
|
||||
shift
|
||||
fi
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
local value=$4
|
||||
|
||||
if [[ -z $section || -z $option ]]; then
|
||||
$xtrace
|
||||
return
|
||||
fi
|
||||
|
||||
# Add it
|
||||
$sudo sed -i -e "/^\[$section\]/ a\\
|
||||
$option = $value
|
||||
" "$file"
|
||||
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Remove an option from an INI file
|
||||
# inidelete [-sudo] config-file section option
|
||||
function inidelete {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local sudo=""
|
||||
if [ $1 == "-sudo" ]; then
|
||||
sudo="sudo "
|
||||
shift
|
||||
fi
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
|
||||
if [[ -z $section || -z $option ]]; then
|
||||
$xtrace
|
||||
return
|
||||
fi
|
||||
|
||||
# Remove old values
|
||||
$sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ d; }" "$file"
|
||||
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Set an option in an INI file
|
||||
# iniset [-sudo] config-file section option value
|
||||
# - if the file does not exist, it is created
|
||||
function iniset {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local sudo=""
|
||||
if [ $1 == "-sudo" ]; then
|
||||
sudo="sudo "
|
||||
shift
|
||||
fi
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
local value=$4
|
||||
|
||||
if [[ -z $section || -z $option ]]; then
|
||||
$xtrace
|
||||
return
|
||||
fi
|
||||
|
||||
if ! grep -q "^\[$section\]" "$file" 2>/dev/null; then
|
||||
# Add section at the end
|
||||
echo -e "\n[$section]" | $sudo tee --append "$file" > /dev/null
|
||||
fi
|
||||
if ! ini_has_option "$file" "$section" "$option"; then
|
||||
# Add it
|
||||
$sudo sed -i -e "/^\[$section\]/ a\\
|
||||
$option = $value
|
||||
" "$file"
|
||||
else
|
||||
local sep=$(echo -ne "\x01")
|
||||
# Replace it
|
||||
$sudo sed -i -e '/^\['${section}'\]/,/^\[.*\]/ s'${sep}'^\('${option}'[ \t]*=[ \t]*\).*$'${sep}'\1'"${value}"${sep} "$file"
|
||||
fi
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Set a multiple line option in an INI file
|
||||
# iniset_multiline [-sudo] config-file section option value1 value2 valu3 ...
|
||||
function iniset_multiline {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local sudo=""
|
||||
if [ $1 == "-sudo" ]; then
|
||||
sudo="sudo "
|
||||
shift
|
||||
fi
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
|
||||
shift 3
|
||||
local values
|
||||
for v in $@; do
|
||||
# The later sed command inserts each new value in the line next to
|
||||
# the section identifier, which causes the values to be inserted in
|
||||
# the reverse order. Do a reverse here to keep the original order.
|
||||
values="$v ${values}"
|
||||
done
|
||||
if ! grep -q "^\[$section\]" "$file"; then
|
||||
# Add section at the end
|
||||
echo -e "\n[$section]" | $sudo tee --append "$file" > /dev/null
|
||||
else
|
||||
# Remove old values
|
||||
$sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ d; }" "$file"
|
||||
fi
|
||||
# Add new ones
|
||||
for v in $values; do
|
||||
$sudo sed -i -e "/^\[$section\]/ a\\
|
||||
$option = $v
|
||||
" "$file"
|
||||
