summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore25
-rwxr-xr-xREADME.md108
-rw-r--r--components.yaml12
-rwxr-xr-xdeployment_scripts/calico-fuel-monitor66
-rwxr-xr-xdeployment_scripts/calico_compute.sh173
-rwxr-xr-xdeployment_scripts/calico_controller.sh231
-rwxr-xr-xdeployment_scripts/calico_route_reflector.sh75
-rwxr-xr-xdeployment_scripts/get_node_ip.py32
-rwxr-xr-xdeployment_scripts/get_node_ips_by_role.py32
-rwxr-xr-xdeployment_scripts/pluginutils.py32
-rw-r--r--deployment_scripts/puppet/manifests/compute_alt_gateway.pp78
-rw-r--r--deployment_scripts/puppet/manifests/compute_bird.pp36
-rw-r--r--deployment_scripts/puppet/manifests/compute_dhcp_agent.pp50
-rw-r--r--deployment_scripts/puppet/manifests/compute_felix.pp41
-rw-r--r--deployment_scripts/puppet/manifests/compute_metadata_api.pp20
-rw-r--r--deployment_scripts/puppet/manifests/compute_neutron_nova.pp114
-rw-r--r--deployment_scripts/puppet/manifests/etcd_proxy.pp30
-rw-r--r--deployment_scripts/puppet/manifests/hiera_override.pp22
-rw-r--r--deployment_scripts/puppet/manifests/neutron_networks.pp39
-rw-r--r--deployment_scripts/puppet/manifests/neutron_server_config.pp192
-rw-r--r--deployment_scripts/puppet/manifests/private_gateway_check.pp12
-rw-r--r--deployment_scripts/puppet/manifests/repo_setup.pp25
-rw-r--r--deployment_scripts/puppet/manifests/role_etcd.pp36
-rw-r--r--deployment_scripts/puppet/manifests/role_rr.pp43
-rw-r--r--deployment_scripts/puppet/modules/calico/Modulefile12
-rw-r--r--deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/convert_external_peers.rb28
-rw-r--r--deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/convert_internal_peers.rb51
-rw-r--r--deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/generate_bgp_peers.rb55
-rw-r--r--deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/remove_ovs_usage.rb65
-rw-r--r--deployment_scripts/puppet/modules/calico/manifests/bird.pp95
-rw-r--r--deployment_scripts/puppet/modules/calico/manifests/bird/bgp_peer_record.pp35
-rw-r--r--deployment_scripts/puppet/modules/calico/manifests/etcd.pp77
-rw-r--r--deployment_scripts/puppet/modules/calico/manifests/init.pp20
-rw-r--r--deployment_scripts/puppet/modules/calico/manifests/params.pp43
-rw-r--r--deployment_scripts/puppet/modules/calico/spec/spec_helper.rb17
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/bird-calico_os-filters.conf.erb18
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/bird-compute.conf.erb29
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/bird-peer-compute.conf.erb10
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/bird-peer-ext.conf.erb10
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/bird-peer-rr.conf.erb11
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/bird-rr.conf.erb26
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/calico-alt-gateway.conf.erb13
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/etcd.conf.erb15
-rw-r--r--deployment_scripts/puppet/modules/calico/templates/felix.cfg.erb6
-rw-r--r--deployment_scripts/puppet/modules/calico/tests/init.pp12
-rwxr-xr-xdeployment_scripts/remove_default_networks.sh45
-rwxr-xr-xdeployment_scripts/update_etcd_cluster.sh42
-rw-r--r--deployment_tasks.yaml340
-rw-r--r--environment_config.yaml46
-rw-r--r--metadata.yaml24
-rw-r--r--node_roles.yaml20
-rw-r--r--pre_build_hook18
-rw-r--r--pre_install.sh45
-rw-r--r--repositories/ubuntu/nova-api-metadata_13.0.0-7-u14.04+mos43_all.debbin0 -> 22264 bytes
-rwxr-xr-xspecs/calico-fuel-plugin.rst25
-rw-r--r--tasks.yaml33
56 files changed, 1985 insertions, 825 deletions
diff --git a/.gitignore b/.gitignore
index 00efc26..0868483 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,27 @@
1.build/ 1.build/
2calico-fuel-plugin-*.rpm 2calico-fuel-plugin-*.rpm
3*~
4*.swp
5*.gem
6*.rbc
7.idea
8.bundle
9.config
10*.lock
11*.diff
12coverage
13InstalledFiles
14lib/bundler/man
15pkg
16rdoc
17spec/reports
18spec/fixtures/modules
19spec/fixtures/manifests
20test/tmp
21test/version_tmp
22tmp
23
24# YARD artifacts
25.yardoc
26_yardoc
27doc/
diff --git a/README.md b/README.md
index 85fca1a..2ade030 100755
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ None.
31Compatible versions: 31Compatible versions:
32-------------------- 32--------------------
33 33
34 Mirantis Fuel 7.0 34 Mirantis Fuel 9.0
35 35
36To build the plugin: 36To build the plugin:
37-------------------- 37--------------------
@@ -39,18 +39,15 @@ To build the plugin:
39- Install the fuel plugin builder, fpb: 39- Install the fuel plugin builder, fpb:
40 40
41 easy_install pip 41 easy_install pip
42
43 pip install fuel-plugin-builder 42 pip install fuel-plugin-builder
44 43
45- Clone the calico plugin repository and run the plugin builder: 44- Clone the calico plugin repository and run the plugin builder:
46 45
47 git clone https://github.com/openstack/fuel-plugin-calico 46 git clone https://github.com/openstack/fuel-plugin-calico
48
49 cd fuel-plugin-calico/ 47 cd fuel-plugin-calico/
50
51 fpb --build . 48 fpb --build .
52 49
53- Check that the file calico-fuel-plugin-2.0-2.0.0-0.noarch.rpm was created. 50- Check that the file fuel-plugin-calico-VERSION.noarch.rpm was created.
54 51
55 52
56To install the plugin: 53To install the plugin:
@@ -60,13 +57,16 @@ To install the plugin:
60 57
61- Copy the plugin onto the fuel master node: 58- Copy the plugin onto the fuel master node:
62 59
63 scp calico-fuel-plugin-2.0-2.0.0-0.noarch.rpm root@<Fuel_Master_Node_IP>:/tmp 60 scp fuel-plugin-calico-VERSION.noarch.rpm root@<Fuel_Master_Node_IP>:/tmp
61
62- Install the `patch` utility:
63
64 yum install -y patch
64 65
65- Install the plugin on the fuel master node: 66- Install the plugin on the fuel master node:
66 67
67 cd /tmp 68 cd /tmp
68 69 fuel plugins --install fuel-plugin-calico-VERSION.noarch.rpm
69 fuel plugins --install calico-fuel-plugin-2.0-2.0.0-0.noarch.rpm
70 70
71- Check the plugin was installed: 71- Check the plugin was installed:
72 72
@@ -81,27 +81,85 @@ OpenStack cluster in the usual way, with the following guidelines:
81 81
82- Create a new OpenStack environment, selecting: 82- Create a new OpenStack environment, selecting:
83 83
84 Kilo on Ubuntu Trusty 84 Mitaka on Ubuntu 14.04
85 "Calico networking" as the networking setup
85 86
86 "Neutron with VLAN segmentation" as the networking setup 87- Under the network tab, configure the `Public` settings to reduce
87 88 Floating-IP addresses pool to one address,
88- Under the settings tab, make sure the following options are checked: 89 because Calico does not support Floating IPs use-case.
89 90 For example (exact values will
90 "Assign public network to all nodes"
91
92 "Use Calico Virtual Networking"
93
94- Under the network tab, configure the 'Public' settings (leaving all of the
95 other sections with their default values). For example (exact values will
96 depend on your setup): 91 depend on your setup):
97 92
98 - IP Range: 172.18.203.60 - 172.18.203.69 93 Node Network Group
99 - CIDR: 172.18.203.0/24 94 default:
100 - Use VLAN tagging: No 95 CIDR: 172.18.203.0/24
101 - Gateway: 172.18.203.1 96 IP Range: 172.18.203.2 - 172.18.203.253
102 - Floating IP range: 172.18.203.70 - 172.18.203.79 97 Gateway: 172.18.203.1
98 Use VLAN tagging: No
99
100 Settings
101 Neutron L3:
102 Floating IP range: 172.18.203.254 - 172.18.203.254
103
104- Under the network tab, configure the `Private` network settings
105 (this network will be used for BGP peering between custer nodes, route
106 reflectors and external peers, configured by UI). Do not forget to exclude
107 Your BGP peers and gateway from the IP range!
108 For example (exact values will depend on your setup):
109
110 IP Range: 172.100.203.33 - 172.100.203.254
111 CIDR: 172.100.203.0/24
112 Use VLAN tagging: No
113
114- Under Fuel CLI, configure gateway for `Private` network.
