diff --git a/.gitignore b/.gitignore index d2c6b6a..adc8dfc 100644 --- a/.gitignore +++ b/.gitignore @@ -86,4 +86,4 @@ ENV/ .spyderproject *.swp .build/ -midonet-fuel-plugin-*.rpm +midonet-*.rpm diff --git a/README.rst b/README.rst index 60ccdd6..af77792 100644 --- a/README.rst +++ b/README.rst @@ -3,9 +3,9 @@ Mirantis Fuel MidoNet plugin Compatible versions: -- Mirantis Fuel 8.0 -- MidoNet v2015.6 -- Midokura Enterprise MidoNet 1.9 +- Mirantis Fuel 9.0 +- MidoNet v5.2 +- Midokura Enterprise MidoNet 5.2 How to build the plugin ----------------------- @@ -24,7 +24,7 @@ How to build the plugin $ cd fuel-plugin-midonet $ fpb --build . -A *rpm* called `midonet-fuel-plugin-4.0-4.0.0-1.noarch.rpm` should be created in +A *rpm* called `midonet-4.1-4.0.0-1.noarch.rpm` should be created in the same directory. Follow the documentation to install and configure the plugin. You can read the diff --git a/deployment_scripts/install_midonet_common_modules_and_gems.sh b/deployment_scripts/install_midonet_common_modules_and_gems.sh new file mode 100755 index 0000000..c8c209c --- /dev/null +++ b/deployment_scripts/install_midonet_common_modules_and_gems.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +puppet module install puppetlabs-java --version=1.6.0 --ignore-dependencies --force +puppet module install locp-cassandra --version=1.25.2 --ignore-dependencies --force +puppet module install deric-zookeeper --version=0.6.1 --ignore-dependencies --force +puppet module install TubeMogul-curator --version=1.0.1 --ignore-dependencies --force +puppet module install elasticsearch-elasticsearch --version=0.13.2 --ignore-dependencies --force +puppet module install elasticsearch-logstash --version=0.6.4 --ignore-dependencies --force +puppet module install electrical-file_concat --version=1.0.1 --ignore-dependencies --force +puppet module install richardc-datacat --version=0.6.2 --ignore-dependencies --force + +gem install faraday # This is needed by the midonet providers +gem install netaddr # This is needed to calculate cidrs diff --git a/deployment_scripts/install_midonet_openstack_package.sh b/deployment_scripts/install_midonet_openstack_package.sh new file mode 100644 index 0000000..8c18ffc --- /dev/null +++ b/deployment_scripts/install_midonet_openstack_package.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +#install git +apt-get install -y git +#install unzip +apt-get install -y unzip + +cd /tmp +git clone https://github.com/midonet/puppet-midonet_openstack.git +cd puppet-midonet_openstack +git fetch +git checkout stable/mitaka +puppet module build +puppet module install $(find . | grep .tar.gz) --ignore-dependencies --force + +#cleanup +rm -rf /tmp/puppet-midonet_openstack diff --git a/deployment_scripts/install_midonet_package_from_source.sh b/deployment_scripts/install_midonet_package_from_source.sh new file mode 100644 index 0000000..69945c9 --- /dev/null +++ b/deployment_scripts/install_midonet_package_from_source.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +#install git +apt-get install -y git + + +cd /tmp +git clone https://github.com/openstack/puppet-midonet.git +cd puppet-midonet +git fetch +git checkout stable/mitaka +puppet module build +puppet module install $(find . | grep .tar.gz) --ignore-dependencies --force + +#cleanup +rm -rf /tmp/puppet-midonet diff --git a/deployment_scripts/install_midonet_puppet_modules.sh b/deployment_scripts/install_midonet_puppet_modules.sh deleted file mode 100755 index 18f640d..0000000 --- a/deployment_scripts/install_midonet_puppet_modules.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -puppet module install ripienaar-module_data --version=0.0.3 --force -puppet module install puppetlabs-java --version=1.4.1 --ignore-dependencies --force -puppet module install midonet-cassandra --version=1.0.4 --ignore-dependencies --force -puppet module install deric-zookeeper --version=0.3.9 --ignore-dependencies --force -puppet module install puppetlabs-tomcat --version=1.3.2 --ignore-dependencies --force -puppet module install midonet-midonet --version=2015.6.7 --ignore-dependencies --force - -gem install faraday # This is needed by the midonet providers diff --git a/deployment_scripts/override_neutron_module.sh b/deployment_scripts/override_neutron_module.sh new file mode 100644 index 0000000..9bef5e0 --- /dev/null +++ b/deployment_scripts/override_neutron_module.sh @@ -0,0 +1,38 @@ +if [[ -e /etc/puppet/modules/neutron/lib/puppet/type/neutron_plugin_midonet.rb ]]; then + # Apply the released patch of Neutron Puppet to allow midonet manifests + wget https://github.com/openstack/puppet-neutron/commit/dfd4662347bec58644c6f22bf9ba2a433c23b4d9.diff -O /etc/puppet/modules/neutron/midonet.diff + cd /etc/puppet/modules/neutron && patch -p1 --force --forward < midonet.diff && cd - +fi + +if [[ -e lib/puppet/provider/neutron_port/neutron.rb ]]; then + # Apply the released patch of Neutron Puppet to allow midonet manifests + wget https://github.com/openstack/puppet-neutron/commit/dcfb3dd946cbc6f6083afa35f023917dfe0369e4.diff -O /etc/puppet/modules/neutron/midonet2.diff + cd /etc/puppet/modules/neutron && patch -p1 --force --forward < midonet2.diff && cd - +fi + +if [[ -e lib/puppet/type/neutron_network.rb ]]; then + # Apply the released patch of Neutron Puppet to allow midonet manifests + wget https://github.com/openstack/puppet-neutron/commit/95f0514a8ef6f5491d7e5775553d234435354cf8.diff -O /etc/puppet/modules/neutron/midonet3.diff + cd /etc/puppet/modules/neutron && patch -p1 --force --forward < midonet3.diff && cd - +fi + + +if [[ -e /etc/puppet/modules/neutron/lib/puppet/provider/neutron.rb ]]; then + # Apply the released patch of Neutron Puppet to allow midonet manifests + wget https://github.com/openstack/puppet-neutron/commit/46e2d7acdcd5319bbc73483ff24cbafa0409d302.diff -O /etc/puppet/modules/neutron/midonet4.diff + cd /etc/puppet/modules/neutron && patch -p1 --force --forward < midonet4.diff && cd - +fi + +if [[ -e /etc/puppet/modules/neutron/manifests/plugins/midonet.pp ]]; then + # Apply the released patch of Neutron Puppet to allow midonet manifests + wget https://github.com/openstack/puppet-neutron/commit/e4a79e348d110e7a80e042a045a671359f31c103.diff -O /etc/puppet/modules/neutron/midonet5.diff + cd /etc/puppet/modules/neutron && patch -p1 --force --forward < midonet5.diff && cd - +fi + +if [[ -e /etc/puppet/modules/neutron/manifests/plugins/midonet.pp ]]; then + # Apply the released patch of Neutron Puppet to allow midonet manifests + wget https://github.com/openstack/puppet-neutron/commit/3af5e9a40400bc7dc47cd7c265b5f126637c4ba3.diff -O /etc/puppet/modules/neutron/midonet6.diff + cd /etc/puppet/modules/neutron && patch -p1 --force --forward < midonet6.diff && cd - +fi + +exit 0 diff --git a/deployment_scripts/puppet/files/midonet-fuel-plugin.yaml b/deployment_scripts/puppet/files/midonet-fuel-plugin.yaml deleted file mode 100644 index 18a2eb2..0000000 --- a/deployment_scripts/puppet/files/midonet-fuel-plugin.yaml +++ /dev/null @@ -1,3 +0,0 @@ -neutron::core_plugin: 'midonet.neutron.plugin_v1.MidonetPluginV2' -neutron::agents::dhcp::interface_driver: 'neutron.agent.linux.interface.MidonetInterfaceDriver' -neutron::agents::dhcp::dhcp_driver: 'midonet.neutron.agent.midonet_driver.DhcpNoOpDriver' diff --git a/deployment_scripts/puppet/files/midonet.yaml b/deployment_scripts/puppet/files/midonet.yaml new file mode 100644 index 0000000..72b0679 --- /dev/null +++ b/deployment_scripts/puppet/files/midonet.yaml @@ -0,0 +1,11 @@ +neutron::core_plugin: 'midonet.neutron.plugin_v2.MidonetPluginV2' +neutron::service_plugins: + - midonet.neutron.services.firewall.plugin.MidonetFirewallPlugin + - lbaas + - midonet.neutron.services.l3.l3_midonet.MidonetL3ServicePlugin +horizon::neutron_options: + - enable_lb: true + - enable_firewall: true + +neutron::server::service_providers: + - LOADBALANCER:Midonet:midonet.neutron.services.loadbalancer.driver.MidonetLoadbalancerDriver:default diff --git a/deployment_scripts/puppet/files/startup-static.conf b/deployment_scripts/puppet/files/startup-static.conf new file mode 100644 index 0000000..bd902ff --- /dev/null +++ b/deployment_scripts/puppet/files/startup-static.conf @@ -0,0 +1,6 @@ +start on runlevel [123456] +stop on shutdown + +script + puppet apply --modulepath=/etc/fuel/plugins/midonet-4.1/puppet/modules:/etc/puppet/modules /etc/fuel/plugins/midonet-4.1/puppet/manifests/midonet-gateway-static.pp +end script diff --git a/deployment_scripts/puppet/files/startup.conf b/deployment_scripts/puppet/files/startup.conf index 14992b5..b646570 100644 --- a/deployment_scripts/puppet/files/startup.conf +++ b/deployment_scripts/puppet/files/startup.conf @@ -2,5 +2,5 @@ start on runlevel [123456] stop on shutdown script - puppet apply --modulepath=/etc/fuel/plugins/midonet-fuel-plugin-4.0/puppet/modules:/etc/puppet/modules /etc/fuel/plugins/midonet-fuel-plugin-4.0/puppet/manifests/midonet-gateway-bgp.pp + puppet apply --modulepath=/etc/fuel/plugins/midonet-4.1/puppet/modules:/etc/puppet/modules /etc/fuel/plugins/midonet-4.1/puppet/manifests/midonet-bp-interfaces.pp end script diff --git a/deployment_scripts/puppet/manifests/midonet-bgp-interfaces.pp b/deployment_scripts/puppet/manifests/midonet-bgp-interfaces.pp new file mode 100644 index 0000000..faee1fe --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-bgp-interfaces.pp @@ -0,0 +1,38 @@ +notice('MODULAR: midonet-bgp-interfaces.pp') + + +exec {'add veth interface': + path => '/usr/bin:/usr/sbin:/sbin', + command => 'ip link add gw-veth-br type veth peer name gw-veth-mn', + unless => 'ip l | /bin/grep gw-veth-br' +} -> + +exec {'set gw-veth-br interface up': + path => '/usr/bin:/usr/sbin:/sbin', + command => 'ip l set dev gw-veth-br up' +} -> + +exec {'set gw-veth-mn interface up': + path => '/usr/bin:/usr/sbin:/sbin', + command => 'ip l set dev gw-veth-mn up' +} -> + +exec {'add veth to bridge': + path => '/usr/bin:/usr/sbin:/sbin', + command => 'brctl addif br-ex gw-veth-br', + unless => 'brctl show br-ex | /bin/grep gw-veth-br' +} -> + +file {'/etc/sysconfig/network-scripts/ifcfg-p_br-floating-0': + ensure => absent, +} -> + +exec {'set up external bridge': + path => '/usr/bin:/usr/sbin:/sbin', + command => 'ip link set dev br-ex up' +} -> + +file {'/etc/init/midonet-network.conf': + ensure => present, + source => '/etc/fuel/plugins/midonet-4.1/puppet/files/startup.conf' +} diff --git a/deployment_scripts/puppet/manifests/midonet-cleanup-masquerade.pp b/deployment_scripts/puppet/manifests/midonet-cleanup-masquerade.pp new file mode 100644 index 0000000..233b9b0 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-cleanup-masquerade.pp @@ -0,0 +1,70 @@ + +notice('MODULAR: midonet-cleanup-masquerade.pp') +include ::stdlib + +$old_config = loadyamlv2('/etc/fuel/cluster/astute.yaml.old','notfound') + +# If it's a redeploy and the file exists we can proceed +if($old_config != 'notfound') +{ + $old_gw_type = $old_config['midonet']['gateway_type'] + if ($old_gw_type == 'static') { + + # Extract data from hiera + $access_data = $old_config['access'] + $keystone_admin_tenant = $access_data['tenant'] + $net_metadata = $old_config['network_metadata'] + $node_roles = $net_metadata['nodes'][$::hostname]['node_roles'] + $neutron_settings = $old_config['quantum_settings'] + $external_net_name = $neutron_settings['default_floating_net'] + $tenant_net_name = $neutron_settings['default_private_net'] + $predefined_nets = $neutron_settings['predefined_networks'] + $tenant_net = $predefined_nets[$tenant_net_name] + $external_net = $predefined_nets[$external_net_name] + + $old_midonet_settings = $old_config['midonet'] + $old_net_metadata = $old_config['network_metadata'] + $controllers_map = get_nodes_hash_by_roles($old_net_metadata, ['controller', 'primary-controller']) + + + $management_address = hiera('management_vip') + $username = $access_data['user'] + $password = $access_data['password'] + $tenant_name = $access_data['tenant'] + + $midonet_settings = $old_config['midonet'] + $floating_cidr = $midonet_settings['floating_cidr'] + $f_net_cidr = split($midonet_settings['floating_cidr'], '/') + + $static_linux_bridge_ip_netl = $midonet_settings['static_linux_bridge_address'] + $static_fake_edge_router_ip_netl = $midonet_settings['static_fake_edge_router_address'] + $static_use_masquerade = $midonet_settings['static_use_masquerade'] + + $static_linux_bridge_ip_address = split($static_linux_bridge_ip_netl,'/') + $static_fake_edge_router_ip_address = split($static_fake_edge_router_ip_netl,'/') + + $slbip_without_netl = $static_linux_bridge_ip_address[0] + + $gw_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-gw']) + $gw_mgmt_ip_hash = get_node_to_ipaddr_map_by_network_role($gw_hash, 'management') + $gw_mgmt_ip_list = values($gw_mgmt_ip_hash) + $gw_keys = keys($gw_hash) + + $nic = 'br-ex' + $fip = $old_midonet_settings['floating_cidr'] + + file { 'delete masquerade script': + ensure => present, + path => '/tmp/remove_router_interfaces.sh', + content => template('/etc/fuel/plugins/midonet-4.1/puppet/templates/cleanup_masquerade.sh.erb'), + } -> + + # Finally, execute the script + exec { 'run delete masquerade script': + command => '/bin/bash -x /tmp/cleanup_masquerade.sh 2>&1 | tee /tmp/cleanup_masq.out', + returns => ['0', '7'], + } + + + } +} diff --git a/deployment_scripts/puppet/manifests/midonet-cleanup-static-per-host.pp b/deployment_scripts/puppet/manifests/midonet-cleanup-static-per-host.pp new file mode 100644 index 0000000..2da2b75 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-cleanup-static-per-host.pp @@ -0,0 +1,24 @@ + +notice('MODULAR: midonet-cleanup-static-per-host.pp') + + exec {'drop the veth pair': + path => '/usr/bin:/usr/sbin:/sbin', + command => 'ip link delete veth0', + onlyif => 'ip l | /bin/grep -e veth0 -e veth1' + } -> + + exec {'shut off the uplinkbridge': + path => '/usr/bin:/usr/sbin:/sbin', + command => 'ifconfig uplinkbridge down', + onlyif => 'ip l | /bin/grep -e uplinkbridge' + } -> + + exec {'delete the uplinkbridge': + path => '/usr/bin:/usr/sbin:/sbin', + command => 'brctl delbr uplinkbridge', + onlyif => 'ip l | /bin/grep -e uplinkbridge' + } -> + + file {'/etc/init/midonet-network-static.conf': + ensure => absent, + } diff --git a/deployment_scripts/puppet/manifests/midonet-cleanup-static.pp b/deployment_scripts/puppet/manifests/midonet-cleanup-static.pp new file mode 100644 index 0000000..ac0bc1f --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-cleanup-static.pp @@ -0,0 +1,121 @@ + +notice('MODULAR: midonet-cleanup-static.pp') +include ::stdlib + +$old_config = loadyamlv2('/etc/fuel/cluster/astute.yaml.old','notfound') + +# If it's a redeploy and the file exists we can proceed +if($old_config != 'notfound') +{ + $old_gw_type = $old_config['midonet']['gateway_type'] + if ($old_gw_type == 'static') { + + # Extract data from hiera + $access_data = $old_config['access'] + $keystone_admin_tenant = $access_data['tenant'] + $net_metadata = $old_config['network_metadata'] + $node_roles = $net_metadata['nodes'][$::hostname]['node_roles'] + $neutron_settings = $old_config['quantum_settings'] + $external_net_name = $neutron_settings['default_floating_net'] + $tenant_net_name = $neutron_settings['default_private_net'] + $predefined_nets = $neutron_settings['predefined_networks'] + $tenant_net = $predefined_nets[$tenant_net_name] + $external_net = $predefined_nets[$external_net_name] + + $old_midonet_settings = $old_config['midonet'] + $old_net_metadata = $old_config['network_metadata'] + $controllers_map = get_nodes_hash_by_roles($old_net_metadata, ['controller', 'primary-controller']) + + + $management_address = hiera('management_vip') + $username = $access_data['user'] + $password = $access_data['password'] + $tenant_name = $access_data['tenant'] + + $midonet_settings = $old_config['midonet'] + $floating_cidr = $midonet_settings['floating_cidr'] + $f_net_cidr = split($midonet_settings['floating_cidr'], '/') + + $static_linux_bridge_ip_netl = $midonet_settings['static_linux_bridge_address'] + $static_fake_edge_router_ip_netl = $midonet_settings['static_fake_edge_router_address'] + $static_use_masquerade = $midonet_settings['static_use_masquerade'] + + $static_linux_bridge_ip_address = split($static_linux_bridge_ip_netl,'/') + $static_fake_edge_router_ip_address = split($static_fake_edge_router_ip_netl,'/') + + $slbip_without_netl = $static_linux_bridge_ip_address[0] + + $gw_hash = get_nodes_hash_by_roles($old_net_metadata, ['midonet-gw']) + $gw_mgmt_ip_hash = get_node_to_ipaddr_map_by_network_role($gw_hash, 'management') + $gw_mgmt_ip_list = values($gw_mgmt_ip_hash) + $gw_keys = keys($gw_hash) + + $gw_fqdn = $gw_hash[$gw_keys[0]]['fqdn'] + + $nic = 'br-ex' + $fip = $old_midonet_settings['floating_cidr'] + $edge_router = 'edge-router' + $veth0_ip = $static_linux_bridge_ip_address[0] + $veth1_ip = $static_fake_edge_router_ip_address[0] + $veth_network = generate_cidr_from_ip_netlength($static_linux_bridge_ip_netl) + $myhostname = $gw_mgmt_ip_list[0] + + package { 'python-neutronclient': + ensure => latest + } + + file { 'cleanup static script': + ensure => present, + path => '/tmp/cleanup_static_gateway.sh', + content => template('/etc/fuel/plugins/midonet-4.1/puppet/templates/cleanup_static_gateway.sh.erb'), + } + + # Finally, execute the script + exec { 'run gateway static cleanup script': + command => '/bin/bash -x /tmp/cleanup_static_gateway.sh 2>&1 | tee /tmp/cleanup.out', + returns => ['0', '7'], + } + + $ports_to_unbind = generate_router_interfaces_to_delete($gw_hash) + + file { 'delete router interfaces script': + ensure => present, + path => '/tmp/remove_router_interfaces.sh', + content => template('/etc/fuel/plugins/midonet-4.1/puppet/templates/remove_router_interfaces.sh.erb'), + } + + # Finally, execute the script + exec { 'run delete router interfaces script': + command => '/bin/bash -x /tmp/remove_router_interfaces.sh 2>&1 | tee /tmp/ri-delete.out', + returns => ['0', '7'], + } + + neutron_port { "port-static-${gw_fqdn}": + + ensure => absent, + network_name => 'edge-net', + binding_host_id => $gw_fqdn, + binding_profile => { + 'interface_name' => 'veth1' + }, + ip_address => [[$static_fake_edge_router_ip_address[0]],['0.0.0.0']], + } + + neutron_subnet { 'edge-subnet': + ensure => absent, + enable_dhcp => false, + cidr => generate_cidr_from_ip_netlength($static_linux_bridge_ip_netl), + tenant_id => $external_net['tenant'], + network_name => 'edge-net', + } + + Package['python-neutronclient'] + -> File['cleanup static script'] + -> Exec['run gateway static cleanup script'] + -> File['delete router interfaces script'] + -> Exec['run delete router interfaces script'] + -> Neutron_port<||> + -> Neutron_subnet['edge-subnet'] + + } +} diff --git a/deployment_scripts/puppet/manifests/midonet-compute-nova.pp b/deployment_scripts/puppet/manifests/midonet-compute-nova.pp index 906ef81..1d4b16c 100644 --- a/deployment_scripts/puppet/manifests/midonet-compute-nova.pp +++ b/deployment_scripts/puppet/manifests/midonet-compute-nova.pp @@ -30,7 +30,7 @@ $admin_password = try_get_value($neutron_config, 'keystone/admin_pas $admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services') $admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron') $region_name = hiera('region', 'RegionOne') -$auth_api_version = 'v2.0' +$auth_api_version = 'v3' $ssl_hash = hiera_hash('use_ssl', {}) $admin_identity_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http') @@ -74,9 +74,9 @@ Service['libvirt'] ~> Exec['destroy_libvirt_default_network'] # script called by qemu needs to manipulate the tap device file_line { 'clear_emulator_capabilities': - path => '/etc/libvirt/qemu.conf', - line => 'clear_emulator_capabilities = 0', - notify => Service['libvirt'] + path => '/etc/libvirt/qemu.conf', + line => 'clear_emulator_capabilities = 0', + notify => Service['libvirt'] } class { 'nova::compute::neutron': diff --git a/deployment_scripts/puppet/manifests/midonet-define-repositories.pp b/deployment_scripts/puppet/manifests/midonet-define-repositories.pp index d46db93..a761659 100644 --- a/deployment_scripts/puppet/manifests/midonet-define-repositories.pp +++ b/deployment_scripts/puppet/manifests/midonet-define-repositories.pp @@ -13,69 +13,69 @@ # under the License. notice('MODULAR: midonet-define-repositories.pp') -$midonet_settings = hiera('midonet-fuel-plugin') -$mem = $midonet_settings['mem'] -$mem_version = $midonet_settings['mem_version'] -$mem_user = $midonet_settings['mem_repo_user'] -$mem_password = $midonet_settings['mem_repo_password'] -$oss_version = 'v2015.06' - -$key_content = "-----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1 - -mI0ETb6aOgEEAMVw8Vnwk+zpDtsc0gSW10JEe48zKr2vpl9tQgWAFOPgOA1NglYM -w/xT6Rns7CrYxPR0cb3DeMFtFdMkfWXO0R6x4yHrozMDY/DpvwgYQclIIbcYYe0p -83nlBp793D2dSq60HWuXJu3oi0wQQuR0/jTmOnjxzCzu5jKdJeXihl95ABEBAAG0 -Jk1pZG9rdXJhIChNaWRva3VyYSkgPGluZm9AbWlkb2t1cmEuanA+iLgEEwECACIF -Ak2+mjoCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEGezjToFQxTNAp0D -/2c+PLnRFzEXCztXT+05xoO1mPzpm3x2p5ecVPGHR8IxhozlN9DDGDdnvNfMOhi6 -nv/G2l86+9Fj8Dz01ne0RZzZHSS1DF/zb6dMYrPJqiT1DXKH0Y73OL/+M7rsutEq -0B/DKhjdBfFPutk3gerEUZPNfIhScE3tnwCnVGJKPQbFuI0ETb6aOgEEANLJK3gm -Xrsp1VKnt663RoxZgoFQgQ6wHaZZWhULTteafjoThX9tj7FidR2+7qJLwpa57M9d -rib4OlbW+rE4PW199/Uqfy86gLv76Q2GZMpzaYB1ZZow0Ny1RTCwh7apkhR/8fCU -pq37aODQ4YwBpZC54iXVKfcntpdJFoObIqXtABEBAAGInwQYAQIACQUCTb6aOgIb -DAAKCRBns406BUMUzfzOBACKx4jChKTAl6HfldOxVN7o8DQpd5rgkHIEj062ym4Z -q5t2v3oaz0H0P2WV66MAhOujgX0V1duZi8fKHdIsdk0nvEa/mV0QS6pEAeZh+dbL -kKyu1J4MSi5l+L+te5XjYBGpoRa3ZGrIR3CkA0oQDCOh312SrcH6Tn9RBPChVSig -zg== -=zF5K ------END PGP PUBLIC KEY BLOCK-----" +$midonet_settings = hiera('midonet') +$mem = $midonet_settings['mem'] +$mem_version = $midonet_settings['mem_version'] +$mem_user = $midonet_settings['mem_repo_user'] +$mem_password = $midonet_settings['mem_repo_password'] +$midonet_version = '5.2' +$openstack_release = 'mitaka' include apt include apt::update +include midonet::params -# MidoNet Neutron plugin Liberty key -apt::source {'midonet_neutron_liberty': - comment => 'midonet plugin repository', - location => 'http://builds.midonet.org/openstack-liberty', - release => 'stable', - key => '99143E75', - key_source => 'https://builds.midonet.org/midorepo.key', - include_src => false -} if $mem { - apt::key { 'BC4E4E90DDA81C21396081CC67B38D3A054314CD': - key_content => $key_content - } -> + $midonet_repo_url = "http://${mem_user}:${mem_password}@${midonet::params::midonet_repo_baseurl}/mem-${mem_version}" +} +else { + $midonet_repo_url = "http://${midonet::params::midonet_repo_baseurl}/midonet-${midonet_version}" +} - # MEM 1.9 public key - apt::source {'midonet_oss': - comment => 'midonet repository', - location => "http://${mem_user}:${mem_password}@apt.midokura.com/midonet/${mem_version}/stable", - release => 'trusty', - include_src => false +apt::key { 'midorepo': + id => 'E9996503AEB005066261D3F38DDA494E99143E75', + source => $midonet::params::midonet_key_url +} -> + +apt::source {'midonet': + comment => 'Midonet apt repository', + location => $midonet_repo_url, + release => 'stable', + key => { + 'id' => 'E9996503AEB005066261D3F38DDA494E99143E75', + 'server' => 'subkeys.pgp.net', + }, + include => { + 'src' => false, } +} -> -} else { +apt::source {'midonet-openstack-integration': + comment => 'Midonet apt plugin repository', + location => "http://${midonet::params::midonet_repo_baseurl}/openstack-${openstack_release}", + release => 'stable', + include => { + 'src' => false, + } +} -> - # OSS 2015.06 - apt::source {'midonet_oss': - comment => 'midonet repository', - location => 'http://repo.midonet.org/midonet/v2015.06', - release => 'stable', - key => '50F18FCF', - key_source => 'http://repo.midonet.org/packages.midokura.key', - include_src => false +apt::source {'midonet-openstack-misc': + comment => 'Midonet 3rd party tools and libraries', + location => "http://${midonet::params::midonet_repo_baseurl}/misc", + release => 'stable', + include => { + 'src' => false, } } + +# Dummy exec to wrap apt_update +exec {'update-midonet-repos': + command => '/bin/true', + require => [Exec['apt_update'], + Apt::Source['midonet'], + Apt::Source['midonet-openstack-integration']] + +} + +Apt::Source<| |> -> Exec<| title == 'update-midonet-repos' |> diff --git a/deployment_scripts/puppet/manifests/midonet-edge-router-cleanup-bgp-gw.pp b/deployment_scripts/puppet/manifests/midonet-edge-router-cleanup-bgp-gw.pp new file mode 100644 index 0000000..a2fe151 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-edge-router-cleanup-bgp-gw.pp @@ -0,0 +1,20 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-edge-router-cleanup-bgp-gw.pp') + + + file {'/etc/init/midonet-network.conf': + ensure => absent, + source => '/etc/fuel/plugins/midonet-4.1/puppet/files/startup.conf' + } diff --git a/deployment_scripts/puppet/manifests/midonet-edge-router-cleanup-bgp.pp b/deployment_scripts/puppet/manifests/midonet-edge-router-cleanup-bgp.pp new file mode 100644 index 0000000..eb88070 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-edge-router-cleanup-bgp.pp @@ -0,0 +1,116 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-edge-router-cleanup-bgp.pp') + +include ::stdlib + +$old_config = loadyamlv2('/etc/fuel/cluster/astute.yaml.old','notfound') + +# If it's a redeploy and the file exists we can proceed +if($old_config != 'notfound') +{ + $old_gw_type = $old_config['midonet']['gateway_type'] + if ($old_gw_type == 'bgp') { + # Extract data from hiera + $access_data = $old_config['access'] + $management_address = hiera('management_vip') + $keystone_admin_tenant = $access_data['tenant'] + $net_metadata = $old_config['network_metadata'] + $gw_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-gw']) + $gw_keys = keys($gw_hash) + $neutron_settings = $old_config['quantum_settings'] + $external_net_name = $neutron_settings['default_floating_net'] + $tenant_net_name = $neutron_settings['default_private_net'] + $predefined_nets = $neutron_settings['predefined_networks'] + $tenant_net = $predefined_nets[$tenant_net_name] + $external_net = $predefined_nets[$external_net_name] + + $username = $access_data['user'] + $password = $access_data['password'] + $tenant_name = $access_data['tenant'] + + # Plugin settings data (overrides $external_net l3 values) + $midonet_settings = $old_config['midonet'] + $tz_type = $midonet_settings['tunnel_type'] + $floating_range_start = $midonet_settings['floating_ip_range_start'] + $floating_range_end = $midonet_settings['floating_ip_range_end'] + $floating_cidr = $midonet_settings['floating_cidr'] + $floating_gateway_ip = $midonet_settings['gateway'] + $bgp_local_as = $midonet_settings['bgp_local_as'] + $bgp_neighbors = $midonet_settings['bgp_neighbors'] + + $edge_router = 'edge-router' + + $allocation_pools = "start=${floating_range_start},end=${floating_range_end}" + + $myhostname = $gw_keys[0] + + $ports_to_unbind = generate_router_interfaces_list($bgp_neighbors) + + + file { 'delete router interfaces script': + ensure => present, + path => '/tmp/delete_router_interfaces_bgp.sh', + content => template('/etc/fuel/plugins/midonet-4.1/puppet/templates/delete_router_interfaces_bgp.sh.erb'), + } + + # Finally, execute the script + exec { 'run delete router interfaces script': + command => '/bin/bash -x /tmp/delete_router_interfaces_bgp.sh 2>&1 | tee /tmp/ri-delete-bgp.out', + returns => ['0', '7'], + } + + $defaults_for_subnet = { + ensure => absent, + enable_dhcp => false, + network_name => 'edge-net', + tenant_id => $external_net['tenant'] + } + + create_resources('neutron_subnet', + generate_bgp_edge_subnet_hash($bgp_neighbors), + $defaults_for_subnet) + + $defaults_for_port = { + ensure => absent, + network_name => 'edge-net', + binding_host_id => $gw_hash[$gw_keys[0]]['fqdn'], + binding_profile => { + 'interface_name' => 'gw-veth-mn' + }, + } + + create_resources('neutron_port', + generate_bgp_edge_port_hash($bgp_neighbors), + $defaults_for_port) + + midonet_gateway_bgp { 'edge-router': + ensure => absent, + bgp_local_as_number => $bgp_local_as, + username => $username, + password => $password, + tenant_name => $tenant_name, + midonet_api_url => "http://${management_address}:8181/midonet-api", + bgp_advertised_networks => $floating_cidr, + bgp_neighbors => generate_bgp_neighbors_for_gateway_bgp($bgp_neighbors) + } + + File['delete router interfaces script'] + -> Exec['run delete router interfaces script'] + -> Neutron_subnet<||> + -> Neutron_port<||> + -> Midonet_gateway_bgp['edge-router'] + } + +} diff --git a/deployment_scripts/puppet/manifests/midonet-edge-router-setup-bgp-gw.pp b/deployment_scripts/puppet/manifests/midonet-edge-router-setup-bgp-gw.pp new file mode 100644 index 0000000..2ce9e87 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-edge-router-setup-bgp-gw.pp @@ -0,0 +1,79 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-edge-router-setup-bgp-gw.pp') + +include ::stdlib +# Extract data from hiera +$access_data = hiera_hash('access') +$management_address = hiera('management_vip') +$keystone_admin_tenant = $access_data['tenant'] +$net_metadata = hiera_hash('network_metadata') +$gw_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-gw']) +$gw_keys = keys($gw_hash) +$neutron_settings = hiera('neutron_config') +$external_net_name = $neutron_settings['default_floating_net'] +$tenant_net_name = $neutron_settings['default_private_net'] +$predefined_nets = $neutron_settings['predefined_networks'] +$tenant_net = $predefined_nets[$tenant_net_name] +$external_net = $predefined_nets[$external_net_name] + +$username = $access_data['user'] +$password = $access_data['password'] +$tenant_name = $access_data['tenant'] + +# Plugin settings data (overrides $external_net l3 values) +$midonet_settings = hiera_hash('midonet') +$tz_type = $midonet_settings['tunnel_type'] +$floating_range_start = $midonet_settings['floating_ip_range_start'] +$floating_range_end = $midonet_settings['floating_ip_range_end'] +$floating_cidr = $midonet_settings['floating_cidr'] +$floating_gateway_ip = $midonet_settings['gateway'] +$bgp_local_as = $midonet_settings['bgp_local_as'] +$bgp_neighbors = $midonet_settings['bgp_neighbors'] + +$edge_router = 'edge-router' + +$allocation_pools = "start=${floating_range_start},end=${floating_range_end}" + +# Create one subnet per each network used. +$myhostname = $::fqdn + +$ports_to_bind = generate_router_interfaces_list($bgp_neighbors) + +package { 'python-neutronclient': + ensure => latest +} -> + +file { 'create router interfaces script': + ensure => present, + path => '/tmp/create_router_interfaces.sh', + content => template('/etc/fuel/plugins/midonet-4.1/puppet/templates/create_router_interfaces.sh.erb'), +} -> + +# Finally, execute the script +exec { 'run create router interfaces script': + command => '/bin/bash -x /tmp/create_router_interfaces.sh 2>&1 | tee /tmp/ri-create.out', + returns => ['0', '7'], +} -> + +midonet_gateway_bgp { 'edge-router': + ensure => present, + bgp_local_as_number => $bgp_local_as, + username => $username, + password => $password, + tenant_name => $tenant_name, + midonet_api_url => "http://${management_address}:8181/midonet-api", + bgp_advertised_networks => $floating_cidr, + bgp_neighbors => generate_bgp_neighbors_for_gateway_bgp($bgp_neighbors) +} diff --git a/deployment_scripts/puppet/manifests/midonet-edge-router-setup-bgp.pp b/deployment_scripts/puppet/manifests/midonet-edge-router-setup-bgp.pp new file mode 100644 index 0000000..856ff69 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-edge-router-setup-bgp.pp @@ -0,0 +1,81 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-edge-router-setup-bgp.pp') + +include ::stdlib +# Extract data from hiera +$access_data = hiera_hash('access') +$keystone_admin_tenant = $access_data['tenant'] +$net_metadata = hiera_hash('network_metadata') +$gw_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-gw']) +$gw_keys = keys($gw_hash) +$neutron_settings = hiera('neutron_config') +$external_net_name = $neutron_settings['default_floating_net'] +$tenant_net_name = $neutron_settings['default_private_net'] +$predefined_nets = $neutron_settings['predefined_networks'] +$tenant_net = $predefined_nets[$tenant_net_name] +$external_net = $predefined_nets[$external_net_name] + +$username = $access_data['user'] +$password = $access_data['password'] +$tenant_name = $access_data['tenant'] + +# Plugin settings data (overrides $external_net l3 values) +$midonet_settings = hiera_hash('midonet') +$tz_type = $midonet_settings['tunnel_type'] +$floating_range_start = $midonet_settings['floating_ip_range_start'] +$floating_range_end = $midonet_settings['floating_ip_range_end'] +$floating_cidr = $midonet_settings['floating_cidr'] +$floating_gateway_ip = $midonet_settings['gateway'] +$bgp_local_as = $midonet_settings['bgp_local_as'] +$bgp_neighbors = $midonet_settings['bgp_neighbors'] + +$edge_router = 