done
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Uncomment an option in an INI file
|
||||
# iniuncomment config-file section option
|
||||
function iniuncomment {
|
||||
local xtrace=$(set +o | grep xtrace)
|
||||
set +o xtrace
|
||||
local sudo=""
|
||||
if [ $1 == "-sudo" ]; then
|
||||
sudo="sudo "
|
||||
shift
|
||||
fi
|
||||
local file=$1
|
||||
local section=$2
|
||||
local option=$3
|
||||
$sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ s|[^ \t]*#[ \t]*\($option[ \t]*=.*$\)|\1|" "$file"
|
||||
$xtrace
|
||||
}
|
||||
|
||||
# Restore xtrace
|
||||
$INC_CONF_TRACE
|
||||
|
||||
# Local variables:
|
||||
# mode: shell-script
|
||||
# End:
|
|
@ -0,0 +1,87 @@
|
|||
#!/bin/bash -ex
|
||||
|
||||
repo=$1
|
||||
branch=$2
|
||||
dest=$3
|
||||
venv=/opt/venv/astara
|
||||
|
||||
apt-get -y install python-dev libmysqlclient-dev
|
||||
|
||||
if ! which pip ; then
|
||||
apt-get -y install python-pip
|
||||
fi
|
||||
|
||||
if ! which git; then
|
||||
apt-get -y install git
|
||||
fi
|
||||
|
||||
if ! which virtualenv ; then
|
||||
pip install virtualenv
|
||||
fi
|
||||
|
||||
if [[ ! -d $dest ]] ; then
|
||||
git clone $repo $dest
|
||||
(cd $dest && git checkout $branch)
|
||||
fi
|
||||
|
||||
dirs="/var/log/astara /var/lib/astara /etc/astara"
|
||||
for dir in $dirs; do
|
||||
mkdir -p $dir
|
||||
done
|
||||
|
||||
if ! getent group astara > /dev/null 2>&1
|
||||
then
|
||||
addgroup --system astara >/dev/null
|
||||
fi
|
||||
|
||||
if ! getent passwd astara > /dev/null 2>&1
|
||||
then
|
||||
adduser --system --home /var/lib/astara --ingroup astara --no-create-home --shell /bin/false astara
|
||||
fi
|
||||
|
||||
for i in $(ls $dest/etc/); do
|
||||
if [[ ! -e /etc/astara/$i ]]; then
|
||||
cp -r $dest/etc/$i /etc/astara
|
||||
fi
|
||||
done
|
||||
|
||||
chown -R astara:adm /var/log/astara/
|
||||
chmod 0750 /var/log/astara/
|
||||
chown astara:astara -R /var/lib/astara/ /etc/astara/
|
||||
chmod 0750 /etc/astara/
|
||||
|
||||
cat >/etc/sudoers.d/astara_sudoers <<END
|
||||
Defaults:astara !requiretty
|
||||
astara ALL = (root) NOPASSWD: /usr/bin/astara-rootwrap
|
||||
END
|
||||
chmod 0440 /etc/sudoers.d/astara_sudoers
|
||||
|
||||
if [[ ! -d $venv ]]; then
|
||||
mkdir -p $(dirname $venv)
|
||||
virtualenv $venv
|
||||
fi
|
||||
|
||||
cat >/etc/init/astara-orchestrator.conf <<END
|
||||
description "Astara Network Orchestrator server"
|
||||
author "Eric Lopez <eric.lopez@akanda.io>"
|
||||
|
||||
start on runlevel [2345]
|
||||
stop on runlevel [!2345]
|
||||
|
||||
respawn
|
||||
|
||||
chdir /var/run
|
||||
|
||||
exec start-stop-daemon --start --chuid astara --exec /usr/bin/astara-orchestrator -- --config-file=/etc/astara/orchestrator.ini
|
||||
END
|
||||
|
||||
if ! which astara-orchestrator; then
|
||||
$venv/bin/pip install -r $dest/requirements.txt $dest
|
||||
$venv/bin/pip install "PyMySQL>=0.6.2"
|
||||
$venv/bin/pip install "MySQL-python;python_version=='2.7'"
|
||||
for bin in $(ls $venv/bin/astara*) ; do
|
||||
if [[ ! -e /usr/bin/$(basename $bin) ]]; then
|
||||
ln -s $bin /usr/bin/$(basename $bin)