115 This gateway will be used for pass outgoing external traffic from instances.
116 In most cases the same gateway node should be also an external BGB peer
117 (see below, external BGB peer-1).
118
119 [root@nailgun ~]# fuel2 network-group list
120 +----+---------+------------+---------------+---------+----------+
121 | id | name | vlan_start | cidr | gateway | group_id |
122 +----+---------+------------+---------------+---------+----------+
123 | 5 | private | None | 10.88.12.0/24 | None | 1 |
124 +----+---------+------------+---------------+---------+----------+
125 [root@nailgun ~]# fuel2 network-group update -g 10.88.12.1 5
126 +------------+---------------+
127 | Field | Value |
128 +------------+---------------+
129 | id | 5 |
130 | name | private |
131 | vlan_start | None |
132 | cidr | 10.88.12.0/24 |
133 | gateway | 10.88.12.1 |
134 | group_id | 1 |
135 +------------+---------------+
136
137- Under the network tab, configure IP pool for Calico network fabric.
138 Ip addresses from this pool will be assigned to VM instances:
139
140 Settings
141 Neutron L3:
142 Admin Tenant network CIDR: 10.10.0.0/16
143 Admin Tenant network gateway: 10.10.0.1
144
145- Under the network tab, in the `other/Calico_networking` section setup
146 AS number, external BGP peering and another Calico networking options.
147
148 AS Number: 64513
149
150 [X] Allow external BGP peering
151 External BGP peers:
152 peer-1:65000:10.88.12.1
153 peer-2:65002:172.100.203.13
103 154
104- Add nodes (for meaningful testing, you will need at least two compute nodes 155- Add nodes (for meaningful testing, you will need at least two compute nodes
105 in addition to the controller). 156 in addition to the controller). Calico-RR (route-reflector) and Calico-ETCD
157 node roles may be co-located on Controller nodes or deployed separately.
158
159- Under the nodes tab, configure networks to NICs mapping
160 (exact positions will depend on your setup)
106 161
107- Deploy changes 162- Deploy changes
163
164- Do not forget to configure BGP peering session on you infrastructure
165 BGP peers.
diff --git a/components.yaml b/components.yaml
new file mode 100644
index 0000000..6dbe7d7
--- /dev/null
+++ b/components.yaml
@@ -0,0 +1,12 @@
1- name: 'network:neutron:calico'
2 label: 'Calico'
3 description: 'Calico networking'
4 bind: !!pairs
5 - "cluster:net_provider": "neutron"
6 - "cluster:net_segment_type": "tun"
7 compatible:
8 - name: 'hypervisor:kvm'
9 - name: 'hypervisor:qemu'
10 incompatible:
11 - name: 'hypervisor:vmware'
12 description: 'Calico plugin is not compatible with VMware for now' \ No newline at end of file
diff --git a/deployment_scripts/calico-fuel-monitor b/deployment_scripts/calico-fuel-monitor
deleted file mode 100755
index 19bd7ed..0000000
--- a/deployment_scripts/calico-fuel-monitor
+++ /dev/null
@@ -1,66 +0,0 @@
1#!/usr/bin/env python
2
3import pyinotify
4import subprocess
5import yaml
6
7from pluginutils import NODES_CONFIG
8
9SCRIPTS_LOCATION="##REPLACE_ON_INSTALL##/"
10RECONFIGURE_ROUTE_REFLECTOR = SCRIPTS_LOCATION + "calico_route_reflector.sh"
11UPDATE_ETCD_CLUSTER = SCRIPTS_LOCATION + "update_etcd_cluster.sh"
12
13
14def _get_configured_nodes(roles):
15 with open(NODES_CONFIG, "r") as f:
16 config = yaml.safe_load(f)
17
18 return [node for node in config["nodes"] if node["role"] in roles]
19
20
21def _get_compute_nodes():
22 return _get_configured_nodes(["compute"])
23
24
25def _get_control_nodes():
26 nodes = _get_configured_nodes(["controller", "primary-controller"])
27
28 for node in nodes:
29 # Note this does not change the node role in the Fuel deployment, just
30 # in the list of nodes internal to this script (where we are only
31 # concerned with the distinction between compute/control nodes, not
32 # whether a given control node is primary or not).
33 if node["role"] == "primary-controller":
34 node["role"] = "controller"
35
36 return nodes
37
38
39class DeploymentChangeHandler(pyinotify.ProcessEvent):
40 def __init__(self):
41 super(DeploymentChangeHandler, self).__init__()
42 self.compute_nodes = _get_compute_nodes()
43 self.control_nodes = _get_control_nodes()
44
45 def process_IN_MODIFY(self, event):
46 current_compute_nodes = _get_compute_nodes()
47 current_control_nodes = _get_control_nodes()
48
49 if current_control_nodes != self.control_nodes:
50 subprocess.call(RECONFIGURE_ROUTE_REFLECTOR)
51 subprocess.call(UPDATE_ETCD_CLUSTER)
52
53 elif current_compute_nodes != self.compute_nodes:
54 subprocess.call(RECONFIGURE_ROUTE_REFLECTOR)
55
56 self.compute_nodes = current_compute_nodes
57 self.control_nodes = current_control_nodes
58
59
60if __name__ == "__main__":
61 handler = DeploymentChangeHandler()
62 watch_manager = pyinotify.WatchManager()
63 notifier = pyinotify.Notifier(watch_manager, handler)
64 watch_manager.add_watch(NODES_CONFIG, pyinotify.IN_MODIFY)
65 notifier.loop()
66
diff --git a/deployment_scripts/calico_compute.sh b/deployment_scripts/calico_compute.sh
deleted file mode 100755
index 6ec65fa..0000000
--- a/deployment_scripts/calico_compute.sh
+++ /dev/null
@@ -1,173 +0,0 @@
1#!/bin/bash
2# Copyright 2015 Metaswitch Networks
3
4export DEBIAN_FRONTEND=noninteractive
5
6exec > /tmp/calico_compute.log 2>&1
7
8set -x
9
10echo "Hi, I'm a compute node!"
11
12this_node_address=$(python get_node_ip.py `hostname`)
13controller_node_addresses=$(python get_node_ips_by_role.py controller)
14
15# Get APT key for binaries.projectcalico.org.
16
17curl -L http://binaries.projectcalico.org/repo/key | apt-key add -
18
19# Add source for binaries.projectcalico.org, removing the priority files that
20# were automatically created by the fuel plugin installer (the version number
21# in the file names causes problems as it contains full stops, and the file
22# contents aren't what we want).
23
24rm -f /etc/apt/preferences.d/calico-fuel-plugin-2.0.0 /etc/apt/sources.list.d/calico-fuel-plugin-2.0.0.list
25
26cat > /etc/apt/sources.list.d/calico.list <<EOF
27deb http://binaries.projectcalico.org/fuel7.0 ./
28EOF
29
30cat << PREFS >> /etc/apt/preferences.d/calico-fuel
31Package: *
32Pin: origin binaries.projectcalico.org
33Pin-Priority: 1200
34PREFS
35
36# Add PPA for the etcd packages, and ensure that it has lower priority than
37# binaries.projectcalico.org so that we get the fuel versions of the calico
38# packages.
39
40apt-add-repository -y ppa:project-calico/kilo
41
42cat > /etc/apt/preferences.d/calico-etcd <<EOF
43Package: *
44Pin: release o=LP-PPA-project-calico-kilo
45Pin-Priority: 1175
46EOF
47
48# Pick up package details from new sources.
49apt-get update
50
51# Install etcd and configure it for a compute node.
