Contrail controller nodes deployment stage 1

This commit contains puppet classes which create testbed file
for fabric tool and execute fab tasks on controller nodes.

Change-Id: Ie434d327ee53a5564adde001785b54a50eb30ebc
Co-Authored-By: Vyacheslav Struk (vstruk@mirantis.com)

deployment_scripts/puppet/manifests/site-compute-post.pp

@@ -7,6 +7,13 @@ class { 'contrail::network':
   netmask     => $contrail::netmask_short,
 } ->
 
+apt::source { 'contrail-from-fuel-master':
+  location     => "http://${contrail::master_ip}:8080/plugins/contrail-${contrail::plugin_version}/repositories/ubuntu/",
+  release      => '',
+  repos        => '/',
+  include_src  => false,
+} ->
+
 class { contrail::packages:
   install        => 'contrail-openstack-vrouter',
   remove         => ['openvswitch-common','openvswitch-datapath-lts-saucy-dkms','openvswitch-switch',

deployment_scripts/puppet/manifests/site-compute-pre.pp

@@ -0,0 +1,8 @@
+# Remove automatically installed plugin's repo.
+# Some packages conflicts with default repo on openstack-controller nodes
+file {"remove-plugin-aptsource":
+  # TODO!
+  #path => "/etc/apt/sources.list.d/contrail-{plugin_version}.list",
+  path => "/etc/apt/sources.list.d/contrail-1.0.0.list",
+  ensure => absent,
+}

deployment_scripts/puppet/manifests/site-contrail-post1.pp

@@ -0,0 +1,9 @@
+include contrail
+if $contrail::node_name == $contrail::deployment_node {
+
+  class { 'contrail::testbed': }
+  ->
+  class { 'contrail::setup':
+    node_name => $contrail::node_name,
+  }
+}

deployment_scripts/puppet/manifests/site-contrail-post2.pp

@@ -0,0 +1,4 @@
+include contrail
+if $contrail::node_name == $contrail::deployment_node {
+  
+}

deployment_scripts/puppet/manifests/site-contrail-post3.pp

@@ -0,0 +1,3 @@
+if $contrail::node_name == $contrail::deployment_node {
+  
+}

deployment_scripts/puppet/manifests/site-contrail-post4.pp

@@ -0,0 +1,4 @@
+include contrail
+if $contrail::node_name == $contrail::deployment_node {
+  
+}

deployment_scripts/puppet/manifests/site-contrail-post5.pp

@@ -0,0 +1,4 @@
+include contrail
+if $contrail::node_name == $contrail::deployment_node {
+  
+}

deployment_scripts/puppet/manifests/site-contrail-pre.pp

@@ -19,4 +19,9 @@ class { contrail::packages:
                     'contrail-fabric-utils','contrail-setup'],
   pip_install    => ['ecdsa-0.10','Fabric-1.7.0'],
   responsefile   => 'contrail.preseed',
+} ->
+# Workaround for contrail shipped tzdata-java package
+package { 'tzdata':
+  ensure  => '2014e-0ubuntu0.12.04'
 }
+

deployment_scripts/puppet/modules/contrail/manifests/exec_pip.pp

@@ -0,0 +1,7 @@
+# A helper to run pip
+define contrail::exec_pip ( $path ){
+  exec { "Install-pip-package-${name}":
+    path    => '/usr/local/bin/:/usr/bin:/bin',
+    command => "pip install --upgrade --no-deps --index-url='' ${path}/${name}.tar.gz",
+  }
+}

deployment_scripts/puppet/modules/contrail/manifests/init.pp

@@ -11,27 +11,42 @@ $network_scheme = hiera('network_scheme')
 $uid = hiera('uid')
 $master_ip = hiera('master_ip')
 $node_role = hiera('role')
+$node_name = hiera('user_node_name')
+$nodes= hiera('nodes')
 
 # Network configuration
 prepare_network_config($network_scheme)
 $ifname = get_private_ifname()
 $range_first = $settings['contrail_private_start']
 $range_last = $settings['contrail_private_end']
-$cidr = $settings['contrail_private_cidr'] # "cidr" is actually a network address with subnet, i.e. 192.168.150.0/24
+# "cidr" is actually a network address with subnet, i.e. 192.168.150.0/24
+$cidr = $settings['contrail_private_cidr']
 $netmask=cidr_to_netmask($cidr) # returns i.e. "255.255.255.0"
 $netmask_short=netmask_to_cidr($netmask) # returns i.e. "/24"
-$address=get_ip_from_range($range_first,$range_last,$netmask_short,$uid,"first")
+$address=get_ip_from_range($range_first,$range_last,$netmask_short,$uid,'first')
 