'edge-router' + +$allocation_pools = "start=${floating_range_start},end=${floating_range_end}" + +# Create one subnet per each network used. + +if size($gw_keys) < 1 { + fail('A Midonet Gateway node is required to run on BGP mode') +} + +$defaults_for_subnet = { + ensure => present, + enable_dhcp => false, + network_name => 'edge-net', + tenant_id => $external_net['tenant'] +} + +create_resources('neutron_subnet', + generate_bgp_edge_subnet_hash($bgp_neighbors), + $defaults_for_subnet) + +$defaults_for_port = { + ensure => present, + network_name => 'edge-net', + binding_host_id => $gw_hash[$gw_keys[0]]['fqdn'], + binding_profile => { + 'interface_name' => 'gw-veth-mn' + }, +} + +create_resources('neutron_port', + generate_bgp_edge_port_hash($bgp_neighbors), + $defaults_for_port) + + + +Neutron_subnet<||> +-> Neutron_port<||> diff --git a/deployment_scripts/puppet/manifests/midonet-edge-router-setup-static-per-host.pp b/deployment_scripts/puppet/manifests/midonet-edge-router-setup-static-per-host.pp new file mode 100644 index 0000000..cba4e1c --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-edge-router-setup-static-per-host.pp @@ -0,0 +1,65 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-edge-router-setup-static-per-host.pp') + +include ::stdlib + +# Extract data from hiera +$access_data = hiera_hash('access') +$keystone_admin_tenant = $access_data['tenant'] +$net_metadata = hiera_hash('network_metadata') +$node_roles = $net_metadata['nodes'][$::hostname]['node_roles'] +$neutron_settings = hiera('neutron_config') +$external_net_name = $neutron_settings['default_floating_net'] +$tenant_net_name = $neutron_settings['default_private_net'] +$predefined_nets = $neutron_settings['predefined_networks'] +$tenant_net = $predefined_nets[$tenant_net_name] +$external_net = $predefined_nets[$external_net_name] + +# Plugin settings data (overrides $external_net l3 values) +$midonet_settings = hiera_hash('midonet') +$tz_type = $midonet_settings['tunnel_type'] +$floating_range_start = $midonet_settings['floating_ip_range_start'] +$floating_range_end = $midonet_settings['floating_ip_range_end'] +$floating_cidr = $midonet_settings['floating_cidr'] +$floating_gateway_ip = $midonet_settings['gateway'] +$bgp_subnets = $midonet_settings['bgp_cidr'] +$static_linux_bridge_ip_netl = $midonet_settings['static_linux_bridge_address'] +$static_fake_edge_router_ip_netl = $midonet_settings['static_fake_edge_router_address'] +$static_use_masquerade = $midonet_settings['static_use_masquerade'] + +$static_linux_bridge_ip_address = split($static_linux_bridge_ip_netl,'/') +$static_fake_edge_router_ip_address = split($static_fake_edge_router_ip_netl,'/') + +$allocation_pools = "start=${floating_range_start},end=${floating_range_end}" + +$gw_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-gw']) +$gw_mgmt_ip_hash = get_node_to_ipaddr_map_by_network_role($gw_hash, 'management') +$gw_mgmt_ip_list = values($gw_mgmt_ip_hash) +$gw_keys = keys($gw_hash) + +$gw_fqdn = $gw_hash[$gw_keys[0]]['fqdn'] + +# Warning: The 0.0.0.0 is there just to get away with a bug in puppet-neutron. +# It doesnt get evaluated but forces the type to get the correct value +neutron_port { "port-static-${gw_fqdn}": + + ensure => present, + network_name => 'edge-net', + binding_host_id => $gw_fqdn, + binding_profile => { + 'interface_name' => 'veth1' + }, + ip_address => [[$static_fake_edge_router_ip_address[0]],['0.0.0.0']], +} diff --git a/deployment_scripts/puppet/manifests/midonet-edge-router-setup-static.pp b/deployment_scripts/puppet/manifests/midonet-edge-router-setup-static.pp new file mode 100644 index 0000000..847080f --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-edge-router-setup-static.pp @@ -0,0 +1,55 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-edge-router-setup-static.pp') + +include ::stdlib +# Extract data from hiera +$access_data = hiera_hash('access') +$keystone_admin_tenant = $access_data['tenant'] +$net_metadata = hiera_hash('network_metadata') +$node_roles = $net_metadata['nodes'][$::hostname]['node_roles'] +$neutron_settings = hiera('neutron_config') +$external_net_name = $neutron_settings['default_floating_net'] +$tenant_net_name = $neutron_settings['default_private_net'] +$predefined_nets = $neutron_settings['predefined_networks'] +$tenant_net = $predefined_nets[$tenant_net_name] +$external_net = $predefined_nets[$external_net_name] + +# Plugin settings data (overrides $external_net l3 values) +$midonet_settings = hiera_hash('midonet') +$tz_type = $midonet_settings['tunnel_type'] +$floating_range_start = $midonet_settings['floating_ip_range_start'] +$floating_range_end = $midonet_settings['floating_ip_range_end'] +$floating_cidr = $midonet_settings['floating_cidr'] +$floating_gateway_ip = $midonet_settings['gateway'] +$static_linux_bridge_ip_netl = $midonet_settings['static_linux_bridge_address'] +$static_fake_edge_router_ip_netl = $midonet_settings['static_fake_edge_router_address'] +$static_use_masquerade = $midonet_settings['static_use_masquerade'] + +$static_linux_bridge_ip_address = split($static_linux_bridge_ip_netl,'/') +$static_fake_edge_router_ip_address = split($static_fake_edge_router_ip_netl,'/') + +$allocation_pools = "start=${floating_range_start},end=${floating_range_end}" + +package { 'python-neutronclient': + ensure => latest +} -> + +neutron_subnet { 'edge-subnet': + ensure => present, + enable_dhcp => false, + cidr => generate_cidr_from_ip_netlength($static_linux_bridge_ip_netl), + tenant_id => $external_net['tenant'], + network_name => 'edge-net', +} diff --git a/deployment_scripts/puppet/manifests/midonet-edge-router-setup.pp b/deployment_scripts/puppet/manifests/midonet-edge-router-setup.pp new file mode 100644 index 0000000..2d3d0f4 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-edge-router-setup.pp @@ -0,0 +1,51 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-edge-router-setup.pp') + +# Extract data from hiera +$access_data = hiera_hash('access') +$keystone_admin_tenant = $access_data['tenant'] +$net_metadata = hiera_hash('network_metadata') +$node_roles = $net_metadata['nodes'][$::hostname]['node_roles'] +$neutron_settings = hiera('neutron_config') +$external_net_name = $neutron_settings['default_floating_net'] +$tenant_net_name = $neutron_settings['default_private_net'] +$predefined_nets = $neutron_settings['predefined_networks'] +$tenant_net = $predefined_nets[$tenant_net_name] +$external_net = $predefined_nets[$external_net_name] + +# Plugin settings data (overrides $external_net l3 values) +$midonet_settings = hiera_hash('midonet') +$tz_type = $midonet_settings['tunnel_type'] +$floating_range_start = $midonet_settings['floating_ip_range_start'] +$floating_range_end = $midonet_settings['floating_ip_range_end'] +$floating_cidr = $midonet_settings['floating_cidr'] +$floating_gateway_ip = $midonet_settings['gateway'] + + +$allocation_pools = "start=${floating_range_start},end=${floating_range_end}" + +neutron_router { 'edge-router': + ensure => present, +} + +neutron_router_interface { "edge-router:${external_net_name}__subnet": + ensure => present, +} + +neutron_network { 'edge-net': + ensure => present, + tenant_id => $external_net['tenant'], + provider_network_type => 'uplink', +} diff --git a/deployment_scripts/puppet/manifests/midonet-enable-ip-forward.pp b/deployment_scripts/puppet/manifests/midonet-enable-ip-forward.pp index 3b9ad95..163fffa 100644 --- a/deployment_scripts/puppet/manifests/midonet-enable-ip-forward.pp +++ b/deployment_scripts/puppet/manifests/midonet-enable-ip-forward.pp @@ -18,6 +18,6 @@ sysctl::value { 'net.ipv4.ip_forward': } -> exec { 'load-sysctl': - command => "/sbin/sysctl -p /etc/sysctl.conf", + command => '/sbin/sysctl -p /etc/sysctl.conf', refreshonly => true } diff --git a/deployment_scripts/puppet/manifests/midonet-gateway-bgp.pp b/deployment_scripts/puppet/manifests/midonet-gateway-bgp.pp deleted file mode 100644 index 340eaee..0000000 --- a/deployment_scripts/puppet/manifests/midonet-gateway-bgp.pp +++ /dev/null @@ -1,67 +0,0 @@ -$management_address = hiera('management_vip') -$access_data = hiera_hash('access') -$username = $access_data['user'] -$password = $access_data['password'] -$tenant_name = $access_data['tenant'] - -$midonet_settings = hiera_hash('midonet-fuel-plugin') -$f_net_cidr = split($midonet_settings['floating_cidr'], '/') -$remote_peers = generate_remote_peers($midonet_settings) - -$nodes_hash = hiera('nodes') -$node = filter_nodes($nodes_hash, 'fqdn', $::fqdn) -$gw_ip = $node[0]['public_address'] -$gw_mask = $node[0]['public_netmask'] -$net_hash = public_network_hash($gw_ip, $gw_mask) -$bgp_subnet = split($midonet_settings['bgp_cidr'], '/') -$bgp_subnet_ip = $bgp_subnet[0] -$bgp_subnet_cidr = $bgp_subnet[1] - -exec {"add veth interface": - path => "/usr/bin:/usr/sbin:/sbin", - command => "ip link add gw-veth-br type veth peer name gw-veth-mn", - unless => "ip l | /bin/grep gw-veth-br" -} -> - -exec {"set gw-veth-br interface up": - path => "/usr/bin:/usr/sbin:/sbin", - command => "ip l set dev gw-veth-br up" -} -> - -exec {"set gw-veth-mn interface up": - path => "/usr/bin:/usr/sbin:/sbin", - command => "ip l set dev gw-veth-mn up" -} -> - -exec {"add veth to bridge": - path => "/usr/bin:/usr/sbin:/sbin", - command => "brctl addif br-ex gw-veth-br", - unless => "brctl show br-ex | /bin/grep gw-veth-br" -} -> - -file {"/etc/sysconfig/network-scripts/ifcfg-p_br-floating-0": - ensure => absent, -} -> - -exec {"set up external bridge": - path => "/usr/bin:/usr/sbin:/sbin", - command => "ip link set dev br-ex up" -} -> - -file {"/etc/init/midonet-network.conf": - ensure => present, - source => "/etc/fuel/plugins/midonet-fuel-plugin-4.0/puppet/files/startup.conf" -} -> - -midonet_gateway { $::fqdn: - ensure => present, - midonet_api_url => "http://${management_address}:8081/midonet-api", - username => $username, - password => $password, - tenant_name => $tenant_name, - interface => 'gw-veth-mn', - local_as => $midonet_settings['local_as'], - bgp_port => { 'port_address' => $midonet_settings['bgp_ip'], 'net_prefix' => $bgp_subnet_ip, 'net_length' => $bgp_subnet_cidr }, - remote_peers => $remote_peers, - advertise_net => [{ 'net_prefix' => $f_net_cidr[0], 'net_length' => $f_net_cidr[1]}] -} diff --git a/deployment_scripts/puppet/manifests/midonet-gateway-static-router-ifaces.pp b/deployment_scripts/puppet/manifests/midonet-gateway-static-router-ifaces.pp new file mode 100644 index 0000000..f6e2665 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-gateway-static-router-ifaces.pp @@ -0,0 +1,56 @@ + +notice('MODULAR: midonet-gateway-static-router-ifaces.pp') + +$management_address = hiera('management_vip') +$access_data = hiera_hash('access') +$username = $access_data['user'] +$password = $access_data['password'] +$tenant_name = $access_data['tenant'] + +$midonet_settings = hiera_hash('midonet') +$floating_cidr = $midonet_settings['floating_cidr'] +$f_net_cidr = split($midonet_settings['floating_cidr'], '/') + +$nodes_hash = hiera('nodes') +$node = filter_nodes($nodes_hash, 'fqdn', $::fqdn) +$gw_ip = $node[0]['public_address'] +$gw_mask = $node[0]['public_netmask'] +$net_hash = public_network_hash($gw_ip, $gw_mask) + +$static_linux_bridge_ip_netl = $midonet_settings['static_linux_bridge_address'] +$static_fake_edge_router_ip_netl = $midonet_settings['static_fake_edge_router_address'] +$static_use_masquerade = $midonet_settings['static_use_masquerade'] + +$static_linux_bridge_ip_address = split($static_linux_bridge_ip_netl,'/') +$static_fake_edge_router_ip_address = split($static_fake_edge_router_ip_netl,'/') + +$slbip_without_netl = $static_linux_bridge_ip_address[0] + +$net_metadata = hiera_hash('network_metadata') + +$gw_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-gw']) +$gw_keys = keys($gw_hash) + +$gw_fqdn = $gw_hash[$gw_keys[0]]['fqdn'] + +$ports_to_bind = "port-static-${gw_fqdn}" + +$edge_router = 'edge-router' + +$myhostname = $::fqdn + +package { 'python-neutronclient': + ensure => latest +} -> + +file { 'create router interfaces script': + ensure => present, + path => '/tmp/create_router_interfaces_static.sh', + content => template('/etc/fuel/plugins/midonet-4.1/puppet/templates/create_router_interfaces_static.sh.erb'), +} -> + +# Finally, execute the script +exec { 'run create router interfaces script': + command => '/bin/bash -x /tmp/create_router_interfaces_static.sh 2>&1 | tee /tmp/ri-create.out', + returns => ['0', '7'], +} diff --git a/deployment_scripts/puppet/manifests/midonet-gateway-static.pp b/deployment_scripts/puppet/manifests/midonet-gateway-static.pp new file mode 100644 index 0000000..1320d97 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-gateway-static.pp @@ -0,0 +1,47 @@ + +notice('MODULAR: midonet-gateway-static.pp') + +$management_address = hiera('management_vip') +$access_data = hiera_hash('access') +$username = $access_data['user'] +$password = $access_data['password'] +$tenant_name = $access_data['tenant'] + +$midonet_settings = hiera_hash('midonet') +$floating_cidr = $midonet_settings['floating_cidr'] +$f_net_cidr = split($midonet_settings['floating_cidr'], '/') + +$nodes_hash = hiera('nodes') +$node = filter_nodes($nodes_hash, 'fqdn', $::fqdn) +$gw_ip = $node[0]['public_address'] +$gw_mask = $node[0]['public_netmask'] +$net_hash = public_network_hash($gw_ip, $gw_mask) + +$static_linux_bridge_ip_netl = $midonet_settings['static_linux_bridge_address'] +$static_fake_edge_router_ip_netl = $midonet_settings['static_fake_edge_router_address'] +$static_use_masquerade = $midonet_settings['static_use_masquerade'] + +$static_linux_bridge_ip_address = split($static_linux_bridge_ip_netl,'/') +$static_fake_edge_router_ip_address = split($static_fake_edge_router_ip_netl,'/') + +$slbip_without_netl = $static_linux_bridge_ip_address[0] + +class { 'midonet::gateway::static': + nic => 'br-ex', + fip => $floating_cidr, + edge_router => 'edge-router', + veth0_ip => $static_linux_bridge_ip_address[0], + veth1_ip => $static_fake_edge_router_ip_address[0], + veth_network => generate_cidr_from_ip_netlength($static_linux_bridge_ip_netl), + scripts_dir => '/tmp', + uplink_script => 'create_fake_uplink_l2.sh', + ensure_scripts => 'present', + masquerade => $static_use_masquerade? {true => 'on' ,default => 'off' } +} +contain ::midonet::gateway::static + +file {'/etc/init/midonet-network-static.conf': + ensure => present, + source => '/etc/fuel/plugins/midonet-4.1/puppet/files/startup-static.conf', + require => Exec['run gateway static creation script'] +} diff --git a/deployment_scripts/puppet/manifests/midonet-generate-openrc-for-gw.pp b/deployment_scripts/puppet/manifests/midonet-generate-openrc-for-gw.pp new file mode 100644 index 0000000..5d278e9 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-generate-openrc-for-gw.pp @@ -0,0 +1,57 @@ +# Copyright 2015 Midokura SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-generate-openrc-for-gw.pp') + +$access_hash = hiera_hash('access', {}) +$keystone_hash = hiera_hash('keystone', {}) +$admin_tenant = $access_hash['tenant'] +$admin_email = $access_hash['email'] +$admin_user = $access_hash['user'] +$admin_password = $access_hash['password'] +$ssl_hash = hiera_hash('use_ssl', {}) +$management_vip = hiera('management_vip') +$service_endpoint = hiera('service_endpoint', $management_vip) +$internal_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http') +$internal_address = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$service_endpoint, $management_vip]) +$internal_port = '5000' +$internal_url = "${internal_protocol}://${internal_address}:${internal_port}" +$region = hiera('region', 'RegionOne') +$auth_suffix = pick($keystone_hash['auth_suffix'], '/') +$auth_url = "${internal_url}${auth_suffix}" + + +$murano_settings_hash = hiera_hash('murano_settings', {}) +if has_key($murano_settings_hash, 'murano_repo_url') { + $murano_repo_url = $murano_settings_hash['murano_repo_url'] +} else { + $murano_repo_url = 'http://storage.apps.openstack.org' +} + +$murano_hash = hiera_hash('murano', {}) +$murano_plugins = pick($murano_hash['plugins'], {}) +if has_key($murano_plugins, 'glance_artifacts_plugin') { + $murano_glare_plugin = $murano_plugins['glance_artifacts_plugin']['enabled'] +} else { + $murano_glare_plugin = false +} + +osnailyfacter::credentials_file { '/root/openrc': + admin_user => $admin_user, + admin_password => $admin_password, + admin_tenant => $admin_tenant, + region_name => $region, + auth_url => $auth_url, + murano_repo_url => $murano_repo_url, + murano_glare_plugin => $murano_glare_plugin, +} diff --git a/deployment_scripts/puppet/manifests/midonet-host-registry.pp b/deployment_scripts/puppet/manifests/midonet-host-registry.pp index 399b47b..459caaf 100644 --- a/deployment_scripts/puppet/manifests/midonet-host-registry.pp +++ b/deployment_scripts/puppet/manifests/midonet-host-registry.pp @@ -21,7 +21,7 @@ $password = $access_data['password'] $tenant_name = $access_data['tenant'] # Plugin settings data -$midonet_settings = hiera_hash('midonet-fuel-plugin') +$midonet_settings = hiera_hash('midonet') $tz_type = $midonet_settings['tunnel_type'] $service_path = $operatingsystem ? { @@ -37,7 +37,7 @@ exec {'service midolman restart': midonet_host_registry {$::fqdn: ensure => present, - midonet_api_url => "http://${api_ip}:8081", + midonet_api_url => "http://${api_ip}:8181", username => $username, password => $password, tenant_name => $tenant_name, diff --git a/deployment_scripts/puppet/manifests/midonet-install-agent.pp b/deployment_scripts/puppet/manifests/midonet-install-agent.pp index aac0de1..704331c 100644 --- a/deployment_scripts/puppet/manifests/midonet-install-agent.pp +++ b/deployment_scripts/puppet/manifests/midonet-install-agent.pp @@ -14,18 +14,24 @@ notice('MODULAR: midonet-install-agent.pp') # Extract data from hiera -$network_metadata = hiera_hash('network_metadata') -$neutron_config = hiera_hash('neutron_config') +$midonet_settings = hiera('midonet') +$net_metadata = hiera_hash('network_metadata') +$neutron_config = hiera_hash('quantum_settings') $segmentation_type = $neutron_config['L2']['segmentation_type'] -$nsdb_hash = get_nodes_hash_by_roles($network_metadata, ['nsdb']) -$nsdb_mgmt_ips = get_node_to_ipaddr_map_by_network_role($nsdb_hash, 'management') -$zoo_ips_hash = generate_api_zookeeper_ips(values($nsdb_mgmt_ips)) -$cass_ips = values($nsdb_mgmt_ips) -$api_ip = hiera('management_vip') -$access_data = hiera_hash('access') -$username = $access_data['user'] -$password = $access_data['password'] -$tenant_name = $access_data['tenant'] +$nsdb_hash = get_nodes_hash_by_roles($net_metadata, ['nsdb']) +$nsdb_mgmt_ips = get_node_to_ipaddr_map_by_network_role($nsdb_hash, 'management') +$zoo_ips_hash = generate_api_zookeeper_ips(values($nsdb_mgmt_ips)) +$api_ip = hiera('management_vip') +$access_data = hiera_hash('access') +$username = $access_data['user'] +$password = $access_data['password'] +$tenant_name = $access_data['tenant'] +$mem = $midonet_settings['mem'] +$mem_user = $midonet_settings['mem_repo_user'] +$mem_password = $midonet_settings['mem_repo_password'] +$metadata_hash = hiera_hash('quantum_settings', {}) +$metadata_secret = pick($metadata_hash['metadata']['metadata_proxy_shared_secret'], 'root') + $ovsdb_service_name = $operatingsystem ? { 'CentOS' => 'openvswitch', @@ -50,13 +56,18 @@ package {$openvswitch_package: ensure => purged } -> -class {'::midonet::midonet_agent': - zk_servers => $zoo_ips_hash, - cassandra_seeds => $cass_ips +class {'::midonet::agent': + zookeeper_hosts => $zoo_ips_hash, + is_mem => $mem, + mem_username => $mem_user, + mem_password => $mem_password, + metadata_port => '8775', + shared_secret => $metadata_secret, + controller_host => $api_ip } -> -class {'::midonet::midonet_cli': - api_endpoint => "http://${api_ip}:8081/midonet-api", +class {'::midonet::cli': + api_endpoint => "http://${api_ip}:8181/midonet-api", username => $username, password => $password, tenant_name => $tenant_name, @@ -76,7 +87,7 @@ if $segmentation_type =='tun' { } exec {'/usr/bin/mm-dpctl --delete-dp ovs-system': - path => "/usr/bin:/usr/sbin:/bin", + path => '/usr/bin:/usr/sbin:/bin', onlyif => '/usr/bin/mm-dpctl --show-dp ovs-system', - require => Class['::midonet::midonet_agent'] + require => Class['::midonet::agent'] } diff --git a/deployment_scripts/puppet/manifests/midonet-install-analytics.pp b/deployment_scripts/puppet/manifests/midonet-install-analytics.pp new file mode 100644 index 0000000..347b24a --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-install-analytics.pp @@ -0,0 +1,71 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-install-analytics.pp') +include ::stdlib + +# Extract data from hiera +$ssl_hash = hiera_hash('use_ssl', {}) + +$midonet_settings = hiera('midonet') +$net_metadata = hiera_hash('network_metadata') +$controllers_map = get_nodes_hash_by_roles($net_metadata, ['controller', 'primary-controller']) +$controllers_mgmt_ips = get_node_to_ipaddr_map_by_network_role($controllers_map, 'management') +$nsdb_hash = get_nodes_hash_by_roles($net_metadata, ['nsdb']) +$nsdb_mgmt_ips = get_node_to_ipaddr_map_by_network_role($nsdb_hash, 'management') +$zoo_ips_hash = generate_api_zookeeper_ips(values($nsdb_mgmt_ips)) +$management_vip = hiera('management_vip') +$public_vip = hiera('public_vip') +$keystone_data = hiera_hash('keystone') +$access_data = hiera_hash('access') +$public_ssl_hash = hiera('public_ssl') +$cass_ips = values($nsdb_mgmt_ips) +$mem = $midonet_settings['mem'] +$admin_identity_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http') +$metadata_hash = hiera_hash('quantum_settings', {}) +$metadata_secret = pick($metadata_hash['metadata']['metadata_proxy_shared_secret'], 'root') + +$ana_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-analytics']) +$ana_mgmt_ip_hash = get_node_to_ipaddr_map_by_network_role($ana_hash, 'management') +$ana_mgmt_ip_list = values($ana_mgmt_ip_hash) +$ana_keys = keys($ana_hash) + +$ana_mgmt_ip = empty($ana_keys)? {true => $public_vip , default => $ana_mgmt_ip_list[0] } + +#Add MEM analytics class +class {'midonet::analytics': + zookeeper_hosts => $zoo_ips_hash, + is_mem => true, + manage_repo => false, + heap_size_gb => '3', +} + +class { 'firewall': } + +firewall {'507 Midonet analytics': + port => '8080', + proto => 'tcp', + action => 'accept', +} + +firewall {'508 Midonet clio': + port => '5000', + proto => 'tcp', + action => 'accept', +} + +firewall {'509 Midonet flow history': + port => '5001', + proto => 'tcp', + action => 'accept', +} diff --git a/deployment_scripts/puppet/manifests/midonet-install-api.pp b/deployment_scripts/puppet/manifests/midonet-install-api.pp deleted file mode 100644 index 030a73c..0000000 --- a/deployment_scripts/puppet/manifests/midonet-install-api.pp +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright 2016 Midokura, SARL. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -notice('MODULAR: midonet-install-api.pp') - -# Extract data from hiera -$network_metadata = hiera_hash('network_metadata') -$controllers_map = get_nodes_hash_by_roles($network_metadata, ['controller', 'primary-controller']) -$controllers_mgmt_ips = get_node_to_ipaddr_map_by_network_role($controllers_map, 'management') -$nsdb_hash = get_nodes_hash_by_roles($network_metadata, ['nsdb']) -$nsdb_mgmt_ips = get_node_to_ipaddr_map_by_network_role($nsdb_hash, 'management') -$zoo_ips_hash = generate_api_zookeeper_ips(values($nsdb_mgmt_ips)) -$management_vip = hiera('management_vip') -$public_vip = hiera('public_vip') -$keystone_data = hiera_hash('keystone') -$access_data = hiera_hash('access') -$public_ssl_hash = hiera('public_ssl') - -file_line {'disable_ipv6': - path => '/etc/default/tomcat7', - line => 'JAVA_OPTS="${JAVA_OPTS} -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses"' -} -> - -class {'::midonet::midonet_api': - zk_servers => $zoo_ips_hash, - keystone_auth => true, - keystone_host => $management_vip, - keystone_admin_token => $keystone_data['admin_token'], - keystone_tenant_name => $access_data['tenant'], - bind_address => $::ipaddress_br_mgmt, - api_ip => $public_vip, - api_port => '8081', -} - -# HA proxy configuration -Haproxy::Service { use_include => true } -Haproxy::Balancermember { use_include => true } - -Openstack::Ha::Haproxy_service { - server_names => keys($controllers_mgmt_ips), - ipaddresses => values($controllers_mgmt_ips), - public_virtual_ip => $public_vip, - internal_virtual_ip => $management_vip -} - -openstack::ha::haproxy_service { 'midonetapi': - order => 199, - listen_port => 8081, - balancermember_port => 8081, - define_backups => true, - before_start => true, - public => true, - haproxy_config_options => { - 'balance' => 'roundrobin', - 'option' => ['httplog'], - }, - balancermember_options => 'check', -} - -exec { 'haproxy reload': - command => 'export OCF_ROOT="/usr/lib/ocf"; (ip netns list | grep haproxy) && ip netns exec haproxy /usr/lib/ocf/resource.d/fuel/ns_haproxy reload', - path => '/usr/bin:/usr/sbin:/bin:/sbin', - logoutput => true, - provider => 'shell', - tries => 10, - try_sleep => 10, - returns => [0, ''], -} - -Haproxy::Listen <||> -> Exec['haproxy reload'] -Haproxy::Balancermember <||> -> Exec['haproxy reload'] - -class { 'firewall': } - -firewall {'502 Midonet api': - port => '8081', - proto => 'tcp', - action => 'accept', -} diff --git a/deployment_scripts/puppet/manifests/midonet-install-cluster.pp b/deployment_scripts/puppet/manifests/midonet-install-cluster.pp new file mode 100644 index 0000000..8d17c0b --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-install-cluster.pp @@ -0,0 +1,107 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-install-cluster.pp') + +# Extract data from hiera +$ssl_hash = hiera_hash('use_ssl', {}) + +$midonet_settings = hiera('midonet') +$net_metadata = hiera_hash('network_metadata') +$controllers_map = get_nodes_hash_by_roles($net_metadata, ['controller', 'primary-controller']) +$controllers_mgmt_ips = get_node_to_ipaddr_map_by_network_role($controllers_map, 'management') +$nsdb_hash = get_nodes_hash_by_roles($net_metadata, ['nsdb']) +$nsdb_mgmt_ips = get_node_to_ipaddr_map_by_network_role($nsdb_hash, 'management') +$zoo_ips_hash = generate_api_zookeeper_ips(values($nsdb_mgmt_ips)) +$management_vip = hiera('management_vip') +$public_vip = hiera('public_vip') +$keystone_data = hiera_hash('keystone') +$access_data = hiera_hash('access') +$public_ssl_hash = hiera('public_ssl') +$cass_ips = values($nsdb_mgmt_ips) +$mem = $midonet_settings['mem'] +$admin_identity_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http') +$metadata_hash = hiera_hash('quantum_settings', {}) +$metadata_secret = pick($metadata_hash['metadata']['metadata_proxy_shared_secret'], 'root') + +$ana_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-analytics']) +$ana_mgmt_ip_hash = get_node_to_ipaddr_map_by_network_role($ana_hash, 'management') +$ana_mgmt_ip_list = values($ana_mgmt_ip_hash) +$ana_keys = keys($ana_hash) + +$ana_mgmt_ip = empty($ana_keys)? {true => $public_vip , default => $ana_mgmt_ip_list[0] } + +$insights = $midonet_settings['mem_insights'] + +include ::stdlib +class {'::midonet::cluster': + is_mem => $mem, + zookeeper_hosts => $zoo_ips_hash, + cassandra_servers => $cass_ips, + cassandra_rep_factor => size($nsdb_hash), + keystone_host => $management_vip, + keystone_admin_token => $keystone_data['admin_token'], + keystone_tenant_name => $access_data['tenant'], + keystone_protocol => $admin_identity_protocol, + cluster_port => '8181', + is_insights => $insights, + analytics_ip => $ana_mgmt_ip, + max_heap_size => '2048M', + heap_newsize => '1024M' +} + +# HA proxy configuration +Haproxy::Service { use_include => true } +Haproxy::Balancermember { use_include => true } + +Openstack::Ha::Haproxy_service { + server_names => keys($controllers_mgmt_ips), + ipaddresses => values($controllers_mgmt_ips), + public_virtual_ip => $public_vip, + internal_virtual_ip => $management_vip +} + +openstack::ha::haproxy_service { 'midonetcluster': + order => 199, + listen_port => 8181, + balancermember_port => 8181, + define_backups => true, + before_start => true, + public => true, + haproxy_config_options => { + 'balance' => 'roundrobin', + 'option' => ['httplog'], + }, + balancermember_options => 'check', +} + +exec { 'haproxy reload': + command => 'export OCF_ROOT="/usr/lib/ocf"; (ip netns list | grep haproxy) && ip netns exec haproxy /usr/lib/ocf/resource.d/fuel/ns_haproxy reload', + path => '/usr/bin:/usr/sbin:/bin:/sbin', + logoutput => true, + provider => 'shell', + tries => 10, + try_sleep => 10, + returns => [0, ''], +} + +Haproxy::Listen <||> -> Exec['haproxy reload'] +Haproxy::Balancermember <||> -> Exec['haproxy reload'] + +class { 'firewall': } + +firewall {'502 Midonet cluster': + port => '8181', + proto => 'tcp', + action => 'accept', +} diff --git a/deployment_scripts/puppet/manifests/midonet-install-java8.pp b/deployment_scripts/puppet/manifests/midonet-install-java8.pp new file mode 100644 index 0000000..2d9674c --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-install-java8.pp @@ -0,0 +1,17 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-install-java8.pp') + +class { '::midonet_openstack::profile::midojava::midojava': +} diff --git a/deployment_scripts/puppet/manifests/midonet-install-mem.pp b/deployment_scripts/puppet/manifests/midonet-install-mem.pp new file mode 100644 index 0000000..d7d5cc1 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-install-mem.pp @@ -0,0 +1,215 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-install-mem.pp') +include ::stdlib + +# Extract data from hiera +$ssl_hash = hiera_hash('use_ssl', {}) + +$midonet_settings = hiera('midonet') +$net_metadata = hiera_hash('network_metadata') +$controllers_map = get_nodes_hash_by_roles($net_metadata, ['controller', 'primary-controller']) +$controllers_mgmt_ips = get_node_to_ipaddr_map_by_network_role($controllers_map, 'management') +$nsdb_hash = get_nodes_hash_by_roles($net_metadata, ['nsdb']) +$nsdb_mgmt_ips = get_node_to_ipaddr_map_by_network_role($nsdb_hash, 'management') +$zoo_ips_hash = generate_api_zookeeper_ips(values($nsdb_mgmt_ips)) +$management_vip = hiera('management_vip') +$public_vip = hiera('public_vip') +$keystone_data = hiera_hash('keystone') +$access_data = hiera_hash('access') +$public_ssl_hash = hiera('public_ssl') +$cass_ips = values($nsdb_mgmt_ips) +$mem = $midonet_settings['mem'] +$admin_identity_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http') +$metadata_hash = hiera_hash('quantum_settings', {}) +$metadata_secret = pick($metadata_hash['metadata']['metadata_proxy_shared_secret'], 'root') + +$ana_hash = get_nodes_hash_by_roles($net_metadata, ['midonet-analytics']) +$ana_mgmt_ip_hash = get_node_to_ipaddr_map_by_network_role($ana_hash, 'management') +$ana_mgmt_ip_list = values($ana_mgmt_ip_hash) +$ana_keys = keys($ana_hash) + +$ana_mgmt_ip = empty($ana_keys)? {true => $public_vip , default => $ana_mgmt_ip_list[0] } + + +$public_ssl = hiera_hash('public_ssl') +$ssl_horizon = $public_ssl['horizon'] + +$is_insights = $midonet_settings['mem_insights'] + +service { 'apache2': + ensure => running, + enable => true, + hasrestart => true, + hasstatus => true, +} + +#Add MEM manager class +class {'midonet::mem': + cluster_ip => $public_vip, + analytics_ip => $public_vip, + is_insights => $is_insights, + mem_api_port => '', + mem_trace_port => '', + mem_analytics_port => '', + mem_subscription_port => '', + mem_fabric_port => '', +} + + exec { 'a2enmod headers': + path => '/usr/bin:/usr/sbin:/bin', + alias => 'enable-mod-headers', + creates => '/etc/apache2/mods-enabled/headers.load', + notify => Service['apache2'], + tag => 'a2enmod-mem' + } + + exec { 'a2enmod proxy': + path => '/usr/bin:/usr/sbin:/bin', + alias => 'enable-mod-proxy', + creates => '/etc/apache2/mods-enabled/proxy.load', + notify => Service['apache2'], + tag => 'a2enmod-mem' + } + + exec { 'a2enmod proxy_http': + path => '/usr/bin:/usr/sbin:/bin', + alias => 'enable-mod-proxy-http', + creates => '/etc/apache2/mods-enabled/proxy_http.load', + notify => Service['apache2'], + tag => 'a2enmod-mem' + } + + exec { 'a2enmod proxy_wstunnel': + path => '/usr/bin:/usr/sbin:/bin', + alias => 'enable-mod-proxy-wstunnel', + creates => '/etc/apache2/mods-enabled/proxy_wstunnel.load', + notify => Service['apache2'], + tag => 'a2enmod-mem' + } + + exec { 'a2enmod ssl': + path => '/usr/bin:/usr/sbin:/bin', + alias => 'enable-mod-ssl', + creates => '/etc/apache2/mods-enabled/ssl.load', + notify => Service['apache2'], + tag => 'a2enmod-mem' + } + +file { 'mem-vhost': + ensure => present, + path => '/etc/apache2/sites-available/30-midonet-mem.conf', + content => template('/etc/fuel/plugins/midonet-4.1/puppet/templates/vhost_mem_manager.erb'), +} + +exec { 'a2ensite 30-midonet-mem': + path => '/usr/bin:/usr/sbin:/bin', + alias => 'enable-mem-vhost', + creates => '/etc/apache2/sites-enabled/30-midonet-mem.conf', + notify => Service['apache2'], +} + +Exec<| tag == 'a2enmod-mem' |> +-> File['mem-vhost'] +-> Exec['a2ensite 30-midonet-mem'] + +if ($is_insights) +{ + # HA proxy configuration + Haproxy::Service { use_include => true } + Haproxy::Balancermember { use_include => true } + + Openstack::Ha::Haproxy_service { + server_names => keys($controllers_mgmt_ips), + ipaddresses => values($controllers_mgmt_ips), + public_virtual_ip => $public_vip, + internal_virtual_ip => $management_vip + } + + openstack::ha::haproxy_service { 'midonetsubscriptions': + order => 200, + listen_port => 8007, + balancermember_port => 8007, + define_backups => true, + before_start => true, + public => true, + haproxy_config_options => { + 'balance' => 'roundrobin', + 'option' => ['httplog'], + }, + balancermember_options => 'check', + } + + openstack::ha::haproxy_service { 'midonettrace': + order => 201, + listen_port => 8460, + balancermember_port => 8460, + define_backups => true, + before_start => true, + public => true, + haproxy_config_options => { + 'balance' => 'roundrobin', + 'option' => ['httplog'], + }, + balancermember_options => 'check', + } + + openstack::ha::haproxy_service { 'midonetfabric': + order => 202, + listen_port => 8009, + balancermember_port => 8009, + define_backups => true, + before_start => true, + public => true, + haproxy_config_options => { + 'balance' => 'roundrobin', + 'option' => ['httplog'], + }, + balancermember_options => 'check', + } + + exec { 'haproxy reload': + command => 'export OCF_ROOT="/usr/lib/ocf"; (ip netns list | grep haproxy) && ip netns exec haproxy /usr/lib/ocf/resource.d/fuel/ns_haproxy reload', + path => '/usr/bin:/usr/sbin:/bin:/sbin', + logoutput => true, + provider => 'shell', + tries => 10, + try_sleep => 10, + returns => [0, ''], + } + + Haproxy::Listen <||> -> Exec['haproxy reload'] + Haproxy::Balancermember <||> -> Exec['haproxy reload'] + + class { 'firewall': } + + firewall {'504 Midonet subscription': + port => '8007', + proto => 'tcp', + action => 'accept', + } + + firewall {'505 Midonet trace': + port => '8460', + proto => 'tcp', + action => 'accept', + } + + firewall {'506 Midonet fabric': + port => '8009', + proto => 'tcp', + action => 'accept', + } + +} diff --git a/deployment_scripts/puppet/manifests/midonet-mem-horizon-override.pp b/deployment_scripts/puppet/manifests/midonet-mem-horizon-override.pp new file mode 100644 index 0000000..5b49b35 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-mem-horizon-override.pp @@ -0,0 +1,72 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-mem-horizon-override.pp') +include ::stdlib + +service { 'apache2': + ensure => running, + enable => true, + hasrestart => true, + hasstatus => true, +} + +file_line { 'vhost horizon start': + ensure => absent, + path => '/etc/apache2/sites-enabled/horizon_vhost.conf', + line => '# disabled by puppet', + match => '^\ true, + replace => false +} -> + +file_line { 'dont aggresively redirect horizon': + ensure => absent, + path => '/etc/apache2/sites-enabled/horizon_vhost.conf', + line => '# disabled by puppet', + match => '^\ \ RedirectMatch.*', + match_for_absence => true, + replace => false +} -> + +file_line { 'dont set servername again for horizon': + ensure => absent, + path => '/etc/apache2/sites-enabled/horizon_vhost.conf', + line => '# disabled by puppet', + match => '^\ \ ServerName.*', + match_for_absence => true, + replace => false +} -> + +file_line { 'dont set serveralias again for horizon': + ensure => absent, + path => '/etc/apache2/sites-enabled/horizon_vhost.conf', + line => '# disabled by puppet', + match => '^\ \ ServerAlias.*', + match_for_absence => true, + replace => false +} -> + +file_line { 'remove closing horizon vhost': + ensure => absent, + path => '/etc/apache2/sites-enabled/horizon_vhost.conf', + line => '# disabled by puppet', + match => '^\<\/VirtualHost.*', + match_for_absence => true, + replace => false, + notify => Service['apache2'] +} -> + +file { '/var/www/html/index.html': + ensure => absent + } diff --git a/deployment_scripts/puppet/manifests/midonet-neutron-configure.pp b/deployment_scripts/puppet/manifests/midonet-neutron-configure.pp index fcba69c..9ccd667 100644 --- a/deployment_scripts/puppet/manifests/midonet-neutron-configure.pp +++ b/deployment_scripts/puppet/manifests/midonet-neutron-configure.pp @@ -11,17 +11,27 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. -notice('MODULAR: midonet-configure-neutron.pp') +notice('MODULAR: midonet-neutron-configure.pp') # Neutron data $amqp_port = '5673' -$rabbit_hash = hiera('rabbit_hash', {}) -$management_vip = hiera('management_vip') +$rabbit_hash = hiera('rabbit', {}) +$management_vip = hiera('management_vip') $service_endpoint = hiera('service_endpoint', $management_vip) $neutron_config = hiera('quantum_settings') $neutron_db_password = $neutron_config['database']['passwd'] $neutron_user_password = $neutron_config['keystone']['admin_password'] +$neutron_username = pick($neutron_config['keystone']['admin_user'], 'neutron') +$neutron_project_name = pick($neutron_config['keystone']['admin_tenant'], 'services') +$region_name = hiera('region', 'RegionOne') +$auth_endpoint_type = 'internalURL' + +$ssl_hash = hiera_hash('use_ssl', {}) + +$internal_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http') +$internal_auth_endpoint = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$service_endpoint, $management_vip]) + # Neutron plugin data $access_data = hiera_hash('access') $username = $access_data['user'] @@ -37,7 +47,8 @@ $verbose = pick($openstack_network_hash['verbose'], hiera('verbos # Unfortunately, core_plugin in the 'openstack-network-common-config' # task is hardcoded. The core_plugin value for midonet is overrided # in hiera file, so running again class{'::neutron'} should modify -# the core_plugin value in /etc/neutron/neutron.conf +# the core_plugin value in /etc/neutron/neutron.conf. +# Same goes for service_plugins # # Hoping that Fuel will make the core plugin configurable and we # can remove this step @@ -48,7 +59,6 @@ class {'::neutron': use_stderr => $use_stderr, log_facility => 'LOG_USER', base_mac => 'fa:16:3e:00:00:00', - service_plugins => [], allow_overlapping_ips => true, mac_generation_retries => '32', dhcp_lease_duration => '600', @@ -82,36 +92,54 @@ file {'/etc/default/neutron-server': group => 'root', mode => '0644' } -> -class {'::neutron::plugins::midonet': - midonet_api_ip => $service_endpoint, - midonet_api_port => '8081', - keystone_username => $username, - keystone_password => $password, - keystone_tenant => $tenant_name -} +class { '::midonet::neutron_plugin': + midonet_api_ip => $service_endpoint, + midonet_api_port => '8181', + keystone_username => $username, + keystone_password => $password, + keystone_tenant => $tenant_name, + sync_db => $primary_controller ? {true => true,default => false}, + } + class { '::neutron::server': - sync_db => $primary_controller ? {true => 'primary', default => 'slave'}, - auth_host => $service_endpoint, - auth_port => '35357', - auth_protocol => 'http', - auth_password => $neutron_user_password, - auth_tenant => 'services', - auth_user => 'neutron', - auth_uri => "http://${service_endpoint}:35357/v2.0", + sync_db => $primary_controller ? {true => 'primary',default => 'slave'}, + + username => $neutron_username, + password => $neutron_user_password, + + auth_uri => "${internal_auth_protocol}://${internal_auth_endpoint}:5000/", + auth_url => "${internal_auth_protocol}://${internal_auth_endpoint}:35357/", + + region_name => $region_name, + project_name => $neutron_project_name, database_retry_interval => 2, - database_connection => "mysql://neutron:${neutron_db_password}@${service_endpoint}/neutron?&read_timeout=60", + database_connection => "mysql://${neutron_username}:${neutron_db_password}@${service_endpoint}/neutron?&read_timeout=60", database_max_retries => -1, - agent_down_time => 15, + agent_down_time => 15, - api_workers => min($::processorcount + 0, 50 + 0), - rpc_workers => 0, + api_workers => min($::processorcount + 0, 50 + 0), + rpc_workers => 0, } +if !defined(Neutron_config['service_providers/service_provider']) +{ +# The version of puppet-neutron included in Fuel 9 doesnt allow passing in service_providers option +# so let's override it directly + neutron_config { + 'service_providers/service_provider': value => ['LOADBALANCER:Midonet:midonet.neutron.services.loadbalancer.driver.MidonetLoadbalancerDriver:default'] + } + Class['::midonet::neutron_plugin'] -> Neutron_config['service_providers/service_providers'] -> Service['neutron-server'] +} + +Neutron_config<| title == 'service_providers/service_provider' |> { + value => ['LOADBALANCER:Midonet:midonet.neutron.services.loadbalancer.driver.MidonetLoadbalancerDriver:default'] +} + + # Nova notifications needed data -$ssl_hash = hiera_hash('use_ssl', {}) $nova_endpoint = hiera('nova_endpoint', $management_vip) $nova_hash = hiera_hash('nova', {}) $nova_internal_protocol = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'protocol', 'http') @@ -128,10 +156,10 @@ $nova_auth_password = $nova_hash['user_password'] $auth_region = hiera('region', 'RegionOne') class { 'neutron::server::notifications': - nova_url => $nova_url, - auth_url => $nova_admin_auth_url, - username => $nova_auth_user, - tenant_name => $nova_auth_tenant, - password => $nova_auth_password, - region_name => $auth_region, + nova_url => $nova_url, + auth_url => $nova_admin_auth_url, + username => $nova_auth_user, + tenant_name => $nova_auth_tenant, + password => $nova_auth_password, + region_name => $auth_region, } diff --git a/deployment_scripts/puppet/manifests/midonet-neutron-networks.pp b/deployment_scripts/puppet/manifests/midonet-neutron-networks.pp index ce46c09..8080687 100644 --- a/deployment_scripts/puppet/manifests/midonet-neutron-networks.pp +++ b/deployment_scripts/puppet/manifests/midonet-neutron-networks.pp @@ -16,8 +16,8 @@ notice('MODULAR: midonet-neutron-networks.pp') # Extract data from hiera $access_data = hiera_hash('access') $keystone_admin_tenant = $access_data['tenant'] -$network_metadata = hiera_hash('network_metadata') -$node_roles = $network_metadata['nodes'][$::hostname]['node_roles'] +$net_metadata = hiera_hash('network_metadata') +$node_roles = $net_metadata['nodes'][$::hostname]['node_roles'] $neutron_settings = hiera('neutron_config') $external_net_name = $neutron_settings['default_floating_net'] $tenant_net_name = $neutron_settings['default_private_net'] @@ -26,24 +26,24 @@ $tenant_net = $predefined_nets[$tenant_net_name] $external_net = $predefined_nets[$external_net_name] # Plugin settings data (overrides $external_net l3 values) -$midonet_settings = hiera_hash('midonet-fuel-plugin') +$midonet_settings = hiera_hash('midonet') $tz_type = $midonet_settings['tunnel_type'] $floating_range_start = $midonet_settings['floating_ip_range_start'] $floating_range_end = $midonet_settings['floating_ip_range_end'] $floating_cidr = $midonet_settings['floating_cidr'] $floating_gateway_ip = $midonet_settings['gateway'] -$allocation_pools = "start=$floating_range_start,end=$floating_range_end" +$allocation_pools = "start=${floating_range_start},end=${floating_range_end}" service { 'neutron-server': ensure => running, } neutron_network { $tenant_net_name: - ensure => present, - router_external => $tenant_net['L2']['router_ext'], - tenant_name => $tenant_net['tenant'], - shared => $tenant_net['shared'] + ensure => present, + router_external => $tenant_net['L2']['router_ext'], + tenant_name => $tenant_net['tenant'], + shared => $tenant_net['shared'] } -> neutron_subnet { "${tenant_net_name}__subnet": @@ -57,10 +57,10 @@ neutron_subnet { "${tenant_net_name}__subnet": } -> neutron_network { $external_net_name: - ensure => present, - router_external => $external_net['L2']['router_ext'], - tenant_name => $external_net['tenant'], - shared => $external_net['shared'] + ensure => present, + router_external => $external_net['L2']['router_ext'], + tenant_name => $external_net['tenant'], + shared => $external_net['shared'] } -> neutron_subnet { "${external_net_name}__subnet": diff --git a/deployment_scripts/puppet/manifests/midonet-nsdb.pp b/deployment_scripts/puppet/manifests/midonet-nsdb.pp index 8bcdf85..5a92ab1 100644 --- a/deployment_scripts/puppet/manifests/midonet-nsdb.pp +++ b/deployment_scripts/puppet/manifests/midonet-nsdb.pp @@ -20,15 +20,20 @@ $nsdb_map = get_nodes_hash_by_roles($network_metadata, ['nsdb']) $zoo_hash = generate_zookeeper_hash($nsdb_map) $nsdb_mgmt_map = get_node_to_ipaddr_map_by_network_role($nsdb_map, 'management') -class {'::zookeeper': - servers => $zoo_hash['servers'], - id => $zoo_hash["${::fqdn}"]['id'], - client_ip => $zoo_hash["${::fqdn}"]['host'], +class { '::midonet_openstack::profile::midojava::midojava':} +contain '::midonet_openstack::profile::midojava::midojava' + +class { '::midonet_openstack::profile::zookeeper::midozookeeper': + zk_servers => $zoo_hash['servers'], + id => $zoo_hash["${::fqdn}"]['id'], + client_ip => $zoo_hash["${::fqdn}"]['host'], + require => File['/usr/java/default'] } -class {'::cassandra': - seeds => values($nsdb_mgmt_map), - seed_address => $nsdb_mgmt_map["${::hostname}"] +class {'::midonet_openstack::profile::cassandra::midocassandra': + seeds => join(values($nsdb_mgmt_map),','), + seed_address => $nsdb_mgmt_map["${::hostname}"], + require => File['/usr/java/default'] } class { 'firewall': } @@ -41,43 +46,43 @@ firewall {'500 zookeeper ports': } firewall {'501 zookeeper ports': - port => '2181', - proto => 'tcp', - action => 'accept', + port => '2181', + proto => 'tcp', + action => 'accept', require => Class['::zookeeper'] } firewall {'550 cassandra ports': - port => '9042', - proto => 'tcp', - action => 'accept', + port => '9042', + proto => 'tcp', + action => 'accept', require => Class['::cassandra'] } firewall {'551 cassandra ports': - port => '7000', - proto => 'tcp', - action => 'accept', + port => '7000', + proto => 'tcp', + action => 'accept', require => Class['::cassandra'] } firewall {'552 cassandra ports': - port => '7199', - proto => 'tcp', - action => 'accept', + port => '7199', + proto => 'tcp', + action => 'accept', require => Class['::cassandra'] } firewall {'553 cassandra ports': - port => '9160', - proto => 'tcp', - action => 'accept', + port => '9160', + proto => 'tcp', + action => 'accept', require => Class['::cassandra'] } firewall {'554 cassandra ports': - port => '59471', - proto => 'tcp', - action => 'accept', + port => '59471', + proto => 'tcp', + action => 'accept', require => Class['::cassandra'] } diff --git a/deployment_scripts/puppet/manifests/midonet-override-hiera.pp b/deployment_scripts/puppet/manifests/midonet-override-hiera.pp index 346aa7e..3dbea6f 100644 --- a/deployment_scripts/puppet/manifests/midonet-override-hiera.pp +++ b/deployment_scripts/puppet/manifests/midonet-override-hiera.pp @@ -13,18 +13,10 @@ # under the License. notice('MODULAR: midonet-override-hiera.pp') -$midonet_settings = hiera('midonet-fuel-plugin') +$midonet_settings = hiera('midonet') $mem = $midonet_settings['mem'] -file {'/etc/hiera/plugins/midonet-fuel-plugin.yaml': +file {'/etc/hiera/plugins/midonet.yaml': ensure => file, - source => '/etc/fuel/plugins/midonet-fuel-plugin-4.0/puppet/files/midonet-fuel-plugin.yaml' -} - -if $mem == false { - # MidoNet 2015.06 OSS does not support fernet tokens - file_line {'token_provider': - path => '/etc/hiera/plugins/midonet-fuel-plugin.yaml', - line => 'token_provider: uuid' - } + source => '/etc/fuel/plugins/midonet-4.1/puppet/files/midonet.yaml' } diff --git a/deployment_scripts/puppet/manifests/midonet-replace-guess-func.pp b/deployment_scripts/puppet/manifests/midonet-replace-guess-func.pp index 09479a1..63e3572 100644 --- a/deployment_scripts/puppet/manifests/midonet-replace-guess-func.pp +++ b/deployment_scripts/puppet/manifests/midonet-replace-guess-func.pp @@ -15,8 +15,8 @@ notice('MODULAR: midonet-replace-guess-func.pp') # NOTE: This replacement may be only needed on Ubuntu hosts file_line { 'replace_guess': - path => '/usr/share/neutron-common/plugin_guess_func', - match => '"neutron.plugins.midonet.plugin.MidonetPluginV2"', - line => "\t\"midonet.neutron.plugin_v1.MidonetPluginV2\")", - multiple => true + path => '/usr/share/neutron-common/plugin_guess_func', + match => '"neutron.plugins.midonet.plugin.MidonetPluginV2"', + line => "\t\"midonet.neutron.plugin_v2.MidonetPluginV2\")", + multiple => true } diff --git a/deployment_scripts/puppet/manifests/midonet-restart-agent.pp b/deployment_scripts/puppet/manifests/midonet-restart-agent.pp new file mode 100644 index 0000000..7133a14 --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-restart-agent.pp @@ -0,0 +1,26 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-restart-agent.pp') + +exec { 'service midolman restart': + path => '/usr/bin:/usr/sbin:/sbin:/bin' + } -> + +exec { 'sleep 4': + path => '/usr/bin:/usr/sbin:/sbin:/bin' + } -> + +exec { 'service midonet-jmxscraper restart': + path => '/usr/bin:/usr/sbin:/sbin:/bin' + } diff --git a/deployment_scripts/puppet/manifests/midonet-restart-cluster.pp b/deployment_scripts/puppet/manifests/midonet-restart-cluster.pp new file mode 100644 index 0000000..e97ca9b --- /dev/null +++ b/deployment_scripts/puppet/manifests/midonet-restart-cluster.pp @@ -0,0 +1,22 @@ +# Copyright 2016 Midokura, SARL. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +notice('MODULAR: midonet-restart-cluster.pp') + +exec { 'service midonet-cluster restart': + path => '/usr/bin:/usr/sbin:/sbin:/bin' + } -> + +exec { 'sleep 4': + path => '/usr/bin:/usr/sbin:/sbin:/bin' + } diff --git a/deployment_scripts/puppet/manifests/midonet-trick-l23network.pp b/deployment_scripts/puppet/manifests/midonet-trick-l23network.pp deleted file mode 100644 index 9873edb..0000000 --- a/deployment_scripts/puppet/manifests/midonet-trick-l23network.pp +++ /dev/null @@ -1,14 +0,0 @@ -# Create a file to trick the l23network and let install -# openvswitch module to configure the public interface -file {"/etc/hiera/override": - ensure => directory -} -> - -file {"/etc/hiera/override/node": - ensure => directory -} -> - -file {"/etc/hiera/override/node/${::fqdn}.yaml": - ensure => present, - content => "use_neutron: true\n" -} diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/filter_nodes.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/filter_nodes.rb new file mode 100644 index 0000000..8a0f945 --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/filter_nodes.rb @@ -0,0 +1,9 @@ +module Puppet::Parser::Functions + newfunction(:filter_nodes, :type => :rvalue) do |args| + name = args[1] + value = args[2] + args[0].select do |it| + it[name] == value + end + end +end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_edge_port_hash.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_edge_port_hash.rb new file mode 100644 index 0000000..fe1c165 --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_edge_port_hash.rb @@ -0,0 +1,36 @@ +# Copyright 2015 Midokura SARL, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +require 'csv' +require 'netaddr' + +module Puppet::Parser::Functions + newfunction(:generate_bgp_edge_port_hash, :type => :rvalue, :doc => <<-EOS + This function generates a Hash to create the neutron subnet resources for BGP + on the edge router + EOS + ) do |argv| + result = {} + list_of_neighbors = argv[0].split(',') + list_of_local_ips = list_of_neighbors.collect { |x| x.split('-')[0].split('/')[0] }.uniq + list_of_local_ips.each do |localip| + port_name = 'edge-port-' + localip.gsub('.','') + result[port_name] = { + 'ip_address' => [[localip],['0.0.0.0']] + } + end + + return result + end +end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_edge_subnet_hash.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_edge_subnet_hash.rb new file mode 100644 index 0000000..b19a2de --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_edge_subnet_hash.rb @@ -0,0 +1,37 @@ +# Copyright 2015 Midokura SARL, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +require 'csv' +require 'netaddr' + +module Puppet::Parser::Functions + newfunction(:generate_bgp_edge_subnet_hash, :type => :rvalue, :doc => <<-EOS + This function generates a Hash to create the neutron subnet resources for BGP + on the edge router + EOS + ) do |argv| + result = {} + list_of_neighbors = argv[0].split(',') + list_of_neighbors.each do |neighbor| + ip_netnl = neighbor.split('-')[0] + cidr = NetAddr::CIDR.create(ip_netnl).to_s + subnet_name = 'edge-subnet-' + cidr.gsub('.','').gsub("/","") + result[subnet_name] = { + 'cidr' => NetAddr::CIDR.create(ip_netnl).to_s + } + end + + return result + end +end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_neighbors_for_gateway_bgp.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_neighbors_for_gateway_bgp.rb new file mode 100644 index 0000000..2024294 --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_bgp_neighbors_for_gateway_bgp.rb @@ -0,0 +1,42 @@ +# Copyright 2015 Midokura SARL, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +require 'csv' +require 'netaddr' + +module Puppet::Parser::Functions + newfunction(:generate_bgp_neighbors_for_gateway_bgp, :type => :rvalue, :doc => <<-EOS + This function generates a Hash to create the neutron subnet resources for BGP + on the edge router + EOS + ) do |argv| + result = [] + split_list_of_neighbors = argv[0].split(',') + split_list_of_neighbors.each do |neighbor| + split_neighbor = neighbor.split('-') + remote_net = NetAddr::CIDR.create(split_neighbor[0]).to_s + ip_address = split_neighbor[1] + remote_asn = split_neighbor[2] + result.push ( + { + 'ip_address' => ip_address, + 'remote_asn' => remote_asn, + 'remote_net' => remote_net + } + ) + end + + return result + end +end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_remote_peers.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_cidr_from_ip_netlength.rb similarity index 62% rename from deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_remote_peers.rb rename to deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_cidr_from_ip_netlength.rb index 74c3327..76d1e90 100644 --- a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_remote_peers.rb +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_cidr_from_ip_netlength.rb @@ -11,16 +11,15 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. + +require 'netaddr' + module Puppet::Parser::Functions - newfunction(:generate_remote_peers, :type => :rvalue, :doc => <<-EOS - Generate remote peers according to the input values in the plugin settings + newfunction(:generate_cidr_from_ip_netlength, :type => :rvalue, :doc => <<-EOS + This function returns BGP cidr CSV as an array EOS ) do |argv| - mn_settings = argv[0] - result = [] - if not mn_settings['remote_ip1'].empty? and not mn_settings['remote_as1'].empty? - result.push({"as" => mn_settings['remote_as1'], "ip" => mn_settings['remote_ip1']}) - end - return result + result = NetAddr::CIDR.create(argv[0]).to_s + return result end end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_fqdn_list.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_fqdn_list.rb new file mode 100644 index 0000000..d12d85d --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_fqdn_list.rb @@ -0,0 +1,30 @@ +# Copyright 2015 Midokura SARL, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +require 'csv' + +module Puppet::Parser::Functions + newfunction(:generate_fqdn_list, :type => :rvalue, :doc => <<-EOS + This function returns a list of fqdns! + EOS + ) do |argv| + controllers_map = argv[0] + result = '' + controllers_map.each do |key,value| + result << value['fqdn'] + ',' + end + + return result.chop + end +end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_port_bindings_to_delete.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_port_bindings_to_delete.rb new file mode 100644 index 0000000..f70afe6 --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_port_bindings_to_delete.rb @@ -0,0 +1,33 @@ +# Copyright 2015 Midokura SARL, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +require 'csv' + +module Puppet::Parser::Functions + newfunction(:generate_port_bindings_to_delete, :type => :rvalue, :doc => <<-EOS + This function returns the port bindings to delete for create_resources + EOS + ) do |argv| + controllers_map = argv[0] + result = {} + controllers_map.each do |key,value| + port_name = 'port-static-' + argv[1] + result[port_name] = { + 'binding_host_id' => argv[1] + } + end + + return result + end +end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_router_interfaces_list.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_router_interfaces_list.rb new file mode 100644 index 0000000..9f29f7e --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_router_interfaces_list.rb @@ -0,0 +1,32 @@ +# Copyright 2015 Midokura SARL, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +require 'csv' + +module Puppet::Parser::Functions + newfunction(:generate_router_interfaces_list, :type => :rvalue, :doc => <<-EOS + This function returns the port bindings to create to pass to the shell script + Since you can't send an array to a bash script, let's send a CSV instead. + EOS + ) do |argv| + result = '' + list_of_neighbors = argv[0].split(',') + list_of_ports = list_of_neighbors.collect { |x| 'edge-port-' + x.split('-')[0].split('/')[0].gsub('.','') }.uniq + list_of_ports.each do |port| + result << port + ',' + end + + return result.chop + end +end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_router_interfaces_to_delete.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_router_interfaces_to_delete.rb new file mode 100644 index 0000000..20cfd47 --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_router_interfaces_to_delete.rb @@ -0,0 +1,32 @@ +# Copyright 2015 Midokura SARL, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +require 'csv' + +module Puppet::Parser::Functions + newfunction(:generate_router_interfaces_to_delete, :type => :rvalue, :doc => <<-EOS + This function returns the port bindings to delete to pass to the shell script + Since you can't send an array to a bash script, let's send a CSV instead. + EOS + ) do |argv| + controllers_map = argv[0] + result = '' + controllers_map.each do |key,value| + port_name = 'port-static-' + argv[1] + result << port_name + ',' + end + + return result.chop + end +end diff --git a/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/loadyamlv2.rb b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/loadyamlv2.rb new file mode 100644 index 0000000..1fd85ab --- /dev/null +++ b/deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/loadyamlv2.rb @@ -0,0 +1,34 @@ +module Puppet::Parser::Functions + newfunction(:loadyamlv2, :type => :rvalue, :arity => -2, :doc => <<-'ENDHEREDOC') do |args| +Load a YAML file containing an array, string, or hash, and return the data +in the corresponding native data type. +The second parameter is the default value. It will be returned if the file +was not found or could not be parsed. + +For example: + + $myhash = loadyaml('/etc/puppet/data/myhash.yaml') + $myhash = loadyaml('no-file.yaml', {'default' => 'value'}) + ENDHEREDOC + + raise ArgumentError, 'Wrong number of arguments. 1 or 2 arguments should be provided.' unless args.length >= 1 + require 'yaml' + + if File.exists?(args[0]) + begin + YAML::load_file(args[0]) || args[1] + rescue Exception => e + if args[1] + args[1] + else + raise e + end + end + else + warning("Can't load '#{args[0]}' File does not exist!") + args[1] + end + + end + +end diff --git a/deployment_scripts/puppet/templates/cleanup_masquerade.erb b/deployment_scripts/puppet/templates/cleanup_masquerade.erb new file mode 100644 index 0000000..7d67bdc --- /dev/null +++ b/deployment_scripts/puppet/templates/cleanup_masquerade.erb @@ -0,0 +1,29 @@ +#!/bin/bash + +# Copyright 2016 Midokura SARL +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e +set -x + +FIP=<%= @fip %> +NIC=<%= @nic %> + + +# Delete masquerading to enable NATing +if [ -n "$(iptables -v -n -L -t nat | grep "MASQUERADE" | grep "${FIP}" | grep "${NIC}")" ]; then + iptables -t nat -D POSTROUTING -o ${NIC} -s ${FIP} -j MASQUERADE + iptables -D FORWARD -s ${FIP} -j ACCEPT + echo "Succesfully deleted masquerading" +fi diff --git a/deployment_scripts/puppet/templates/cleanup_static_gateway.sh.erb b/deployment_scripts/puppet/templates/cleanup_static_gateway.sh.erb new file mode 100644 index 0000000..e107474 --- /dev/null +++ b/deployment_scripts/puppet/templates/cleanup_static_gateway.sh.erb @@ -0,0 +1,47 @@ +#!/bin/bash + +# Copyright 2016 Midokura SARL +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e +set -x + +FIP=<%= @fip %> +NIC=<%= @nic %> +EDGE_ROUTER=<%= @edge_router %> +VETH0_IP=<%= @veth0_ip %> +VETH1_IP=<%= @veth1_ip %> +VETH_NETWORK=<%= @veth_network %> +HOSTNAME=<%= @myhostname %> + + +# Delete Route packets towards floating IP network through the bridge +if [ -n "$(ip route | /bin/grep "${FIP} via ${VETH_1}")" ]; then + ip route delete ${FIP} via ${VETH1_IP} + echo "Succesfully deleted route to send packets on the bridge" +fi + +for host in ${HOSTNAME//,/ } +do + HOST_ID=$(midonet-cli -A -e host list | grep ${host} | awk '{ print $2 }') + + ROUTER_ID=$(midonet-cli -A -e router list | grep ${EDGE_ROUTER} | awk '{ print $2 }') + PORT_ID=$(midonet-cli -A -e host ${HOST_ID} binding list | grep veth1 | awk '{ print $6}') + ROUTE_ID=$(midonet-cli -A -e router ${ROUTER_ID} route list | grep "src 0.0.0.0/0 dst 0.0.0.0/0 gw ${VETH0_IP} port ${PORT_ID}" | awk '{ print $2 }') + + if [ -n ${ROUTE_ID} ]; then + midonet-cli -e router ${ROUTER_ID} delete route ${ROUTE_ID} + echo "Successfully deleted default route on edge router" + fi +done diff --git a/deployment_scripts/puppet/templates/create_router_interfaces.sh.erb b/deployment_scripts/puppet/templates/create_router_interfaces.sh.erb new file mode 100644 index 0000000..fc94b78 --- /dev/null +++ b/deployment_scripts/puppet/templates/create_router_interfaces.sh.erb @@ -0,0 +1,43 @@ +#!/bin/bash + +# Copyright 2016 Midokura SARL +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e +set -x + + +EDGE_ROUTER=<%= @edge_router %> +PORTS=<%= @ports_to_bind %> +HOSTNAME=<%= @myhostname %> + +HOST_ID=$(midonet-cli -A -e host list | grep ${HOSTNAME} | awk '{ print $2 }') + +ROUTER_ID=$(midonet-cli -A -e router list | grep ${EDGE_ROUTER} | awk '{ print $2 }') + +PORT_BINDING_LIST=$(midonet-cli -A -e host ${HOST_ID} binding list) + +if [ -z "${PORT_BINDING_LIST}" ]; then + PORT_ID= +else + PORT_ID=$(midonet-cli -A -e host ${HOST_ID} binding list | grep gw-veth-mn) +fi + + +if [ -z "${PORT_ID}" ]; then + for port in ${PORTS//,/ } + do + source /root/openrc && neutron router-interface-add ${EDGE_ROUTER} port=${port} + done +fi diff --git a/deployment_scripts/puppet/templates/create_router_interfaces_static.sh.erb b/deployment_scripts/puppet/templates/create_router_interfaces_static.sh.erb new file mode 100644 index 0000000..ce20e4d --- /dev/null +++ b/deployment_scripts/puppet/templates/create_router_interfaces_static.sh.erb @@ -0,0 +1,43 @@ +#!/bin/bash + +# Copyright 2016 Midokura SARL +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e +set -x + + +EDGE_ROUTER=<%= @edge_router %> +PORTS=<%= @ports_to_bind %> +HOSTNAME=<%= @myhostname %> + +HOST_ID=$(midonet-cli -A -e host list | grep ${HOSTNAME} | awk '{ print $2 }') + +ROUTER_ID=$(midonet-cli -A -e router list | grep ${EDGE_ROUTER} | awk '{ print $2 }') + +PORT_BINDING_LIST=$(midonet-cli -A -e host ${HOST_ID} binding list) + +if [ -z ${PORT_BINDING_LIST} ]; then + PORT_ID= +else + PORT_ID=$(midonet-cli -A -e host ${HOST_ID} binding list | grep veth1) +fi + + +if [ -z ${PORT_ID} ]; then + for port in ${PORTS//,/ } + do + source /root/openrc && neutron router-interface-add ${EDGE_ROUTER} port=${port} + done +fi diff --git a/deployment_scripts/puppet/templates/delete_router_interfaces_bgp.sh.erb b/deployment_scripts/puppet/templates/delete_router_interfaces_bgp.sh.erb new file mode 100644 index 0000000..47e9116 --- /dev/null +++ b/deployment_scripts/puppet/templates/delete_router_interfaces_bgp.sh.erb @@ -0,0 +1,31 @@ +#!/bin/bash + +# Copyright 2016 Midokura SARL +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -x + + +EDGE_ROUTER=<%= @edge_router %> +PORTS=<%= @ports_to_unbind %> +HOSTNAME=<%= @myhostname %> + +ROUTER_ID=$(midonet-cli -A -e router list | grep ${EDGE_ROUTER} | awk '{ print $2 }') + +for port in ${PORTS//,/ } + do + source /root/openrc && neutron router-interface-delete ${EDGE_ROUTER} port=${port} + done + +exit 0 diff --git a/deployment_scripts/puppet/templates/remove_router_interfaces.sh.erb b/deployment_scripts/puppet/templates/remove_router_interfaces.sh.erb new file mode 100644 index 0000000..711d9c7 --- /dev/null +++ b/deployment_scripts/puppet/templates/remove_router_interfaces.sh.erb @@ -0,0 +1,28 @@ +#!