52
53apt-get -y install etcd
54
55for controller_address in ${controller_node_addresses[@]}
56do
57 initial_cluster+="${controller_address}=http://${controller_address}:2380,"
58done
59initial_cluster=${initial_cluster::-1} # remove trailing comma
60
61service etcd stop
62rm -rf /var/lib/etcd/*
63awk '/exec \/usr\/bin\/etcd/{while(getline && $0 != ""){}}1' /etc/init/etcd.conf > tmp
64mv tmp /etc/init/etcd.conf
65cat << EXEC_CMD >> /etc/init/etcd.conf
66exec /usr/bin/etcd -proxy on \\
67 -listen-client-urls http://127.0.0.1:4001 \\
68 -advertise-client-urls http://127.0.0.1:7001 \\
69 -initial-cluster ${initial_cluster}
70EXEC_CMD
71service etcd start
72
73# Run apt-get upgrade and apt-get dist-upgrade. These commands will
74# bring in Calico-specific updates to the OpenStack packages and to
75# dnsmasq.
76
77apt-get -y upgrade
78apt-get -y dist-upgrade
79
80# Open /etc/nova/nova.conf and remove the linuxnet_interface_driver line.
81
82cp /etc/nova/nova.conf /etc/nova/nova.conf.pre-calico
83
84sed -i "/^linuxnet_interface_driver/d" /etc/nova/nova.conf
85service nova-compute restart
86
87# Install some extra packages.
88
89apt-get -y install neutron-common neutron-dhcp-agent nova-api
90
91# Open /etc/neutron/dhcp_agent.ini in your preferred text editor. In
92# the [DEFAULT] section, add the following line:
93#
94# interface_driver = neutron.agent.linux.interface.RoutedInterfaceDriver
95
96cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.pre-calico
97
98sed -i "/^interface_driver/d" /etc/neutron/dhcp_agent.ini
99
100sed -i "/^\[DEFAULT\]/a\
101interface_driver = neutron.agent.linux.interface.RoutedInterfaceDriver
102" /etc/neutron/dhcp_agent.ini
103
104# Allow BGP connections through the Fuel firewall. We do this before
105# installing calico-compute, so that they will be included when the
106# calico-compute install script does iptables-save.
107iptables -I INPUT 1 -p tcp --dport 179 -j ACCEPT
108
109# Add sources for BIRD and Ubuntu Precise.
110
111gpg --keyserver keyserver.ubuntu.com --recv-keys F9C59A45
112gpg -a --export F9C59A45 | apt-key add -
113
114cat > /etc/apt/sources.list.d/bird.list <<EOF
115deb http://ppa.launchpad.net/cz.nic-labs/bird/ubuntu trusty main
116EOF
117
118cat > /etc/apt/sources.list.d/trusty.list <<EOF
119deb http://gb.archive.ubuntu.com/ubuntu/ trusty main
120deb http://gb.archive.ubuntu.com/ubuntu/ trusty universe
121EOF
122
123apt-get update
124
125# Install BIRD and calico-compute packages.
126
127# Note that this will trigger the installation of iptables-persistent which
128# will attempt to bring up a dialog box. We use debconf-set-selections to set
129# the value beforehand to avoid this (so not to interrupt the automated
130# installation process).
131echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
132echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
133
134apt-get -y install calico-compute bird
135
136# Configure BIRD. By default Calico assumes that you'll be deploying
137# a route reflector to avoid the need for a full BGP mesh. To this
138# end, it includes useful configuration scripts that will prepare a
139# BIRD config file with a single peering to the route reflector. If
140# that's correct for your network, you can run the following command
141# for IPv4 connectivity between compute hosts.
142#
143# The calico_route_reflector.sh script will set up the required BGP
144# Route Reflctor configuration on the controller to allow connections
145# from the compute nodes.
146#
147# If you are configuring a full BGP mesh you'll need to handle the BGP
148# configuration appropriately - by editing this script/the Route Reflector
149# script. You should consult the relevant documentation for your chosen BGP
150# stack.
151
152calico-gen-bird-mesh-conf.sh $this_node_address 64511 ${controller_node_addresses[@]}
153
154# Edit the /etc/calico/felix.cfg file:
155# Change the MetadataAddr setting to 127.0.0.1.
156# Change the MetadataPort setting to 8775.
157
158cp /etc/calico/felix.cfg.example /etc/calico/felix.cfg
159
160sed -i "/^MetadataAddr/d" /etc/calico/felix.cfg
161sed -i "/^\[global\]/a\
162MetadataAddr = 127.0.0.1
163" /etc/calico/felix.cfg
164
165sed -i "/^MetadataPort/d" /etc/calico/felix.cfg
166sed -i "/^\[global\]/a\
167MetadataPort = 8775
168" /etc/calico/felix.cfg
169
170# Restart the Felix service:
171service calico-felix restart
172
173exit 0
diff --git a/deployment_scripts/calico_controller.sh b/deployment_scripts/calico_controller.sh
deleted file mode 100755
index def69df..0000000
--- a/deployment_scripts/calico_controller.sh
+++ /dev/null
@@ -1,231 +0,0 @@
1#!/bin/bash
2# Copyright 2015 Metaswitch Networks
3
4export DEBIAN_FRONTEND=noninteractive
5
6exec > /tmp/calico_controller.log 2>&1
7
8set -x
9
10echo "Hi, I'm a controller node!"
11
12this_node_address=$(python get_node_ip.py `hostname`)
13controller_node_addresses=$(python get_node_ips_by_role.py controller)
14
15# Get APT key for binaries.projectcalico.org.
16
17curl -L http://binaries.projectcalico.org/repo/key | apt-key add -
18
19# Add source for binaries.projectcalico.org, removing the priority files that
20# were automatically created by the fuel plugin installer (the version number
21# in the file names causes problems as it contains full stops, and the file
22# contents aren't what we want).
23
24rm -f /etc/apt/preferences.d/calico-fuel-plugin-2.0.0 /etc/apt/sources.list.d/calico-fuel-plugin-2.0.0.list
25
26cat > /etc/apt/sources.list.d/calico.list <<EOF
27deb http://binaries.projectcalico.org/fuel7.0 ./
28EOF
29
30cat << PREFS >> /etc/apt/preferences.d/calico-fuel
31Package: *
32Pin: origin binaries.projectcalico.org
33Pin-Priority: 1200
34PREFS
35
36# Add PPA for the etcd packages, and ensure that it has lower priority than
37# binaries.projectcalico.org so that we get the fuel versions of the calico
38# packages.
39
40apt-add-repository -y ppa:project-calico/kilo
41
42cat > /etc/apt/preferences.d/calico-etcd <<EOF
43Package: *
44Pin: release o=LP-PPA-project-calico-kilo
45Pin-Priority: 1175
46EOF
47
48# Pick up package details from new sources.
49apt-get update
50
51# Install etcd and configure it for a controller node.
52
53apt-get -y install etcd
54
55for controller_address in ${controller_node_addresses[@]}
56do
57 initial_cluster+="${controller_address}=http://${controller_address}:2380,"
58done
59initial_cluster=${initial_cluster::-1} # remove trailing comma
60
61service etcd stop
62rm -rf /var/lib/etcd/*
63awk '/exec \/usr\/bin\/etcd/{while(getline && $0 != ""){}}1' /etc/init/etcd.conf > tmp
64mv tmp /etc/init/etcd.conf
65cat << EXEC_CMD >> /etc/init/etcd.conf
66exec /usr/bin/etcd -name ${this_node_address} \\
67 -advertise-client-urls "http://${this_node_address}:2379,http://${this_node_address}:4001" \\
68 -listen-client-urls "http://0.0.0.0:2379,http://0.0.0.0:4001" \\
69 -listen-peer-urls "http://0.0.0.0:2380" \\
70 -initial-advertise-peer-urls "http://${this_node_address}:2380" \\
71 -initial-cluster-token fuel-cluster-1 \\
72 -initial-cluster ${initial_cluster} \\
73 -initial-cluster-state new
74
75EXEC_CMD
76
77service etcd start
78
79# Ensure that the firewall isn't dropping traffic to the ports used by etcd.
80iptables -I INPUT 1 -p tcp --dport 2379 -j ACCEPT
81iptables -I INPUT 2 -p tcp --dport 2380 -j ACCEPT
82iptables -I INPUT 3 -p tcp --dport 4001 -j ACCEPT
83iptables-save > /etc/iptables.local
84/sbin/iptables-restore < /etc/iptables.local
85
86# Run apt-get upgrade and apt-get dist-upgrade. These commands will
87# bring in Calico-specific updates to the OpenStack packages and to
88# dnsmasq.
89
90apt-get -y upgrade
91apt-get -y dist-upgrade
92
93# Install the calico-control package:
94
95apt-get -y install calico-control
96
97# Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file:
98#
99# Find the line beginning with type_drivers, and change it to
100# read type_drivers = local, flat.