|
||||
fi
|
||||
done
|
||||
fi
|
|
@ -0,0 +1,39 @@
|
|||
#!/bin/bash -e
|
||||
# Spin indefinitely until our mgt net and subnet show up in neutron. This will
|
||||
# be timed out by deployment_tasks if it does not succeed.
|
||||
|
||||
source /root/openrc
|
||||
|
||||
source $(dirname $0)/functions
|
||||
|
||||
if ! which neutron; then
|
||||
sudo apt-get -y install python-neutronclient
|
||||
fi
|
||||
|
||||
mgt_name=${1:-"astara_mgmt"}
|
||||
mgt_prefix=${2:-"fdca:3ba5:a17a:acda::/64"}
|
||||
|
||||
while [[ -z "$net_id" ]]; do
|
||||
net_id="$(neutron net-list | grep " $mgt_name " | awk '{ print $2 }')"
|
||||
if [[ -z "$net_id" ]]; then
|
||||
echo "Still waiting on mgt net"
|
||||
sleep 1
|
||||
else
|
||||
echo "Found astara mgt net: $net_id"
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
while [[ -z "$subnet_id" ]]; do
|
||||
subnet_id="$(neutron subnet-list | grep " $mgt_prefix" | awk '{ print $2 }')"
|
||||
if [[ -z "$subnet_id" ]]; then
|
||||
echo "Still waiting on mgt subnet"
|
||||
sleep 1
|
||||
else
|
||||
echo "Found astara mgt subnet: $subnet_id"
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
iniset /etc/astara/orchestrator.ini DEFAULT management_network_id $net_id
|
||||
iniset /etc/astara/orchestrator.ini DEFAULT management_subnet_id $subnet_id
|
|
@ -0,0 +1,13 @@
|
|||
#!/bin/bash
|
||||
|
||||
ram=${1:-512}
|
||||
disk=${2:-3}
|
||||
vcpus=${3:-1}
|
||||
flavor_name=${4:-m1.astara}
|
||||
id=${5:-511}
|
||||
|
||||
source /root/openrc
|
||||
|
||||
if ! nova flavor-list | awk '{ print $4 }' | grep "^$flavor_name" ; then
|
||||
nova flavor-create $flavor_name $id $ram $disk $vcpus
|
||||
fi
|
|
@ -0,0 +1,177 @@
|
|||
# These tasks will be merged into deployment graph. Here you
|
||||
# can specify new tasks for any roles, even built-in ones.
|
||||
|
||||
# Deployment Groups
|
||||
|
||||
- id: primary-network-orchestrator-node
|
||||
type: group
|
||||
role: [primary-network-orchestrator-node]
|
||||
requires: [primary-controller, controller]
|
||||
required_for: [deploy_end]
|
||||
tasks: [fuel_pkgs, hiera, globals, tools, logging, netconfig,
|
||||
hosts, firewall, deploy_start]
|
||||
parameters:
|
||||
strategy:
|
||||
type: one_by_one
|
||||
|
||||
- id: network-orchestrator-node
|
||||
type: group
|
||||
role: [primary-network-orchestrator-node]
|
||||
requires: [primary-controller, controller, primary-network-orchestrator-node]
|
||||
required_for: [deploy_end]
|
||||
tasks: [fuel_pkgs, hiera, globals, tools, logging, netconfig,
|
||||
hosts, firewall, deploy_start]
|
||||
parameters:
|
||||
strategy:
|
||||
type: parallel
|
||||
|
||||
# Deployment Tasks
|
||||
# No idea what purpose this hiera override task serves.
|
||||
- id: network-orchestrator-pre-deployment-task
|
||||
type: puppet
|
||||
groups: [primary-controller, controller, primary-network-orchestrator-node, network-orchestrator-node]
|
||||
requires: [pre_deployment_start]
|
||||
required_for: [pre_deployment_end]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_pre_deployment.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
- id: network-orchestrator-hiera-override
|
||||
type: puppet
|
||||
groups: [primary-controller, controller, primary-network-orchestrator-node, network-orchestrator-node]
|
||||
requires: [globals]
|
||||
required_for: [logging]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_hiera_override.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
# These tasks execute on the controller
|
||||
- id: network-orchestrator-node-db-task
|
||||
type: puppet
|
||||
groups: [primary-controller]
|
||||
requires: [primary-database, database]
|
||||
required_for: [deploy_end]
|
||||
cross-depends:
|
||||
- name: /(primary-)?database/
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_db.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
- id: network-orchestrator-node-astara-neutron-install-task
|
||||
type: puppet
|
||||
role: [primary-controller, controller]
|
||||
requires: [post_deployment_start]
|
||||
required_for: [post_deployment_end]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_astara_neutron_install.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
- id: network-orchestrator-node-astara-neutron-configure-task
|
||||
type: shell
|
||||
role: [primary-controller, controller]
|
||||
requires: [post_deployment_start, network-orchestrator-node-astara-neutron-install-task]
|
||||
required_for: [post_deployment_end]
|
||||
parameters:
|
||||
cmd: ./scripts/controller_post_deploy.sh