/bin/bash + +# Copyright 2016 Midokura SARL +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -x + + +EDGE_ROUTER=<%= @edge_router %> +PORTS=<%= @ports_to_unbind %> + +for port in ${PORTS//,/ } +do + source /root/openrc && neutron router-interface-delete ${EDGE_ROUTER} port=${port} +done + +exit 0 diff --git a/deployment_scripts/puppet/templates/vhost_mem_manager.erb b/deployment_scripts/puppet/templates/vhost_mem_manager.erb new file mode 100644 index 0000000..893fa4c --- /dev/null +++ b/deployment_scripts/puppet/templates/vhost_mem_manager.erb @@ -0,0 +1,21 @@ +ProxyPreserveHost On +Alias /midonet-manager "/var/www/html/midonet-manager" + +ProxyPass /midonet-api http://<%= @public_vip %>:8181/midonet-api +ProxyPassReverse /midonet-api http://<%= @public_vip %>:8181/midonet-api + +ProxyPass /subscription ws://<%= @public_vip %>:8007/subscription +ProxyPassReverse /subscription ws://<%= @public_vip %>:8007/subscription + +ProxyPass /trace ws://<%= @public_vip %>:8460/trace +ProxyPassReverse /trace ws://<%= @public_vip %>:8460/trace + +ProxyPass /fabric ws://<%= @public_vip %>:8009/fabric +ProxyPassReverse /fabric ws://<%= @public_vip %>:8009/fabric + +ProxyPass /analytics ws://<%= @ana_mgmt_ip %>:8080/analytics +ProxyPassReverse /analytics ws://<%= @ana_mgmt_ip %>:8080/analytics + +Header set Access-Control-Allow-Origin * +Header append Access-Control-Allow-Headers Content-Type +Header append Access-Control-Allow-Headers X-Auth-Token diff --git a/deployment_tasks.yaml b/deployment_tasks.yaml index 7c1ce65..aae3681 100644 --- a/deployment_tasks.yaml +++ b/deployment_tasks.yaml @@ -18,43 +18,130 @@ - logging - hiera - globals - - netconfig-midonet + - netconfig - id: midonet-gw parameters: strategy: type: parallel + requires: + - deploy_start + - nsdb required_for: - deploy_end - requires: - - nsdb role: - midonet-gw + type: group tasks: - logging - hiera - globals - - netconfig-midonet - type: group - -# -# DEPLOYMENT -# - -- id: netconfig-midonet - parameters: - puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/netconfig/netconfig.pp - puppet_modules: /etc/puppet/modules - timeout: 3600 - cwd: / - required_for: - netconfig + +- id: midonet-analytics + parameters: + strategy: + type: parallel requires: - - tools - groups: - - /.*/ - type: puppet + - deploy_start + - nsdb + required_for: + - deploy_end + role: + - midonet-analytics + type: group + tasks: + - logging + - hiera + - globals + - netconfig + +# Override neutron params +- id: install_common_deps + role: + - primary-controller + - controller + - compute + - nsdb + - midonet-gw + - midonet-analytics + type: shell + requires: [pre_deployment_start] + required_for: [pre_deployment_end] version: 2.0.0 + parameters: + cmd: bash install_midonet_common_modules_and_gems.sh + timeout: 1440 + +- id: override_neutron_module + role: + - primary-controller + - controller + - compute + - nsdb + - midonet-gw + - midonet-analytics + type: shell + requires: [pre_deployment_start] + required_for: [pre_deployment_end] + version: 2.0.0 + parameters: + cmd: bash override_neutron_module.sh + timeout: 1440 + +# Override neutron params +- id: neutron-override + role: + - primary-controller + - controller + - compute + - nsdb + - midonet-gw + - midonet-analytics + type: puppet + requires: [pre_deployment_start] + required_for: [pre_deployment_end] + version: 2.0.0 + parameters: + puppet_manifest: puppet/manifests/midonet-override-hiera.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + +# Install the MidoNet Package. Everywhere +- id: install_midonet_package + role: + - primary-controller + - controller + - compute + - nsdb + - midonet-gw + - midonet-analytics + type: shell + requires: [deploy_start,setup_repositories] + required_for: [fuel_pkgs] + version: 2.0.0 + parameters: + cmd: bash install_midonet_package_from_source.sh + timeout: 1440 + + +# Install the MidoNet_Openstack Package where needed. For Java, Zookeeper and Cassandra +- id: install_midonet_openstack_package + role: + - primary-controller + - controller + - compute + - nsdb + - midonet-gw + - midonet-analytics + type: shell + requires: [deploy_start,setup_repositories] + required_for: [fuel_pkgs] + version: 2.0.0 + parameters: + cmd: bash install_midonet_openstack_package.sh + timeout: 1440 + # First independent tasks - id: setup_repositories_midonet @@ -64,10 +151,16 @@ - compute - nsdb - midonet-gw + - midonet-analytics required_for: - deploy_end requires: - netconfig + - install_common_deps + - install_midonet_package + - install_midonet_openstack_package + - override_neutron_module + version: 2.0.0 type: puppet parameters: puppet_manifest: puppet/manifests/midonet-define-repositories.pp @@ -80,35 +173,21 @@ - controller - primary-controller - midonet-gw + - midonet-analytics required_for: - deploy_end requires: - deploy_start + version: 2.0.0 type: puppet parameters: puppet_manifest: puppet/manifests/midonet-enable-ip-forward.pp puppet_modules: "puppet/modules/:/etc/puppet/modules/" timeout: 720 -# NSDB-only tasks -- id: zookeeper_and_cassandra_midonet - groups: - - nsdb - required_for: - - deploy_end - requires: - - setup_repositories_midonet - - firewall - type: puppet - reexecute_on: - - deploy_changes - parameters: - puppet_manifest: puppet/manifests/midonet-nsdb.pp - puppet_modules: "puppet/modules/:/etc/puppet/modules/" - timeout: 1440 # PRE-NEUTRON CONFIGURATION -- id: deploy_api_midonet +- id: deploy_cluster_midonet groups: - primary-controller - controller @@ -121,13 +200,14 @@ - firewall - primary-cluster-haproxy - cluster-haproxy + version: 2.0.0 type: puppet reexecute_on: - deploy_changes parameters: - puppet_manifest: puppet/manifests/midonet-install-api.pp + puppet_manifest: puppet/manifests/midonet-install-cluster.pp puppet_modules: "puppet/modules/:/etc/puppet/modules/" - timeout: 1440 + timeout: 3600 # In controllers, we have to install midolman 'before' the neutron # configuration, because subnet creates a the DHCP port in neutron @@ -140,12 +220,14 @@ - deploy_end - openstack-network-start requires: - - deploy_api_midonet + - deploy_cluster_midonet + version: 2.0.0 type: puppet parameters: puppet_manifest: puppet/manifests/midonet-install-agent.pp puppet_modules: "puppet/modules/:/etc/puppet/modules/" - timeout: 1440 + timeout: 4500 + # NEUTRON CONFIGURATION - id: openstack-network-midonet-replace-service-name @@ -156,6 +238,7 @@ - openstack-network-common-config required_for: - openstack-network-end + version: 2.0.0 type: puppet parameters: puppet_manifest: puppet/manifests/midonet-replace-guess-func.pp @@ -168,8 +251,10 @@ - controller requires: - openstack-network-midonet-replace-service-name + - setup_repositories_midonet required_for: - openstack-network-server-config + version: 2.0.0 type: puppet parameters: puppet_manifest: puppet/manifests/midonet-neutron-configure.pp @@ -181,14 +266,166 @@ - primary-controller requires: - openstack-network-server-config + - openstack-network-midonet-config + - setup_repositories_midonet required_for: - openstack-network-end + version: 2.0.0 type: puppet parameters: puppet_manifest: puppet/manifests/midonet-neutron-networks.pp puppet_modules: "puppet/modules/:/etc/puppet/modules/" timeout: 1440 +- id: openstack-network-midonet-cleanup-static + groups: + - primary-controller + requires: + - openstack-network-server-config + - openstack-network-midonet-config + - setup_repositories_midonet + - openstack-network-midonet-networks + reexecute_on: + - deploy_changes + required_for: + - openstack-network-end + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-cleanup-static.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: > + changedAny($.midonet.gateway_type,$.midonet.static_linux_bridge_address, + $.midonet.static_fake_edge_router_address, + $.midonet.static_use_masquerade) and $.cluster.status != 'new' + +- id: openstack-network-midonet-cleanup-bgp + groups: + - primary-controller + requires: + - openstack-network-server-config + - openstack-network-midonet-config + - setup_repositories_midonet + - openstack-network-midonet-networks + reexecute_on: + - deploy_changes + required_for: + - openstack-network-end + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-edge-router-cleanup-bgp.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: > + (changedAny($.midonet.gateway_type,$.midonet.bgp_local_as, + $.midonet.bgp_neighbors) and $.cluster.status != 'new') + +- id: openstack-network-midonet-edge + groups: + - primary-controller + requires: + - openstack-network-server-config + - openstack-network-midonet-config + - setup_repositories_midonet + - openstack-network-midonet-networks + - openstack-network-midonet-cleanup-static + - openstack-network-midonet-cleanup-bgp + reexecute_on: + - deploy_changes + required_for: + - openstack-network-end + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-edge-router-setup.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + +- id: openstack-network-midonet-edge-bgp + groups: + - primary-controller + requires: + - openstack-network-server-config + - openstack-network-midonet-config + - setup_repositories_midonet + - openstack-network-midonet-networks + - openstack-network-midonet-edge + - openstack-network-midonet-cleanup-static + - openstack-network-midonet-cleanup-bgp + reexecute_on: + - deploy_changes + required_for: + - openstack-network-end + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-edge-router-setup-bgp.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: > + (changedAny($.midonet.gateway_type,$.midonet.bgp_local_as, + $.midonet.bgp_neighbors) and $.midonet.gateway_type = 'bgp') + +- id: openstack-network-midonet-edge-static + groups: + - primary-controller + requires: + - openstack-network-server-config + - openstack-network-midonet-config + - setup_repositories_midonet + - openstack-network-midonet-networks + - openstack-network-midonet-edge + - openstack-network-midonet-cleanup-bgp + - openstack-network-midonet-cleanup-static + reexecute_on: + - deploy_changes + required_for: + - openstack-network-end + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-edge-router-setup-static.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: > + (changedAny($.midonet.gateway_type,$.midonet.static_linux_bridge_address, + $.midonet.static_fake_edge_router_address, + $.midonet.static_use_masquerade) and $.midonet.gateway_type = 'static') + +- id: openstack-network-midonet-edge-static-per-host + groups: + - primary-controller + requires: + - openstack-network-server-config + - openstack-network-midonet-config + - setup_repositories_midonet + - openstack-network-midonet-networks + - openstack-network-midonet-edge + - openstack-network-midonet-cleanup-static + - openstack-network-midonet-cleanup-bgp + - openstack-network-midonet-edge-static + reexecute_on: + - deploy_changes + required_for: + - openstack-network-end + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-edge-router-setup-static-per-host.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: > + (changedAny($.midonet.gateway_type,$.midonet.static_linux_bridge_address, + $.midonet.static_fake_edge_router_address, + $.midonet.static_use_masquerade) and $.midonet.gateway_type = 'static') + - id: openstack-network-midonet-compute-nova parameters: puppet_manifest: puppet/manifests/midonet-compute-nova.pp @@ -197,13 +434,80 @@ required_for: - openstack-network-end requires: + - setup_repositories_midonet - openstack-network-common-config - openstack-network-agents-l3 - openstack-network-agents-metadata + version: 2.0.0 type: puppet groups: - compute +# NSDB-only tasks +- id: zookeeper_and_cassandra_midonet + groups: + - nsdb + required_for: + - deploy_end + requires: + - deploy_start + - install_midonet_openstack_package + - install_midonet_package + - netconfig + version: 2.0.0 + type: puppet + reexecute_on: + - deploy_changes + parameters: + puppet_manifest: puppet/manifests/midonet-nsdb.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 3600 + +# Analytics Only tasks + +- id: mem-analytics-java8 + role: + - midonet-analytics + required_for: + - deploy_end + requires: + - deploy_start + - install_midonet_openstack_package + - install_midonet_package + - netconfig + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-install-java8.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 720 + condition: + yaql_exp: "$.midonet.mem = true and $.midonet.mem_insights = true" + +- id: mem-analytics-install + role: + - midonet-analytics + required_for: + - deploy_end + requires: + - deploy_start + - install_midonet_openstack_package + - install_midonet_package + - netconfig + - mem-analytics-java8 + - setup_repositories_midonet + cross-depends: + - name: zookeeper_and_cassandra_midonet + - name: deploy_cluster_midonet + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-install-analytics.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 4500 + condition: + yaql_exp: "$.midonet.mem = true and $.midonet.mem_insights = true" + # Skipped tasks - id: openstack-network-server-config @@ -222,9 +526,12 @@ type: skipped - id: openstack-network-compute-nova type: skipped -- id: netconfig + # This task tries to enable the service nova_compute but we already to that + # inside our custom midonet-compute-nova task. +- id: enable_nova_compute_service type: skipped + # POST-DEPLOYMENT TASKS # The task configure_default_route reinstalls openvswitch-switch @@ -239,13 +546,15 @@ - post_deployment_end requires: - configure_default_route + - post_deployment_start + version: 2.0.0 type: puppet reexecute_on: - deploy_changes parameters: puppet_manifest: puppet/manifests/midonet-install-agent.pp puppet_modules: "puppet/modules/:/etc/puppet/modules/" - timeout: 1440 + timeout: 4500 - id: tunnel-zones-midonet role: @@ -253,16 +562,207 @@ - controller - primary-controller - midonet-gw + reexecute_on: + - deploy_changes required_for: - post_deployment_end requires: + - post_deployment_start - agent-midonet-compute + version: 2.0.0 type: puppet parameters: puppet_manifest: puppet/manifests/midonet-host-registry.pp puppet_modules: "puppet/modules/:/etc/puppet/modules/" timeout: 720 +- id: generate-openrc-gw + role: + - midonet-gw + required_for: + - post_deployment_end + requires: + - post_deployment_start + - tunnel-zones-midonet + version: 2.0.0 + reexecute_on: + - deploy_changes + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-generate-openrc-for-gw.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 720 + +- id: midonet-edge-router-cleanup-bgp-gw + role: + - midonet-gw + required_for: + - post_deployment_end + requires: + - generate-openrc-gw + - post_deployment_start + - tunnel-zones-midonet + type: puppet + reexecute_on: + - deploy_changes + parameters: + puppet_manifest: puppet/manifests/midonet-edge-router-cleanup-bgp-gw.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 720 + version: 2.0.0 + condition: + yaql_exp: > + (changedAny($.midonet.gateway_type,$.midonet.bgp_local_as, + $.midonet.bgp_neighbors) and $.cluster.status != 'new' ) + +- id: openstack-network-midonet-cleanup-static-per-host + role: + - midonet-gw + required_for: + - post_deployment_end + requires: + - generate-openrc-gw + - post_deployment_start + - tunnel-zones-midonet + reexecute_on: + - deploy_changes + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-cleanup-static-per-host.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: > + changedAny($.midonet.gateway_type,$.midonet.static_linux_bridge_address, + $.midonet.static_fake_edge_router_address, + $.midonet.static_use_masquerade) and $.cluster.status != 'new' + +- id: openstack-network-midonet-cleanup-masq + role: + - midonet-gw + required_for: + - post_deployment_end + requires: + - generate-openrc-gw + - post_deployment_start + - tunnel-zones-midonet + reexecute_on: + - deploy_changes + required_for: + - openstack-network-end + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-cleanup-masquerade.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: > + changedAny($.midonet.gateway_type,$.midonet.static_linux_bridge_address, + $.midonet.static_fake_edge_router_address, + $.midonet.static_use_masquerade) and $.cluster.status != 'new' + +- id: midonet-bgp-interfaces + role: + - midonet-gw + required_for: + - post_deployment_end + requires: + - generate-openrc-gw + - midonet-edge-router-cleanup-bgp-gw + - openstack-network-midonet-cleanup-static-per-host + - openstack-network-midonet-cleanup-masq + - post_deployment_start + - tunnel-zones-midonet + type: puppet + reexecute_on: + - deploy_changes + version: 2.0.0 + parameters: + puppet_manifest: puppet/manifests/midonet-bgp-interfaces.