101
102cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.pre-calico
103
104sed -i "/^type_drivers/d" /etc/neutron/plugins/ml2/ml2_conf.ini
105
106sed -i "/^\[ml2\]/a\
107type_drivers = local, flat
108" /etc/neutron/plugins/ml2/ml2_conf.ini
109
110# Find the line beginning with mechanism_drivers, and change it
111# to read mechanism_drivers = calico.
112
113sed -i "/^mechanism_drivers/d" /etc/neutron/plugins/ml2/ml2_conf.ini
114
115sed -i "/^\[ml2\]/a\
116mechanism_drivers = calico
117" /etc/neutron/plugins/ml2/ml2_conf.ini
118
119# Find the line beginning with tenant_network_types, and change it
120# to read tenant_network_types = local.
121
122sed -i "/^tenant_network_types/d" /etc/neutron/plugins/ml2/ml2_conf.ini
123
124sed -i "/^\[ml2\]/a\
125tenant_network_types = local
126" /etc/neutron/plugins/ml2/ml2_conf.ini
127
128# Edit the /etc/neutron/neutron.conf file:
129#
130# Find the line for the dhcp_agents_per_network setting,
131# uncomment it, and set its value to the number of compute nodes
132# that you will have (or any number larger than that). This
133# allows a DHCP agent to run on every compute node, which Calico
134# requires because the networks on different compute nodes are
135# not bridged together.
136
137cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.pre-calico
138
139sed -i "/^dhcp_agents_per_network/d" /etc/neutron/neutron.conf
140
141sed -i "/^\[DEFAULT\]/a\
142dhcp_agents_per_network = 1000
143" /etc/neutron/neutron.conf
144
145# Remove api_workers and rpc_workers config, so that these default to
146# 0. The Calico/OpenStack plugin doesn't currently work if the
147# Neutron server is split across multiple OS processes.
148
149sed -i "/^api_workers/d" /etc/neutron/neutron.conf
150sed -i "/^rpc_workers/d" /etc/neutron/neutron.conf
151
152# Set agent_down_time to 60, instead of Fuel's default setting of 15.
153# The Calico/OpenStack plugin reports Felix agent status every 30
154# seconds, based on the HEARTBEAT exchange between the plugin and each
155# Felix; and it is recommended that agent_down_time should be double
156# the expected reporting interval.
157
158sed -i "/^agent_down_time/d" /etc/neutron/neutron.conf
159
160sed -i "/^\[DEFAULT\]/a\
161agent_down_time = 60
162" /etc/neutron/neutron.conf
163
164# If dnspython is installed, eventlet replaces socket.getaddrinfo() with its
165# own version that cannot handle IPv6 addresses. As a workaround, we comment
166# out the '::1 localhost' line from /etc/hosts.
167
168sed -i "s/^::1\(.*\)/#::1\1 #commented out due to dnspython IPv6 issue/" /etc/hosts
169
170# Restart the neutron server process:
171
172service neutron-server restart
173
174# BIRD installation
175
176gpg --keyserver keyserver.ubuntu.com --recv-keys F9C59A45
177gpg -a --export F9C59A45 | apt-key add -
178
179cat > /etc/apt/sources.list.d/bird.list <<EOF
180deb http://ppa.launchpad.net/cz.nic-labs/bird/ubuntu trusty main
181EOF
182
183apt-get update
184
185apt-get -y install bird
186
187# Allow BGP through the Fuel firewall
188iptables -I INPUT 1 -p tcp --dport 179 -j ACCEPT
189
190# Save the current iptables so that they will be restored if the
191# controller is rebooted.
192iptables-save > /etc/iptables/rules.v4
193
194# Set up a service, calico-fuel-monitor, that will detect changes to the
195# deployment and reconfigure the calico components on the controller as
196# needed. For example, updating the route reflector configuration after
197# compute nodes are added/removed from the deployment.
198SERVICE_NAME=calico-fuel-monitor
199
200# Install the service's dependencies.
201apt-get -y install python-pip
202pip install pyinotify pyaml
203
204# During node deployment, the plugin deployment scripts are copied into
205# /etc/fuel/plugins/<plugin_name>-<plugin_version> on the node, and this
206# script is run from that directory.
207SERVICE_DIR=$(pwd)
208sed -i "s@##REPLACE_ON_INSTALL##@${SERVICE_DIR}@" $SERVICE_NAME
209chmod +x $SERVICE_NAME
210
211cat << SERVICE_CFG >> /etc/init/calico-fuel-monitor.conf
212# calico-fuel-monitor - daemon to monitor for fuel deployment changes and
213# reconfigure the calico components accordingly
214
215description "Calico daemon to monitor fuel deployment changes"
216author "Emma Gordon <emma@projectcalico.org>"
217
218start on runlevel [2345]
219stop on runlevel [016]
220
221respawn
222
223script
224cd ${SERVICE_DIR}
225exec ./${SERVICE_NAME}
226end script
227SERVICE_CFG
228
229service $SERVICE_NAME start
230
231exit 0
diff --git a/deployment_scripts/calico_route_reflector.sh b/deployment_scripts/calico_route_reflector.sh
deleted file mode 100755
index af8cfde..0000000
--- a/deployment_scripts/calico_route_reflector.sh
+++ /dev/null
@@ -1,75 +0,0 @@
1#!/bin/bash
2# Copyright 2015 Metaswitch Networks
3
4exec > /tmp/calico_route_reflector.log 2>&1
5
6set -x
7
8echo "Hi, I'm a route_reflector node!"
9
10this_node_address=$(python get_node_ip.py `hostname`)
11controller_node_addresses=$(python get_node_ips_by_role.py controller)
12
13client_peers=$(python get_node_ips_by_role.py compute)
14route_reflector_peers=("${controller_node_addresses[@]/$this_node_address}")
15
16# Generate basic config for a BIRD BGP route reflector.
17cat > /etc/bird/bird.conf <<EOF
18# Configure logging
19log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug };
20log stderr all;
21#log "tmp" all;
22
23# Override router ID
24router id $this_node_address;
25
26
27filter import_kernel {
28if ( net != 0.0.0.0/0 ) then {
29 accept;
30 }
31reject;
32}
33
34# Turn on global debugging of all protocols
35debug protocols all;
36
37# This pseudo-protocol watches all interface up/down events.
38protocol device {
39 scan time 2; # Scan interfaces every 10 seconds
40}
41EOF
42
43# Add a BGP protocol stanza for all peers.
44for node in ${client_peers[@]} ${route_reflector_peers[@]}; do
45 cat >> /etc/bird/bird.conf <<EOF
46protocol bgp {
47 local as 64511;
48 neighbor $node as 64511;
49 multihop;
50EOF
51
52 if [[ "${client_peers[@]}" =~ "${node}" ]]; then
53 cat >> /etc/bird/bird.conf <<EOF
54 description "Client $node";
55 rr client;
56EOF
57 else
58 cat >> /etc/bird/bird.conf <<EOF
59 description "Route Reflector $node";
60EOF
61 fi
62
63 cat >> /etc/bird/bird.conf <<EOF
64 rr cluster id 1.2.3.4;
65 import all;
66 export all;
67 source address ${this_node_address};
68}
69EOF
70done
71
72# Restart BIRD with the new config.
73service bird restart
74
75exit 0
diff --git a/deployment_scripts/get_node_ip.py b/deployment_scripts/get_node_ip.py
deleted file mode 100755
index 2b47fb5..0000000
--- a/deployment_scripts/get_node_ip.py
+++ /dev/null
@@ -1,32 +0,0 @@
1#!/usr/bin/env python
2# Copyright 2015 Metaswitch Networks
3
4import sys
5import yaml
6from pluginutils import get_config_file_for_node_type
7
8usage = "./get_node_ip.py <hostname>"
9
10def main(hostname):
11 config_file = get_config_file_for_node_type()
12
13 with open(config_file, "r") as f:
14 config = yaml.safe_load(f)
15
16 for node in config["nodes"]:
17 if node["fqdn"] == hostname:
18 # Get the IP address that other OpenStack nodes can use to address
19 # services on this node, rather than the node's public IP address.