|
||||
timeout: 1800
|
||||
|
||||
# These tasks execute on the astara node
|
||||
- id: network-orchestrator-node-install-task
|
||||
type: puppet
|
||||
groups: [primary-network-orchestrator-node, network-orchestrator-node]
|
||||
requires: [network-orchestrator-hiera-override, netconfig]
|
||||
required_for: [deploy_end]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_install.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
- id: network-orchestrator-node-ml2-task
|
||||
type: puppet
|
||||
groups: [primary-network-orchestrator-node, network-orchestrator-node]
|
||||
requires: [network-orchestrator-node-install-task]
|
||||
required_for: [deploy_end]
|
||||
parameters:
|
||||
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/plugins/ml2.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
- id: network-orchestrator-node-ml2-config-task
|
||||
type: puppet
|
||||
groups: [primary-network-orchestrator-node, network-orchestrator-node]
|
||||
requires: [network-orchestrator-node-ml2-task]
|
||||
required_for: [deploy_end]
|
||||
parameters:
|
||||
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/common-config.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
- id: network-orchestrator-node-configure-task
|
||||
type: puppet
|
||||
groups: [primary-network-orchestrator-node, network-orchestrator-node]
|
||||
requires: [network-orchestrator-node-install-task, network-orchestrator-node-ml2-task]
|
||||
required_for: [deploy_end]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_configure.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
- id: network-orchestrator-node-image-task
|
||||
type: puppet
|
||||
groups: [primary-network-orchestrator-node]
|
||||
requires: [network-orchestrator-node-install-task]
|
||||
required_for: [deploy_end]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_image.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 3800
|
||||
|
||||
# This task creates neutron networks, nova flavors and syncs db
|
||||
# on the primary
|
||||
- id: network-orchestrator-node-create-resources-task
|
||||
type: puppet
|
||||
groups: [primary-network-orchestrator-node]
|
||||
requires: [network-orchestrator-node-configure-task]
|
||||
required_for: [network-orchestrator-node-set-resources-task]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_create_resources.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
# This task configures non-primary nodes to use those created resources
|
||||
- id: network-orchestrator-node-set-resources-task
|
||||
type: puppet
|
||||
groups: [network-orchestrator-node]
|
||||
requires: [network-orchestrator-node-create-resources-task]
|
||||
required_for: [deploy_end]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/network_orchestrator_set_resources.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 1800
|
||||
|
||||
|
||||
- id: network-orchestrator-primary-node-post-deployment-task
|
||||
type: shell
|
||||
role: [primary-network-orchestrator-node]
|
||||
requires: [post_deployment_start, upload_cirros]
|
||||
required_for: [network-orchestrator-node-post-deployment-task]
|
||||
parameters:
|
||||
cmd: ./scripts/astara_post_deploy.sh primary-network-orchestrator-node
|
||||
timeout: 1800
|
||||
retries: 3
|
||||
interval: 20
|
||||
|
||||
- id: network-orchestrator-node-post-deployment-task
|
||||
type: shell
|
||||
role: [network-orchestrator-node]
|
||||
requires: [network-orchestrator-primary-node-post-deployment-task]
|
||||
required_for: [post_deployment_end]
|
||||
parameters:
|
||||
cmd: ./scripts/astara_post_deploy.sh network-orchestrator-node
|
||||
timeout: 1800
|
||||
retries: 3
|
||||
interval: 20
|
|
@ -0,0 +1,55 @@
|
|||
attributes:
|
||||
metadata:
|
||||
restrictions:
|
||||
- action: hide
|
||||
condition: "cluster:net_provider != 'neutron'"
|
||||
- condition: "settings:neutron_advanced_configuration.neutron_dvr.value == true"
|
||||
message: "Neutron DVR must be disabled in order to use Astara plugin"
|
||||
- condition: "settings:neutron_advanced_configuration.neutron_l3_ha.value == true"
|
||||
message: "Neutron L3 HA must be disabled in order to use Astara plugin"
|
||||
- condition: "settings:public_network_assignment.assign_to_all_nodes.value == false"
|
||||
message: "Enable Public Network Access for all nodes"
|
||||
- condition: "settings:neutron_advanced_configuration.neutron_l2_pop.value == false and networking_parameters:segmentation_type != 'vlan'"
|
||||
message: "Enable Neutron L2 Population"