 # Public address
 $neutron_settings=hiera('quantum_settings')
 $public_cidr=$neutron_settings['predefined_networks']['net04_ext']['L3']['subnet']
 $public_first=get_first_ip($public_cidr)
 $public_last=get_last_ip($public_cidr)
-$public_tmp=split($public_cidr,"/")
+$public_tmp=split($public_cidr,'/')
 $public_prefix=$public_tmp[1] # netmask prefix here
 $public_addr=get_ip_from_range($public_first,$public_last,$public_prefix,$uid,'last')
 
 $public_if=$settings['contrail_public_if']
 
+$contrail_node_basename='contrail'
+$deployment_node="${contrail_node_basename}-1"
 
-}
+$contrail_node_num = inline_template("<%-
+rv=0
+@nodes.each do |node|
+if node['user_node_name'] =~ /^#{@contrail_node_basename}-.*/
+rv+=1
+end
+end
+-%>
+<%= rv %>")
+
+}

deployment_scripts/puppet/modules/contrail/manifests/network.pp

@@ -12,7 +12,8 @@ class contrail::network (
     'base-os':{
       # Remove interface from the bridge
       exec {"remove_${ifname}":
-        command => "/sbin/brctl delif br-aux ${ifname}"
+        command => "/sbin/brctl delif br-aux ${ifname}",
+        returns => [0,1] # Idempotent
       }
       l23network::l3::ifconfig {$ifname:
         interface => $ifname,
@@ -29,18 +30,14 @@ class contrail::network (
         }
 
       }
-
-   }
+    }
     'compute':{
-      file {"/etc/network/interfaces.d/ifcfg-vhost0":
+      file {'/etc/network/interfaces.d/ifcfg-vhost0':
         ensure => present,
-        content => template("contrail/ifcfg-vhost0.erb");
-      }
-      # Remove interface from the bridge
-      exec {"remove_${ifname}":
-        command => "/sbin/brctl delif br-aux ${ifname}"
+        content => template('contrail/ifcfg-vhost0.erb');
       }
     }
+    default: { notify { "Node role ${node_role} not supported": } }
   }
 
 }

deployment_scripts/puppet/modules/contrail/manifests/packages.pp

@@ -1,6 +1,3 @@
-# requires
-#   puppetlabs-apt
-#   puppetlabs-stdlib
 class contrail::packages (
   $install,
   $remove = undef,
@@ -8,13 +5,6 @@ class contrail::packages (
   $pip_install = undef,
   ) {
 
-  define exec_pip ( $path ){
-    exec { "Install-pip-package-${name}":
-      path     => '/usr/local/bin/:/usr/bin:/bin',
-      command  => "pip install --upgrade --no-deps --index-url='' ${path}/${name}.tar.gz",
-    }
-  }
-
   if ($install) {
     if ($responsefile) {
       file { "/var/cache/debconf/${responsefile}":

deployment_scripts/puppet/modules/contrail/manifests/run_fabric.pp

@@ -0,0 +1,24 @@
+# A helper to run fabric
+define contrail::run_fabric (
+  $hostgroup = undef,
+  $taskname = $name,
+  $command = undef,
+) {
+  Exec {
+    cwd => '/opt/contrail/utils',
+    path => '/bin:/usr/bin:/usr/local/bin',
+    logoutput => 'on_failure',
+  }
+  case $hostgroup {
+    control: {
+      exec { "Run-fabric-command-on-${hostgroup}":
+        command => "fab -P -R ${hostgroup} -- '${command}'",
+      }
+    }
+    default: {
+      exec { "Run-local-fabric-task-${taskname}":
+        command => "fab ${taskname}",
+      }
+    }
+  }
+}

deployment_scripts/puppet/modules/contrail/manifests/setup.pp

@@ -0,0 +1,34 @@
+class contrail::setup (
+  $node_name
+  ) {
+
+  if $node_name == $contrail::deployment_node {
+    # Database installation
+    run_fabric { 'install_database': } ->
+    run_fabric { 'setup_database': } ->
+      notify{"Waiting for cassandra nodes: ${contrail::contrail_node_num}":} ->
+      exec {'wait_for_cassandra':
+        provider  => 'shell',
+        command   => "if [ `/usr/bin/nodetool status|grep ^UN|wc -l` -lt ${contrail::contrail_node_num} ]; then exit 1; fi",
+        tries     => 10, # wait for whole cluster is up: 10 tries every 30 seconds = 5 min
+        try_sleep => 30,
+      } ->
+    # Installing components
+    run_fabric { 'install_cfgm': } ->
+    run_fabric { 'install_control': } ->
+    run_fabric { 'install_collector': } ->
+    run_fabric { 'install_webui': } ->
+    # Some fixups
+    run_fabric { 'setup_contrail_keepalived': } ->
+    run_fabric { 'fixup_restart_haproxy_in_collector': } ->
+    run_fabric { 'fix-service-tenant-name':
+      hostgroup => 'control',
+      command   => "sed -i '49s/service/services/g' /usr/local/lib/python2.7/dist-packages/contrail_provisioning/config/quantum_in_keystone_setup.py",
+    } ->
+    # Setting up the components
+    run_fabric { 'setup_cfgm': } ->
+    run_fabric { 'setup_control': } ->
+    run_fabric { 'setup_collector': } ->
+    run_fabric { 'setup_webui': }
+  }
+}