20 this_node_ip = node["internal_address"]
21 break
22 else:
23 this_node_ip = None
24
25 print this_node_ip
26
27if __name__ == "__main__":
28 if len(sys.argv) != 2:
29 print usage
30 sys.exit(1)
31
32 main(sys.argv[1])
diff --git a/deployment_scripts/get_node_ips_by_role.py b/deployment_scripts/get_node_ips_by_role.py
deleted file mode 100755
index 5e3be84..0000000
--- a/deployment_scripts/get_node_ips_by_role.py
+++ /dev/null
@@ -1,32 +0,0 @@
1#!/usr/bin/env python
2# Copyright 2015 Metaswitch Networks
3
4import argparse
5import yaml
6
7from pluginutils import NODES_CONFIG
8
9
10def main(node_roles):
11 with open(NODES_CONFIG, "r") as f:
12 config = yaml.safe_load(f)
13
14 node_ips = [node["internal_address"] for node in config["nodes"]
15 if node["role"] in node_roles]
16
17 return node_ips
18
19
20if __name__ == "__main__":
21 parser = argparse.ArgumentParser()
22 parser.add_argument("node_role", choices=["compute", "controller"])
23 args = parser.parse_args()
24
25 args.node_role = [args.node_role]
26 if args.node_role == ["controller"]:
27 args.node_role.append("primary-controller")
28
29 node_ips = main(args.node_role)
30 if node_ips:
31 print " ".join(node_ips)
32
diff --git a/deployment_scripts/pluginutils.py b/deployment_scripts/pluginutils.py
deleted file mode 100755
index 71efa77..0000000
--- a/deployment_scripts/pluginutils.py
+++ /dev/null
@@ -1,32 +0,0 @@
1#!/usr/bin/env python
2# Copyright 2015 Metaswitch Networks
3
4import os
5
6# This config file is updated with the latest node details as the deployment
7# evolves. It only contains node details, not other config settings.
8NODES_CONFIG = "/etc/hiera/astute.yaml"
9
10# These config files contain details of the nodes at initial deployment, but
11# they are not subsequently updated with node changes. However, they contain
12# a greater range of information, including settings and network config. They
13# are also created on the system earlier in the deployment process, so are
14# good sources of initial node information during Calico setup.
15PRIMARY_CONTROLLER_CFG = "/etc/primary-controller.yaml"
16CONTROLLER_CFG = "/etc/controller.yaml"
17COMPUTE_CFG = "/etc/compute.yaml"
18
19def get_config_file_for_node_type():
20 if os.path.isfile(PRIMARY_CONTROLLER_CFG):
21 config_file = PRIMARY_CONTROLLER_CFG
22
23 elif os.path.isfile(CONTROLLER_CFG):
24 config_file = CONTROLLER_CFG
25
26 elif os.path.isfile(COMPUTE_CFG):
27 config_file = COMPUTE_CFG
28
29 else:
30 raise Exception("Unrecognised node type - can't obtain config")
31
32 return config_file
diff --git a/deployment_scripts/puppet/manifests/compute_alt_gateway.pp b/deployment_scripts/puppet/manifests/compute_alt_gateway.pp
new file mode 100644
index 0000000..4c71a17
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/compute_alt_gateway.pp
@@ -0,0 +1,78 @@
1notice('MODULAR: calico/compute_alt_gateway.pp')
2
3$network_scheme = hiera_hash('network_scheme')
4prepare_network_config($network_scheme)
5$network_metadata = hiera_hash('network_metadata', {})
6
7# Initial constants
8$plugin_name = 'fuel-plugin-calico'
9$calico_mark = '0xCA'
10
11$neutron_config = hiera_hash('neutron_config')
12$private_net_name = try_get_value($neutron_config, 'default_private_net', 'admin_internal_net')
13$neutron_networks = try_get_value($neutron_config, 'predefined_networks', {})
14$private_net = try_get_value($neutron_networks, $private_net_name, {'L3'=>{}})
15$subnet_cidr = pick($private_net['L3']['subnet'], '10.20.0.0/16')
16
17$calico_alt_gateway_br = get_network_role_property('neutron/mesh','interface')
18$calico_alt_gateway = try_get_value($network_scheme,"endpoints/${calico_alt_gateway_br}/vendor_specific/provider_gateway")
19
20# Firewall initials
21class { '::firewall':}
22Class['::firewall'] -> Firewall<||>
23Class['::firewall'] -> Firewallchain<||>
24
25# iptables -t mangle -N calico-alt-gw-MARK
26firewallchain { 'calico-alt-gw-MARK:mangle:IPv4':
27 ensure => present,
28}->
29# iptables -t mangle -A PREROUTING -i tap+ -j calico-alt-gw-MARK
30firewall { '010 process traffic from VM instances to outside':
31 ensure => present,
32 table => 'mangle',
33 chain => 'PREROUTING',
34 iniface => 'tap+',
35 proto => 'all',
36 jump => 'calico-alt-gw-MARK',
37} ->
38#iptables -t mangle -A calico-alt-gw-MARK -d 192.168.111.0/24 -j RETURN
39firewall { '011 skip internal traffic':
40 ensure => present,
41 table => 'mangle',
42 chain => 'calico-alt-gw-MARK',
43 destination => $subnet_cidr,
44 proto => 'all',
45 jump => 'RETURN',
46} ->
47#iptables -t mangle -A calico-alt-gw-MARK -j MARK --set-mark 0x222
48firewall { '012 mark traffic from VM instances to outside':
49 ensure => present,
50 table => 'mangle',
51 chain => 'calico-alt-gw-MARK',
52 jump => 'MARK',
53 proto => 'all',
54 set_mark => $calico_mark
55}
56
57file { '/etc/init/calico-alt-gateway.conf':
58 ensure => present,
59 mode => '0644',
60 owner => 'root',
61 group => 'root',
62 content => template('calico/calico-alt-gateway.conf.erb'),
63} ~>
64service {'calico-alt-gateway':
65 ensure => running,
66 enable => true,
67 hasrestart => false,
68}
69
70# Without such settings source-routing works wrong. For more details
71# read the https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
72# Value '2' may be better, but Calico Felix agent is not compotible with '2'
73sysctl::value {
74 'net.ipv4.conf.all.rp_filter': value => "0";
75 "net.ipv4.conf.${calico_alt_gateway_br}.rp_filter": value => "0";
76}
77
78# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/manifests/compute_bird.pp b/deployment_scripts/puppet/manifests/compute_bird.pp
new file mode 100644
index 0000000..22d7bea
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/compute_bird.pp
@@ -0,0 +1,36 @@
1notice('MODULAR: calico/compute_bird.pp')
2
3prepare_network_config(hiera_hash('network_scheme'))
4$network_metadata = hiera_hash('network_metadata', {})
5
6
7# Initial constants
8$plugin_name = 'fuel-plugin-calico'
9$plugin_settings = hiera_hash("${plugin_name}", {})
10$enable_ipv4 = try_get_value($plugin_settings, 'enable_ipv4', true)
11$enable_ipv6 = try_get_value($plugin_settings, 'enable_ipv6', false)
12$as_number = try_get_value($plugin_settings, 'as_number', 65001)
13
14$local_ip = get_network_role_property('neutron/mesh', 'ipaddr')
15
16$rr_nodes = get_nodes_hash_by_roles($network_metadata, ['calico-rr'])
17$rr_nodes_ip = get_node_to_ipaddr_map_by_network_role($rr_nodes, 'neutron/mesh')
18
19# Firewall initials
20class { '::firewall':}
21Class['::firewall'] -> Firewall<||>
22Class['::firewall'] -> Firewallchain<||>
23
24firewall { '410 bird':
25 dport => '179',
26 proto => 'tcp',
27 action => 'accept',
28} ->
29class { 'calico::bird':
30 template => 'compute',
31 as_number => $as_number,
32 enable_ipv4 => $enable_ipv4,
33 enable_ipv6 => $enable_ipv6,
34 src_addr => $local_ip,
35 rr_servers => $rr_nodes_ip,
36}
diff --git a/deployment_scripts/puppet/manifests/compute_dhcp_agent.pp b/deployment_scripts/puppet/manifests/compute_dhcp_agent.pp
new file mode 100644
index 0000000..cb12fb8
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/compute_dhcp_agent.pp
@@ -0,0 +1,50 @@
1notice('MODULAR: calico/compute_dhcp_agent.pp')
2
3# stub for task-based deployment
4# class neutron { }
5# class { 'neutron' : }
6
7$debug = hiera('debug', true)
8$resync_interval = '30'
9
10# class { '::neutron::agents::dhcp':
11# debug => $debug,
12# resync_interval => $resync_interval,