|
||||
group: network
|
||||
astara_db_password:
|
||||
generator: "password"
|
||||
astara_mgmt_name:
|
||||
value: 'astara_mgmt'
|
||||
label: 'Astara Management Network Name'
|
||||
weight: 15
|
||||
description: 'Set the Astara Management Neutron Network Name'
|
||||
type: "text"
|
||||
astara_mgmt_ipv6_prefix:
|
||||
value: 'fdca:3ba5:a17a:acda::/64'
|
||||
label: 'Astara Management IPv6 Prefix'
|
||||
description: 'Set the IPv6 Prefix for the Management Network'
|
||||
weight: 20
|
||||
type: "text"
|
||||
regex:
|
||||
source: '(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))'
|
||||
error: "Invalid IPv6 Prefix"
|
||||
astara_mgmt_service_port:
|
||||
value: '5000'
|
||||
label: 'Astara Management Service Port'
|
||||
description: 'Set the Astara Managment Service Port'
|
||||
weight: 25
|
||||
type: "text"
|
||||
regex:
|
||||
source: '^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$'
|
||||
error: "Must specify a management port (ie, 5000)"
|
||||
astara_api_port:
|
||||
value: '44250'
|
||||
label: 'Astara API Service Port'
|
||||
description: 'Set the Astara API Service Port'
|
||||
weight: 30
|
||||
type: "text"
|
||||
regex:
|
||||
source: '^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$'
|
||||
error: "Empty API Service Port"
|
||||
astara_appliance_image_location:
|
||||
value: 'http://tarballs.openstack.org/astara-appliance/images/astara_appliance_mitaka.qcow2'
|
||||
label: 'Astara Appliance Image URL'
|
||||
description: 'Set the Astara Appliance Image Download URL'
|
||||
weight: 35
|
||||
type: "text"
|
|
@ -0,0 +1,34 @@
|
|||
# Plugin name
|
||||
name: fuel-plugin-astara
|
||||
# Human-readable name for your plugin
|
||||
title: Use Astara Network Orchestrator
|
||||
# Plugin version
|
||||
version: '1.0.32'
|
||||
# Description
|
||||
description: Enable to use Openstack Astara Network Orchestrator for Neutron Networking
|
||||
# Required fuel version
|
||||
fuel_version: ['8.0']
|
||||
# Specify license of your plugin
|
||||
licenses: ['Apache License Version 2.0']
|
||||
# Specify author or company name
|
||||
authors: ['Akanda, Inc.']
|
||||
# A link to the plugin's page
|
||||
homepage: 'https://github.com/openstack/fuel-plugins-astara'
|
||||
# Specify a group which your plugin implements, possible options:
|
||||
# network, storage, storage::cinder, storage::glance, hypervisor,
|
||||
# equipment
|
||||
groups: ['network']
|
||||
# Change `false` to `true` if the plugin can be installed in the environment
|
||||
# after the deployment.
|
||||
is_hotpluggable: false
|
||||
|
||||
# The plugin is compatible with releases in the list
|
||||
releases:
|
||||
- os: ubuntu
|
||||
version: liberty-8.0
|
||||
mode: ['ha','multinode']
|
||||
deployment_scripts_path: deployment_scripts/
|
||||
repository_path: repositories/ubuntu
|
||||
|
||||
# Version of plugin package
|
||||
package_version: '4.0.0'
|
|
@ -0,0 +1,17 @@
|
|||
# Unique network role name
|
||||
- id: "astara_neutron"
|
||||
# Role mapping to network
|
||||
default_mapping: "management"
|
||||
properties:
|
||||
# Should be true if network role requires subnet being set
|
||||
subnet: true
|
||||
# Should be true if network role requires gateway being set
|
||||
gateway: false
|
||||
# List of VIPs to be allocated
|
||||
vip:
|
||||
# Unique VIP name
|
||||
- name: "astara_orchestrator_vip"
|
||||
# Optional linux namespace for VIP
|
||||
namespace: "haproxy"
|
||||
alias: "rug_vip"
|
||||
node_roles: ["primary-network-controller", "network-controller"]
|
|
@ -0,0 +1,17 @@
|
|||
network-orchestrator-node:
|
||||
# Role name
|
||||
name: "Network Orchestrator Node"
|
||||
# Role description
|
||||
description: "Role to create a seperate Node for Astara Network Orchestartor Service"
|
||||
# If primary then during orchestration this role will be
|
||||
# separated into primary-role and role
|
||||
has_primary: true
|
||||
# Assign public IP to node if true
|
||||
public_ip_required: false
|
||||
# Weight that will be used to sort out the
|
||||
# roles on the Fuel web UI
|
||||
weight: 1000
|
||||
conflicts:
|
||||
- compute
|
||||
limits:
|
||||
min: 1
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
ROOT="$(dirname `readlink -f $0`)"
|
||||
RPM_REPO="${ROOT}"/repositories/centos/
|
||||
DEB_REPO="${ROOT}"/repositories/ubuntu/
|
||||
|
||||
# DEB Package Files
|
||||
# RPM Package Files
|
||||
# wget -P "${RPM_REPO}" "${ASTARA_MITAKA_REPO_LOC}/"
|
||||
|
|
@ -0,0 +1 @@
|
|||
[]
|
Loading…
Reference in New Issue