deployment_scripts/puppet/modules/contrail/manifests/ssh.pp

@@ -3,4 +3,8 @@ class contrail::ssh ( $password_auth = 'yes' ) {
     path    => '/bin:/usr/bin',
     command => "sed -i -e 's/^PasswordAuthentication.*/PasswordAuthentication ${password_auth}/g' /etc/ssh/sshd_config",
   }
+  service { 'ssh':
+    ensure    => running,
+    subscribe => Exec['Update-sshd-config'],
+  }
 }

deployment_scripts/puppet/modules/contrail/manifests/testbed.pp

@@ -0,0 +1,6 @@
+class contrail::testbed {
+  file {'/opt/contrail/utils/fabfile/testbeds/testbed.py':
+    ensure  => present,
+    content => template('contrail/testbed.py.erb'),
+  }
+}

deployment_scripts/puppet/modules/contrail/templates/testbed.py.erb

@@ -0,0 +1,118 @@
+from fabric.api import env
+
+<%-
+nodes=scope.function_hiera(['nodes'])
+keystone=scope.function_hiera(['keystone'])
+os_management_vip=scope.function_hiera(['management_vip'])
+os_public_vip=scope.function_hiera(['public_vip'])
+
+deployment_node_priv_ip=''
+mgm_ip=Array.new
+priv_ip=Array.new
+role_all=[]
+role_ctrl=[]
+role_os=[]
+role_db=[]
+nodes.each do |node|
+case node['role']
+  when /^(primary-)?controller$/
+    mgm_ip << node['internal_address']
+    role_all << 'os_ctrl_'+mgm_ip.count.to_s
+    role_os << 'os_ctrl_'+mgm_ip.count.to_s
+  when 'base-os'
+    priv_ip << scope.function_get_ip_from_range([ scope.lookupvar('contrail::range_first'),scope.lookupvar('contrail::range_last'),scope.lookupvar('contrail::netmask_short'),node['uid'],'first'])
+    # Also find out a deployment node
+    if node['user_node_name'] == scope.lookupvar('contrail::deployment_node')
+      deployment_node_priv_ip=priv_ip.last
+    end
+    role_all << 'c_ctrl_'+priv_ip.count.to_s
+    role_all << 'c_db_'+priv_ip.count.to_s
+
+    role_ctrl << 'c_ctrl_'+priv_ip.count.to_s
+    role_db << 'c_db_'+priv_ip.count.to_s
+  end
+end
+-%>
+
+#Management ip addresses of hosts in the cluster
+<%- mgm_ip.each_with_index do |ip, i| -%>
+os_ctrl_<%= i+1 %> = 'root@<%= ip %>'
+<%-   end  -%>
+<%- priv_ip.each_with_index do |ip, i| -%>
+c_ctrl_<%= i+1 %> = 'root@<%= ip %>'
+<%- end -%>
+<%- priv_ip.each_with_index do |ip, i| -%>
+c_db_<%= i+1 %> = 'root@<%= ip %>'
+<%- end -%>
+
+#External routers
+ext_routers = [
+<%-
+gateways=scope.lookupvar('contrail::settings')['contrail_gateways'].split(',')
+gateways.each_with_index do |gw, i|
+-%>
+('gateway<%= i+1 %>','<%= gw %>'),
+<%- end -%>
+]
+
+#Autonomous system number
+router_asn = <%= scope.lookupvar('contrail::settings')['contrail_asnum'] %>
+
+#Host from which the fab commands are triggered to install and provision
+<%-
+if not defined?(deployment_node_priv_ip)
+ raise "ERROR: Node named scope.lookupvar('contrail::deployment_node') not found. Cant continue deploy"
+end
+-%>
+deploy_node = 'root@<%= deployment_node_priv_ip %>'
+
+
+#Role definition of the hosts.
+env.roledefs = {
+    'all': [<%= role_all*',' %>],
+    'cfgm': [<%= role_ctrl*',' %>],
+    'openstack': [<%= role_os*',' %>],
+    'control': [<%= role_ctrl*',' %>],
+    'compute': [],
+    'collector': [<%= role_ctrl*',' %>],
+    'webui': [<%= role_ctrl*',' %>],
+    'database': [<%= role_db*',' %>],
+    'build': [deploy_node],
+    'storage-master': [],
+    'storage-compute': [],
+}
+
+#Openstack admin password
+env.openstack_admin_password = 'admin'
+env.password = 'r00tme'
+#Passwords of each host
+env.passwords = {
+<%- role_all.each do |role| -%>
+    <%= role %>: 'r00tme',
+<%- end -%>
+    deploy_node: 'r00tme',
+}
+#For reimage purpose
+env.ostypes = {
+<%- role_all.each do |role| -%>
+    <%= role %>: 'ubuntu',
+<%- end -%>
+}
+env.openstack = {
+    'service_token' : '<%= keystone['admin_token'] %>'
+}
+
+env.ha = {
+   'internal_vip'   : '<%= os_management_vip %>',
+   'external_vip'   : '<%= os_public_vip %>',
+   'contrail_internal_vip'   : '<%= scope.lookupvar('contrail::range_first') %>',
+   'contrail_external_vip'   : '<%= scope.lookupvar('contrail::public_last') %>',
+}
+
+env.keystone = {
+    'service_tenant': 'services',
+    'admin_token' : '<%= keystone['admin_token'] %>'
+}
+
+multi_tenancy = True
+