13# manage_service => false,
14# enable_isolated_metadata => true,
15# enabled => false,
16# }
17
18# # stub package for 'neutron::agents::dhcp' class
19# package { 'neutron':
20# name => 'binutils',
21# ensure => 'installed',
22# }
23
24package { 'neutron-dhcp-agent':
25 ensure => 'installed',
26} ->
27service { 'neutron-dhcp-agent':
28 ensure => 'stopped',
29 enable => false
30}
31tweaks::ubuntu_service_override { 'neutron-dhcp-agent':
32 package_name => 'neutron-dhcp-agent',
33}
34
35Package['neutron-dhcp-agent'] ->
36package { 'calico-dhcp-agent':
37 ensure => 'installed',
38} ->
39service { 'calico-dhcp-agent':
40 ensure => 'running',
41 enable => true
42}
43tweaks::ubuntu_service_override { 'calico-dhcp-agent':
44 package_name => 'calico-dhcp-agent',
45}
46
47neutron_config { 'DEFAULT/use_namespaces': value => false }
48
49Neutron_config<||> ~> Service['calico-dhcp-agent']
50Neutron_dhcp_agent_config<||> ~> Service['calico-dhcp-agent'] \ No newline at end of file
diff --git a/deployment_scripts/puppet/manifests/compute_felix.pp b/deployment_scripts/puppet/manifests/compute_felix.pp
new file mode 100644
index 0000000..9d03292
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/compute_felix.pp
@@ -0,0 +1,41 @@
1notice('MODULAR: calico/compute_felix.pp')
2
3include calico
4
5# required, because neutron-dhcp-agent one of dependency of calico-compute
6package { 'neutron-dhcp-agent':
7 ensure => 'installed',
8} ->
9service { 'neutron-dhcp-agent':
10 ensure => 'stopped',
11 enable => false
12}
13tweaks::ubuntu_service_override { 'neutron-dhcp-agent':
14 package_name => 'neutron-dhcp-agent',
15}
16
17package { 'calico-felix':
18 ensure => 'installed',
19} ->
20package { 'calico-compute':
21 ensure => 'installed',
22} ->
23service { 'calico-felix':
24 ensure => 'running',
25 enable => true
26}
27tweaks::ubuntu_service_override { 'calico-felix':
28 package_name => 'calico-felix',
29}
30
31$etcd_host = '127.0.0.1'
32$etcd_port = $calico::params::etcd_port
33$metadata_host = '127.0.0.1'
34$metadata_port = 8775
35
36Package['calico-felix'] ->
37file { '/etc/calico/felix.cfg':
38 ensure => present,
39 content => template('calico/felix.cfg.erb'),
40} ~>
41Service['calico-felix'] \ No newline at end of file
diff --git a/deployment_scripts/puppet/manifests/compute_metadata_api.pp b/deployment_scripts/puppet/manifests/compute_metadata_api.pp
new file mode 100644
index 0000000..b509c93
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/compute_metadata_api.pp
@@ -0,0 +1,20 @@
1notice('MODULAR: calico/compute_metadata_api.pp')
2
3# $network_scheme = hiera_hash('network_scheme', {})
4# prepare_network_config($network_scheme)
5# $network_metadata = hiera_hash('network_metadata', {})
6
7package { 'nova-api-metadata':
8 name => 'nova-api-metadata',
9 ensure => 'installed',
10} ->
11service { 'nova-api-metadata':
12 enable => true,
13 ensure => running
14}
15
16# Package['nova-api-metadata'] -> Nova_config<||>
17# tweaks::ubuntu_service_override { 'nova-api-metadata':
18# package_name => 'nova-api-metadata'
19# }
20# Nova_config<||> -> Service['nova-api-metadata']
diff --git a/deployment_scripts/puppet/manifests/compute_neutron_nova.pp b/deployment_scripts/puppet/manifests/compute_neutron_nova.pp
new file mode 100644
index 0000000..5d5be3a
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/compute_neutron_nova.pp
@@ -0,0 +1,114 @@
1notice('MODULAR: calico/compute_neutron_nova.pp')
2
3$network_scheme = hiera_hash('network_scheme', {})
4prepare_network_config($network_scheme)
5$network_metadata = hiera_hash('network_metadata', {})
6
7include calico
8include ::nova::params
9
10
11# Initial constants
12$plugin_name = 'fuel-plugin-calico'
13$plugin_settings = hiera_hash("${plugin_name}", {})
14
15$neutron_config = hiera_hash('neutron_config')
16$management_vip = hiera('management_vip')
17$service_endpoint = hiera('service_endpoint', $management_vip)
18
19# # LP#1526938 - python-mysqldb supports this, python-pymysql does not
20# if $::os_package_type == 'debian' {
21# $extra_params = { 'charset' => 'utf8', 'read_timeout' => 60 }
22# } else {
23# $extra_params = { 'charset' => 'utf8' }
24# }
25
26# $net_role_property = 'neutron/mesh'
27# $iface = get_network_role_property($net_role_property, 'phys_dev')
28# $physical_net_mtu = pick(get_transformation_property('mtu', $iface[0]), '1500')
29
30$nova_hash = hiera_hash('nova', {})
31$libvirt_vif_driver = pick($nova_hash['libvirt_vif_driver'], 'nova.virt.libvirt.vif.LibvirtGenericVIFDriver')
32
33$region_name = hiera('region', 'RegionOne')
34$admin_password = try_get_value($neutron_config, 'keystone/admin_password')
35$admin_tenant_name = try_get_value($neutron_config, 'keystone/admin_tenant', 'services')
36$admin_username = try_get_value($neutron_config, 'keystone/admin_user', 'neutron')
37$auth_api_version = 'v3'
38$ssl_hash = hiera_hash('use_ssl', {})
39
40$admin_identity_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
41$admin_identity_address = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$service_endpoint, $management_vip])
42
43$neutron_internal_protocol = get_ssl_property($ssl_hash, {}, 'neutron', 'internal', 'protocol', 'http')
44$neutron_internal_endpoint = get_ssl_property($ssl_hash, {}, 'neutron', 'internal', 'hostname', [hiera('neutron_endpoint', ''), $management_vip])
45
46$neutron_auth_url = "${admin_identity_protocol}://${admin_identity_address}:35357/${auth_api_version}"
47$neutron_url = "${neutron_internal_protocol}://${neutron_internal_endpoint}:9696"
48
49$nova_migration_ip = get_network_role_property('nova/migration', 'ipaddr')
50
51service { 'libvirt' :
52 ensure => 'running',
53 enable => true,
54 name => $::nova::params::libvirt_service_name,
55 provider => $::nova::params::special_service_provider,
56} ->
57exec { 'destroy_libvirt_default_network':
58 command => 'virsh net-destroy default',
59 onlyif => "virsh net-list | grep -qE '^\s*default\s'",
60 path => [ '/bin', '/sbin', '/usr/bin', '/usr/sbin' ],
61 tries => 3,
62} ->
63exec { 'undefine_libvirt_default_network':
64 command => 'virsh net-undefine default',
65 onlyif => "virsh net-list --all | grep -qE '^\s*default\s'",
66 path => [ '/bin', '/sbin', '/usr/bin', '/usr/sbin' ],
67 tries => 3,
68}
69
70Service['libvirt'] ~> Exec['destroy_libvirt_default_network']
71Service['libvirt'] ~> Exec['undefine_libvirt_default_network']
72
73# script called by qemu needs to manipulate the tap device
74file_line { 'clear_emulator_capabilities':
75 path => '/etc/libvirt/qemu.conf',
76 line => 'clear_emulator_capabilities = 0',
77 notify => Service['libvirt']
78}
79
80class { '::nova::compute::neutron':
81 libvirt_vif_driver => undef,
82 force_snat_range => undef,
83}
84
85nova_config {
86 'DEFAULT/linuxnet_interface_driver': ensure => absent;
87 'DEFAULT/my_ip': value => $nova_migration_ip;
88}
89
90class { '::nova::network::neutron' :
91 neutron_password => $admin_password,
92 neutron_project_name => $admin_tenant_name,
93 neutron_region_name => $region_name,
94 neutron_username => $admin_username,
95 neutron_auth_url => $neutron_auth_url,
96 neutron_url => $neutron_url,
97 neutron_ovs_bridge => '',
98}
99
100augeas { 'sysctl-net.bridge.bridge-nf-call-arptables':
101 context => '/files/etc/sysctl.conf',
102 changes => "set net.bridge.bridge-nf-call-arptables '1'",
103 before => Service['libvirt'],
104}
105augeas { 'sysctl-net.bridge.bridge-nf-call-iptables':