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 720 + condition: + yaql_exp: "$.midonet.gateway_type = 'bgp'" + + +- id: midonet-edge-router-setup-bgp-gw + role: + - midonet-gw + required_for: + - post_deployment_end + requires: + - generate-openrc-gw + - post_deployment_start + - midonet-bgp-interfaces + - tunnel-zones-midonet + - midonet-edge-router-cleanup-bgp-gw + - openstack-network-midonet-cleanup-masq + - openstack-network-midonet-cleanup-static-per-host + version: 2.0.0 + type: puppet + reexecute_on: + - deploy_changes + parameters: + puppet_manifest: puppet/manifests/midonet-edge-router-setup-bgp-gw.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 720 + condition: + yaql_exp: > + (changedAny($.midonet.gateway_type,$.midonet.bgp_local_as, + $.midonet.bgp_neighbors) and $.midonet.gateway_type = 'bgp') + +- id: openstack-network-midonet-gateway-static-router-ifaces + role: + - midonet-gw + required_for: + - post_deployment_end + requires: + - generate-openrc-gw + - post_deployment_start + - midonet-bgp-interfaces + - tunnel-zones-midonet + - midonet-edge-router-cleanup-bgp-gw + - openstack-network-midonet-cleanup-masq + - openstack-network-midonet-cleanup-static-per-host + reexecute_on: + - deploy_changes + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-gateway-static-router-ifaces.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: "$.midonet.gateway_type = 'static'" + +- id: openstack-network-midonet-gateway-static + role: + - midonet-gw + required_for: + - post_deployment_end + requires: + - generate-openrc-gw + - post_deployment_start + - midonet-bgp-interfaces + - tunnel-zones-midonet + - midonet-edge-router-cleanup-bgp-gw + - openstack-network-midonet-cleanup-masq + - openstack-network-midonet-cleanup-static-per-host + - openstack-network-midonet-gateway-static-router-ifaces + reexecute_on: + - deploy_changes + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-gateway-static.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 1440 + condition: + yaql_exp: "$.midonet.gateway_type = 'static'" + + - id: rootwrap-midonet role: - compute @@ -272,22 +772,125 @@ required_for: - post_deployment_end requires: + - post_deployment_start - agent-midonet-compute + version: 2.0.0 type: puppet parameters: puppet_manifest: puppet/manifests/midonet-ensure-rootwrap.pp puppet_modules: "puppet/modules/:/etc/puppet/modules/" timeout: 720 -- id: gateway-midonet +# Midonet Enterprise Post-Deployment Tasks + +- id: mem-install role: - - midonet-gw - requires: - - tunnel-zones-midonet + - controller + - primary-controller required_for: - post_deployment_end + requires: + - post_deployment_start + type: puppet + reexecute_on: + - deploy_changes + version: 2.0.0 + parameters: + puppet_manifest: puppet/manifests/midonet-install-mem.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 3600 + condition: + yaql_exp: "$.midonet.mem = true" + +- id: mem-horizon-override + role: + - controller + - primary-controller + required_for: + - post_deployment_end + requires: + - post_deployment_start + - mem-install + version: 2.0.0 + reexecute_on: + - deploy_changes type: puppet parameters: - puppet_manifest: puppet/manifests/midonet-gateway-bgp.pp + puppet_manifest: puppet/manifests/midonet-mem-horizon-override.pp puppet_modules: "puppet/modules/:/etc/puppet/modules/" timeout: 720 + condition: + yaql_exp: "$.midonet.mem = true" + +- id: mem-restart-cluster + role: + - controller + - primary-controller + required_for: + - post_deployment_end + requires: + - post_deployment_start + - mem-install + - mem-horizon-override + - agent-midonet-compute + - tunnel-zones-midonet + - midonet-edge-router-setup-bgp-gw + - openstack-network-midonet-cleanup-static-per-host + reexecute_on: + - deploy_changes + version: 2.0.0 + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-restart-cluster.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 720 + condition: + yaql_exp: "$.midonet.mem = true and $.midonet.mem_insights = true" + +- id: mem-restart-agent + role: + - midonet-gw + - controller + - primary-controller + - compute + required_for: + - post_deployment_end + requires: + - post_deployment_start + - mem-install + - mem-horizon-override + - agent-midonet-compute + - tunnel-zones-midonet + - midonet-edge-router-setup-bgp-gw + - openstack-network-midonet-cleanup-static-per-host + version: 2.0.0 + reexecute_on: + - deploy_changes + type: puppet + parameters: + puppet_manifest: puppet/manifests/midonet-restart-agent.pp + puppet_modules: "puppet/modules/:/etc/puppet/modules/" + timeout: 720 + condition: + yaql_exp: "$.midonet.mem = true and $.midonet.mem_insights = true" + +# In the end.. + +# Grab the Old Astute.yaml and save it somewhere so we can parse it +# later and do cleanup + +- id: save_old_astute + type: shell + version: 2.0.0 + role: + - controller + - primary-controller + required_for: + - post_deployment_end + requires: + - post_deployment_start + reexecute_on: + - deploy_changes + parameters: + cmd: cp /etc/fuel/cluster/{CLUSTER_ID}/astute.yaml /etc/fuel/cluster/astute.yaml.old + timeout: 180 diff --git a/doc/source/installation.rst b/doc/source/installation.rst index c8c3db6..45c3dac 100644 --- a/doc/source/installation.rst +++ b/doc/source/installation.rst @@ -19,7 +19,7 @@ To install the MidoNet Fuel plugin: :: - # fuel plugins --install midonet-fuel-plugin-4.0-4.0.0-1.noarch.rpm + # fuel plugins --install midonet-4.1-4.1.0-1.noarch.rpm #. Verify that the plugin is installed correctly: :: @@ -27,7 +27,7 @@ To install the MidoNet Fuel plugin: # fuel plugins id | name | version | package_version ---|---------|---------|---------------- - 9 | midonet | 4.0.0 | 4.0.0 + 9 | midonet | 4.1.0 | 4.0.0 .. _`Fuel Plugin Catalog`: https://www.mirantis.com/products/openstack-drivers-and-plugins/fuel-plugins/ .. _`Fuel CLI`: http://docs.openstack.org/developer/fuel-docs/userdocs/fuel-user-guide/cli.html diff --git a/environment_config.yaml b/environment_config.yaml index f535fec..6814788 100644 --- a/environment_config.yaml +++ b/environment_config.yaml @@ -3,24 +3,50 @@ attributes: restrictions: - condition: cluster:net_provider != 'neutron' action: hide + + gateway_type: + type: "select" + weight: 5 + value: "bgp" + label: "Gateway Type" + description: "Choose which technology MidoNet will use to encapsulate data between hosts" + values: + - data: "bgp" + label: "BGP gateway" + - data: "static" + label: "Static Gateway" + - data: "none" + label: "I want to configure gateway manually" + mem: value: false label: "Midokura Enterprise MidoNet (MEM)" - description: "If selected, Midokura Enterprise MidoNet (MEM) will be installed." + description: "If selected, Midokura Enterprise MidoNet (MEM) will be installed. If MEM is installed, you have to access Horizon at /horizon" weight: 6 type: "checkbox" + mem_insights: + value: false + label: "Midokura Enterprise MidoNet Insights" + description: "If selected, Midokura Enterprise MidoNet Insights (MEM) will be installed." + weight: 7 + type: "checkbox" + restrictions: + - condition: "settings:midonet.mem.value == false" + strict: false + message: "Midokura Enterprise MidoNet (MEM) must be enabled" + mem_version: - value: "v1.9" + value: "5.2" label: "MEM release version" description: "Choose the Midokura Enterprise MidoNet (MEM) release version" type: "select" - weight: 7 + weight: 8 values: - - data: "v1.9" - label: "v1.9" + - data: "5.2" + label: "5.2" restrictions: - - condition: "settings:midonet-fuel-plugin.mem.value == false" + - condition: "settings:midonet.mem.value == false" strict: false message: "Midokura Enterprise MidoNet (MEM) must be enabled" @@ -29,9 +55,9 @@ attributes: label: "MEM repository username" description: "Username for Midokura Enterprise MidoNet (MEM) repository" type: "text" - weight: 8 + weight: 9 restrictions: - - condition: "settings:midonet-fuel-plugin.mem.value == false" + - condition: "settings:midonet.mem.value == false" strict: false message: "Midokura Enterprise MidoNet (MEM) must be enabled" @@ -40,15 +66,15 @@ attributes: label: "MEM repository password" description: "Password for Midokura Enterprise MidoNet (MEM) repository" type: "password" - weight: 9 + weight: 10 restrictions: - - condition: "settings:midonet-fuel-plugin.mem.value == false" + - condition: "settings:midonet.mem.value == false" strict: false message: "Midokura Enterprise MidoNet (MEM) must be enabled" tunnel_type: type: "select" - weight: 10 + weight: 11 value: "gre" label: "Tunnel Type" description: "Choose which technology MidoNet will use to encapsulate data between hosts" @@ -66,7 +92,7 @@ attributes: value: '200.200.200.0/24' label: 'Floating Network subnet' description: 'CIDR of the Floating Network. Will override the default settings' - weight: 20 + weight: 30 type: "text" regex: source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])/(3[012]|[12]?[0-9])$' @@ -76,7 +102,7 @@ attributes: value: '200.200.200.1' label: 'Floating Network Gateway IP' description: 'Gateway of the Floating Network. Will override the default settings' - weight: 21 + weight: 31 type: "text" regex: source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$' @@ -86,7 +112,7 @@ attributes: value: '200.200.200.100' label: 'Floating Network range start' description: 'First IP address of the Floating Network range. Will override the default settings' - weight: 22 + weight: 32 type: "text" regex: source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$' @@ -96,59 +122,74 @@ attributes: value: '200.200.200.200' label: 'Floating Network range end' description: 'Last IP address of the Floating Network range. Will override the default settings' - weight: 23 + weight: 33 type: "text" regex: source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$' error: 'Floating Network range last value must be an IP address' ## BGP Options ### - bgp_cidr: - value: '10.88.88.0/30' - label: 'BGP routing subnet' - description: 'CIDR of the BGP network' - weight: 30 - type: "text" - regex: - source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])/(3[012]|[12]?[0-9])$' - error: 'BGP Network must be a CIDR' - bgp_ip: - value: '10.88.88.2' - label: 'BGP local IP address' - description: 'IP address of the first Local BGP peer' - weight: 31 - type: "text" - regex: - source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$' - error: 'Local BGP peer must be an IP address' - - local_as: + bgp_local_as: value: '12345' label: 'BGP local AS' - description: 'Autonomous System Number of the MidoNet Gateway' - weight: 32 - type: "text" - regex: - source: '^([0-9]){5}$' - error: "BGP local AS must be an integer of 5 digits" - - remote_ip1: - value: '10.88.88.1' - label: 'BGP peer IP address' - description: 'IP address of the BGP peer' - weight: 33 - type: "text" - regex: - source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$' - error: 'Remote BGP peer must be an IP address' - - remote_as1: - value: '65535' - label: 'BGP peer AS' - description: 'Autonomous System Number of the BGP peer' + description: 'BGP local autonomous system number' weight: 34 type: "text" regex: source: '^([0-9]){5}$' - error: "Remote AS must be an integer of 5 digits" + error: 'Local AS must be 5 digits.' + restrictions: + - condition: "settings:midonet.gateway_type.value != 'bgp'" + action: "hide" + + bgp_neighbors: + value: '10.88.88.2/30-10.88.88.1-65535' + label: 'BGP Peers' + description: 'List of BGP peers. In the form of /-- . If more than one peer, comma separate them like 1.1.1.1/24-1.1.1.2-11111,2.2.2.2/24-2.2.2.3-11111' + weight: 35 + type: "text" + regex: + source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\/(3[012]|[12]?[0-9])-(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])-([0-9]){5}(,(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\/(3[012]|[12]?[0-9])-(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])-([0-9]){5})*$' + error: 'BGP peers must be in the form /--,/--' + restrictions: + - condition: "settings:midonet.gateway_type.value != 'bgp'" + action: "hide" + + ## Static GW options ## + + static_linux_bridge_address: + value: '172.19.0.1/30' + label: 'Static LinuxBridge Address' + description: "IP address assigned to the virtual ethernet interface connected to the fake uplink linux bridge. It should be in 'IP/Prefix_Length' notation ('192.0.2.1/24')" + weight: 36 + type: "text" + regex: + source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])/(3[012]|[12]?[0-9])$' + error: 'Static LinuxBridge Address' + restrictions: + - condition: "settings:midonet.gateway_type.value != 'static'" + action: "hide" + + static_fake_edge_router_address: + value: '172.19.0.2/30' + label: 'Static Edge Router Address' + description: "IP address assigned to the virtual ethernet interface connected to the MidoNet Edge Router. It should be in 'IP/Prefix_Length' notation ('192.0.2.1/24')" + weight: 37 + type: "text" + regex: + source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])/(3[012]|[12]?[0-9])$' + error: 'Static Edge Router Address' + restrictions: + - condition: "settings:midonet.gateway_type.value != 'static'" + action: "hide" + + static_use_masquerade: + value: true + label: "Create Masquerading" + description: "Whether to enable masquerading or not. Enable when you don't have an upstream router routing floating IP network to the gateway node. Disable when you do have an upstream router routing floating IP network to the gateway node" + type: "checkbox" + weight: 38 + restrictions: + - condition: "settings:midonet.gateway_type.value != 'static'" + action: "hide" diff --git a/metadata.yaml b/metadata.yaml index 0879c44..b1b48fa 100644 --- a/metadata.yaml +++ b/metadata.yaml @@ -1,13 +1,13 @@ -name: midonet-fuel-plugin -title: Neutron Midonet plugin -version: 4.0.0 +name: midonet +title: Neutron Midonet Plugin +version: 4.1.0 description: Enable to use plugin Midonet for Neutron -fuel_version: ['8.0'] +fuel_version: ['9.0','9.1'] is_hotpluggable: false releases: - os: ubuntu - version: liberty-8.0 + version: mitaka-9.0 mode: ['ha', 'multinode'] deployment_scripts_path: deployment_scripts/ repository_path: repositories/ubuntu @@ -16,7 +16,7 @@ package_version: '4.0.0' licenses: ['Apache 2.0'] authors: ['Lucas Eznarriaga , Midokura', 'Jaume Devesa , Midokura', - 'Carmela Rubinos , Midokura', + 'Alex Ruiz , Midokura', 'Samir Ibradzic , Midokura'] homepage: 'https://github.com/openstack/fuel-plugin-midonet' groups: ['network'] diff --git a/node_roles.yaml b/node_roles.yaml index 5ef82f5..82a7fb1 100644 --- a/node_roles.yaml +++ b/node_roles.yaml @@ -16,3 +16,20 @@ midonet-gw: weight: 100 conflicts: - controller + limits: + max: 1 + min: 1 + +midonet-analytics: + name: MidoNet Analytics Node + description: Analytics Node for Midonet MEM + has_primary: false + public_ip_required: false + weight: 200 + limits: + max: 1 + conflicts: + - controller + - midonet-gw + - nsdb + - compute diff --git a/repositories/ubuntu/.gitkeep b/repositories/ubuntu/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/repositories/ubuntu/python-neutron-plugin-midonet_1.0.0_all.deb b/repositories/ubuntu/python-neutron-plugin-midonet_1.0.0_all.deb deleted file mode 100644 index bac457c..0000000 Binary files a/repositories/ubuntu/python-neutron-plugin-midonet_1.0.0_all.deb and /dev/null differ diff --git a/tasks.yaml b/tasks.yaml deleted file mode 100644 index 9801e27..0000000 --- a/tasks.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Install the MidoNet dependencies -- role: - - primary-controller - - controller - - compute - - nsdb - - midonet-gw - stage: pre_deployment - type: shell - parameters: - cmd: bash install_midonet_puppet_modules.sh - timeout: 1440 - -# Override neutron params -- role: - - primary-controller - - controller - - compute - - nsdb - - midonet-gw - stage: pre_deployment - type: puppet - parameters: - puppet_manifest: puppet/manifests/midonet-override-hiera.pp - puppet_modules: "puppet/modules/:/etc/puppet/modules/" - timeout: 1440 diff --git a/volumes.yaml b/volumes.yaml index e372c3b..4e49645 100644 --- a/volumes.yaml +++ b/volumes.yaml @@ -2,4 +2,7 @@ volumes_roles_mapping: nsdb: - {allocate_size: "min", id: "os"} - {allocate_size: "all", id: "vm"} + midonet-analytics: + - {allocate_size: "min", id: "os"} + - {allocate_size: "all", id: "vm"} volumes: []