environment_config.yaml

@@ -18,7 +18,7 @@ attributes:
       source: '\S'
       error: "Error field cannot be empty"
   contrail_private_start:
-    value: '192.168.150.2'
+    value: '192.168.150.5'
     label: 'Private IP range start'
     description: 'First IP address of contrail private network. NOTE: First one will be used as VIP address for controller HA'
     weight: 30

pre_build_hook

@@ -15,3 +15,26 @@ DEB_REPO="${ROOT}"/repositories/ubuntu/
 wget -qO- "${REPO_PATH}" | \
       tar -C "${MODULES}" --strip-components=3 -zxvf - \
       stackforge-fuel-library-f43d885/deployment/puppet/{inifile,stdlib}
+#
+# packages required for cassandra and zookeeper:
+deb_packages=('http://us.archive.ubuntu.com/ubuntu/pool/main/p/pcsc-lite/libpcsclite1_1.7.4-2ubuntu2_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/j/java-common/java-common_0.43ubuntu2_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/j/java-common/default-jre-headless_1.6-43ubuntu2_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/c/ca-certificates-java/ca-certificates-java_20110912ubuntu6_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/universe/c/commons-daemon/libcommons-daemon-java_1.0.8-1_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/universe/c/commons-daemon/jsvc_1.0.8-1_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/j/jline/libjline-java_1.0-1_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/universe/libj/libjna-java/libjna-java_3.2.7-4_amd64.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/a/apache-log4j1.2/liblog4j1.2-java_1.2.16-3ubuntu1_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/universe/n/netty/libnetty-java_3.2.6.Final-2_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/universe/libs/libslf4j-java/libslf4j-java_1.6.4-1_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/libx/libxml-commons-resolver1.1-java/libxml-commons-resolver1.1-java_1.2-7_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/x/xml-commons-external/libxml-commons-external-java_1.4.01-2_all.deb'
+'http://us.archive.ubuntu.com/ubuntu/pool/main/libx/libxerces2-java/libxerces2-java_2.11.0-4_all.deb')
+
+for i in "${deb_packages[@]}"
+do
+	file=`echo $i | awk -F '/' '{print $NF}'`
+	if [ ! -f $DEB_REPO$file ];
+	then wget -q $i -O $DEB_REPO$file; fi
+done

tasks.yaml

@@ -9,7 +9,7 @@
   stage: pre_deployment
   type: puppet
   parameters:
-    puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/hiera.pp
+    puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/hiera/hiera.pp
     puppet_modules: /etc/puppet/modules
     timeout: 720
 - role: ['base-os']
@@ -23,7 +23,7 @@
   stage: pre_deployment
   type: puppet
   parameters:
-    puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/netconfig.pp
+    puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/netconfig/netconfig.pp
     puppet_modules: /etc/puppet/modules
     timeout: 720
 - role: ['base-os']
@@ -68,6 +68,13 @@
     puppet_manifest: puppet/manifests/site-controller-post.pp
     puppet_modules: puppet/modules:/etc/puppet/modules
     timeout: 720
+- role: ['compute']
+  stage: pre_deployment
+  type: puppet
+  parameters:
+    puppet_manifest: puppet/manifests/site-compute-pre.pp
+    puppet_modules: puppet/modules:/etc/puppet/modules
+    timeout: 720
 - role: ['compute']
   stage: post_deployment
   type: puppet