106 context => '/files/etc/sysctl.conf',
107 changes => "set net.bridge.bridge-nf-call-iptables '1'",
108 before => Service['libvirt'],
109}
110augeas { 'sysctl-net.bridge.bridge-nf-call-ip6tables':
111 context => '/files/etc/sysctl.conf',
112 changes => "set net.bridge.bridge-nf-call-ip6tables '1'",
113 before => Service['libvirt'],
114}
diff --git a/deployment_scripts/puppet/manifests/etcd_proxy.pp b/deployment_scripts/puppet/manifests/etcd_proxy.pp
new file mode 100644
index 0000000..06a166c
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/etcd_proxy.pp
@@ -0,0 +1,30 @@
1notice('MODULAR: calico/etcd_proxy.pp')
2
3prepare_network_config(hiera_hash('network_scheme'))
4$network_metadata = hiera_hash('network_metadata', {})
5
6include calico
7
8# Initial constants
9$plugin_name = 'fuel-plugin-calico'
10$plugin_settings = hiera_hash("${plugin_name}", {})
11
12# Firewall initials
13class { '::firewall':}
14Class['::firewall'] -> Firewall<||>
15Class['::firewall'] -> Firewallchain<||>
16
17firewall { '400 etcd':
18 dport => [
19 $calico::params::etcd_port
20 ],
21 proto => 'tcp',
22 action => 'accept',
23} ->
24# Deploy etcd cluster member
25class { 'calico::etcd':
26 node_role => 'proxy',
27 bind_host => $calico::params::mgmt_ip,
28 bind_port => $calico::params::etcd_port,
29 cluster_nodes => $calico::params::etcd_servers_named_list,
30}
diff --git a/deployment_scripts/puppet/manifests/hiera_override.pp b/deployment_scripts/puppet/manifests/hiera_override.pp
new file mode 100644
index 0000000..a63119e
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/hiera_override.pp
@@ -0,0 +1,22 @@
1# Manifest that creates hiera config overrride
2notice('MODULAR: calico/hiera_override.pp')
3
4# Initial constants
5$plugin_name = 'fuel-plugin-calico'
6$plugin_settings = hiera_hash("${plugin_name}", {})
7$network_scheme = hiera_hash("network_scheme", {})
8
9# Mangle network_scheme for setup new gateway
10if $plugin_settings['metadata']['enabled'] {
11 if $plugin_settings['network_name'] == 'another' {
12 $network_name = $plugin_settings['another_network_name']
13 } else {
14 $network_name = $plugin_settings['network_name']
15 }
16 $overrides = remove_ovs_usage($network_scheme)
17 file {"/etc/hiera/plugins/${plugin_name}.yaml":
18 ensure => file,
19 content => inline_template("<%= @overrides %>")
20 }
21}
22# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/manifests/neutron_networks.pp b/deployment_scripts/puppet/manifests/neutron_networks.pp
new file mode 100644
index 0000000..20e490d
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/neutron_networks.pp
@@ -0,0 +1,39 @@
1notice('MODULAR: calico/neutron_networks.pp')
2
3#include calico
4
5# Initial constants
6$plugin_name = 'fuel-plugin-calico'
7$plugin_settings = hiera_hash("${plugin_name}", {})
8
9$access_hash = hiera_hash('access', {})
10$tenant_name = try_get_value($access_hash, 'tenant', 'admin')
11
12# From docs:
13# neutron net-create --shared --provider:network_type local calico
14# neutron subnet-create --gateway 10.65.0.1 --enable-dhcp --ip-version 4 --name calico-v4 calico 10.65.0/24
15
16$net = 'calico'
17$subnet = 'calico-v4'
18$neutron_config = hiera_hash('neutron_config')
19$private_net_name = try_get_value($neutron_config, 'default_private_net', 'admin_internal_net')
20$neutron_networks = try_get_value($neutron_config, 'predefined_networks', {})
21$private_net = try_get_value($neutron_networks, $private_net_name, {'L3'=>{}})
22$subnet_cidr = pick($private_net['L3']['subnet'], '10.20.0.0/16')
23$subnet_gw = pick($private_net['L3']['gateway'], '10.20.0.1')
24
25neutron_network { $net :
26 ensure => 'present',
27 provider_network_type => 'local',
28 shared => true,
29 tenant_name => $tenant_name,
30} ->
31neutron_subnet { $subnet :
32 ensure => 'present',
33 cidr => $subnet_cidr,
34 network_name => $net,
35 gateway_ip => $subnet_gw,
36 enable_dhcp => true,
37 ip_version => '4',
38 tenant_name => $tenant_name,
39}
diff --git a/deployment_scripts/puppet/manifests/neutron_server_config.pp b/deployment_scripts/puppet/manifests/neutron_server_config.pp
new file mode 100644
index 0000000..3861c0e
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/neutron_server_config.pp
@@ -0,0 +1,192 @@
1notice('MODULAR: calico/neutron_server_config.pp')
2
3# stub for task-based deployment
4class neutron { }
5class { 'neutron' : }
6
7$network_scheme = hiera_hash('network_scheme', {})
8prepare_network_config($network_scheme)
9$network_metadata = hiera_hash('network_metadata', {})
10
11include calico
12
13# Initial constants
14$plugin_name = 'fuel-plugin-calico'
15$plugin_settings = hiera_hash("${plugin_name}", {})
16
17# override neutron options
18$override_configuration = hiera_hash('configuration', {})
19override_resources { 'neutron_api_config':
20 data => $override_configuration['neutron_api_config']
21} ~> Service['neutron-server']
22override_resources { 'neutron_config':
23 data => $override_configuration['neutron_config']
24} ~> Service['neutron-server']
25override_resources { 'neutron_plugin_ml2':
26 data => $override_configuration['neutron_plugin_ml2']
27} ~> Service['neutron-server']
28
29$neutron_config = hiera_hash('neutron_config')
30$neutron_server_enable = pick($neutron_config['neutron_server_enable'], true)
31$database_vip = hiera('database_vip')
32$management_vip = hiera('management_vip')
33$service_endpoint = hiera('service_endpoint', $management_vip)
34$nova_endpoint = hiera('nova_endpoint', $management_vip)
35$nova_hash = hiera_hash('nova', { })
36
37$neutron_primary_controller_roles = hiera('neutron_primary_controller_roles', ['primary-controller'])
38$neutron_compute_roles = hiera('neutron_compute_nodes', ['compute'])
39$primary_controller = roles_include($neutron_primary_controller_roles)
40$compute = roles_include($neutron_compute_roles)
41
42$db_type = 'mysql'
43$db_password = $neutron_config['database']['passwd']
44$db_user = try_get_value($neutron_config, 'database/user', 'neutron')
45$db_name = try_get_value($neutron_config, 'database/name', 'neutron')
46$db_host = try_get_value($neutron_config, 'database/host', $database_vip)
47# LP#1526938 - python-mysqldb supports this, python-pymysql does not
48if $::os_package_type == 'debian' {
49 $extra_params = { 'charset' => 'utf8', 'read_timeout' => 60 }
50} else {
51 $extra_params = { 'charset' => 'utf8' }
52}
53$db_connection = os_database_connection({
54 'dialect' => $db_type,
55 'host' => $db_host,
56 'database' => $db_name,
57 'username' => $db_user,
58 'password' => $db_password,
59 'extra' => $extra_params
60})
61
62$password = $neutron_config['keystone']['admin_password']
63$username = pick($neutron_config['keystone']['admin_user'], 'neutron')
64$project_name = pick($neutron_config['keystone']['admin_tenant'], 'services')
65$region_name = hiera('region', 'RegionOne')
66$auth_endpoint_type = 'internalURL'
67
68$ssl_hash = hiera_hash('use_ssl', {})
69
70$internal_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
71$internal_auth_endpoint = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$service_endpoint, $management_vip])
72
73$admin_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
74$admin_auth_endpoint = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$service_endpoint, $management_vip])
75
76$nova_internal_protocol = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'protocol', 'http')
77$nova_internal_endpoint = get_ssl_property($ssl_hash, {}, 'nova', 'internal', 'hostname', [$nova_endpoint])
78
79$auth_api_version = 'v2.0'
80$auth_uri = "${internal_auth_protocol}://${internal_auth_endpoint}:5000/"
81$auth_url = "${internal_auth_protocol}://${internal_auth_endpoint}:35357/"
82$nova_admin_auth_url = "${admin_auth_protocol}://${admin_auth_endpoint}:35357/"
83$nova_url = "${nova_internal_protocol}://${nova_internal_endpoint}:8774/v2"
84
85$workers_max = hiera('workers_max', 16)
86$service_workers = pick($neutron_config['workers'], min(max($::processorcount, 1), $workers_max))
87
88$neutron_advanced_config = hiera_hash('neutron_advanced_configuration', { })
89$enable_qos = pick($neutron_advanced_config['neutron_qos'], false)
90
91if $enable_qos {
92 $qos_notification_drivers = 'message_queue'
93 $extension_drivers = ['port_security', 'qos']
94} else {
95 $qos_notification_drivers = undef
96 $extension_drivers = ['port_security']
97}
98
99$nova_auth_user = pick($nova_hash['user'], 'nova')
100$nova_auth_password = $nova_hash['user_password']
101$nova_auth_tenant = pick($nova_hash['tenant'], 'services')
102
103$net_role_property = 'neutron/mesh'
104$iface = get_network_role_property($net_role_property, 'phys_dev')
105$physical_net_mtu = pick(get_transformation_property('mtu', $iface[0]), '1500')
106
107Package['neutron'] ~>
108package { 'calico-control':
109 ensure => 'installed',
110}
111Package['calico-control'] -> Class['::neutron::server']
112Package['calico-control'] -> Class['::neutron::plugins::ml2']
113
114class { '::neutron::plugins::ml2':
115 type_drivers => ['local', 'flat'],
116 tenant_network_types => 'local',
117 mechanism_drivers => ['calico'],
118 flat_networks => ['*'],
119 #network_vlan_ranges => $network_vlan_ranges,
120 #tunnel_id_ranges => [],
121 #vxlan_group => $vxlan_group,
122 #vni_ranges => $tunnel_id_ranges,
123 path_mtu => $physical_net_mtu,
124 extension_drivers => $extension_drivers,
125 #supported_pci_vendor_devs => $pci_vendor_devs,
126 sriov_agent_required => false,
127 enable_security_group => true,
128 firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver',
129}
130
131class { '::neutron::server':
132 sync_db => $primary_controller,
133
134 username => $username,
135 password => $password,
136 project_name => $project_name,
137 region_name => $region_name,
138 auth_url => $auth_url,
139 auth_uri => $auth_uri,
140
141 database_connection => $db_connection,
142 database_max_retries => hiera('max_retries'),
143 database_idle_timeout => hiera('idle_timeout'),
144 database_max_pool_size => hiera('max_pool_size'),
145 database_max_overflow => hiera('max_overflow'),
146 database_retry_interval => '2',
147
148 agent_down_time => 60, # it's a requirements of calico-plugin
149 allow_automatic_l3agent_failover => false,
150 l3_ha => false,
151
152 api_workers => 0, # it's a requirements of
153 rpc_workers => 0, # calico-plugin
154
155 router_distributed => false,
156 qos_notification_drivers => $qos_notification_drivers,
157 enabled => true,
158 manage_service => true,
159}
160
161Package['neutron'] ~>
162augeas { "dhcp_agents_per_network":
163 #context => "/files/etc/neutron/neutron.conf",
164 incl => "/etc/neutron/neutron.conf",
165 lens => 'Puppet.lns',
166 changes => [
167 "set DEFAULT/dhcp_agents_per_network ${calico::params::compute_nodes_count}",
168 ],
169} ~> Service['neutron-server']
170
171include ::neutron::params
172tweaks::ubuntu_service_override { $::neutron::params::server_service:
173 package_name => $neutron::params::server_package ? {
174 false => $neutron::params::package_name,
175 default => $neutron::params::server_package
176 }
177}
178
179class { '::neutron::server::notifications':
180 nova_url => $nova_url,
181 auth_url => $nova_admin_auth_url,
182 username => $nova_auth_user,
183 project_name => $nova_auth_tenant,
184 password => $nova_auth_password,
185 region_name => $region_name,
186}
187
188# Stub for Nuetron package
189package { 'neutron':
190 name => 'binutils',
191 ensure => 'installed',
192}
diff --git a/deployment_scripts/puppet/manifests/private_gateway_check.pp b/deployment_scripts/puppet/manifests/private_gateway_check.pp
new file mode 100644
index 0000000..b61e609
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/private_gateway_check.pp
@@ -0,0 +1,12 @@
1notice('MODULAR: calico/private_gateway_check.pp')
2
3$network_scheme = hiera_hash('network_scheme')
4prepare_network_config($network_scheme)
5$calico_alt_gateway_br = get_network_role_property('neutron/mesh','interface')
6$calico_alt_gateway = try_get_value($network_scheme,"endpoints/${calico_alt_gateway_br}/vendor_specific/provider_gateway")
7
8if ! is_ip_address($calico_alt_gateway) {
9 fail("Gateway for Private network does not specified or wrong !!!")
10}
11
12# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/manifests/repo_setup.pp b/deployment_scripts/puppet/manifests/repo_setup.pp
new file mode 100644
index 0000000..f8ac704
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/repo_setup.pp
@@ -0,0 +1,25 @@
1notice('MODULAR: calico/repo_setup.pp')
2
3# Initial constants
4$plugin_name = 'fuel-plugin-calico'
5$plugin_settings = hiera_hash("${plugin_name}", {})
6
7# Bird PPA
8apt::source { 'bird-repo':
9 location => 'http://ppa.launchpad.net/cz.nic-labs/bird/ubuntu',
10 repos => 'main',
11 #release => 'trusty',
12 include => { 'src' => false },
13}
14
15# Calico PPA
16apt::source { 'calico-repo':
17 #location => "http://ppa.launchpad.net/project-calico/stable/ubuntu",
18 location => "http://ppa.launchpad.net/project-calico/calico-1.4/ubuntu",
19 repos => 'main',
20 #release => 'trusty',
21 include => { 'src' => false },
22}
23
24Apt::Source<||> ~> Exec<| title == 'apt_update' |>
25Exec<| title == 'apt_update' |> -> Package<||>
diff --git a/deployment_scripts/puppet/manifests/role_etcd.pp b/deployment_scripts/puppet/manifests/role_etcd.pp
new file mode 100644
index 0000000..1e59f8c
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/role_etcd.pp
@@ -0,0 +1,36 @@
1notice('MODULAR: calico/etcd.pp')
2
3prepare_network_config(hiera_hash('network_scheme'))
4$network_metadata = hiera_hash('network_metadata', {})
5
6include calico
7
8# Initial constants
9$plugin_name = 'fuel-plugin-calico'
10$plugin_settings = hiera_hash("${plugin_name}", {})
11$cluster_info = hiera_hash('cluster', {})
12$cluster_token = try_get_value($cluster_info, 'name', 'openstack-calico-cluster')
13
14# Firewall initials
15class { '::firewall':}
16Class['::firewall'] -> Firewall<||>
17Class['::firewall'] -> Firewallchain<||>
18
19firewall { '400 etcd':
20 dport => [
21 $calico::params::etcd_port,
22 $calico::params::etcd_peer_port
23 ],
24 proto => 'tcp',
25 action => 'accept',
26} ->
27# Deploy etcd cluster member
28class { 'calico::etcd':
29 node_role => 'server',
30 bind_host => $calico::params::mgmt_ip,
31 bind_port => $calico::params::etcd_port,
32 peer_host => $calico::params::mgmt_ip,
33 peer_port => $calico::params::etcd_peer_port,
34 cluster_nodes => $calico::params::etcd_servers_named_list,
35 cluster_token => $cluster_token
36}
diff --git a/deployment_scripts/puppet/manifests/role_rr.pp b/deployment_scripts/puppet/manifests/role_rr.pp
new file mode 100644
index 0000000..1aa09ae
--- /dev/null
+++ b/deployment_scripts/puppet/manifests/role_rr.pp
@@ -0,0 +1,43 @@
1notice('MODULAR: calico/rr_bird.pp')
2
3prepare_network_config(hiera_hash('network_scheme'))
4$network_metadata = hiera_hash('network_metadata', {})
5
6
7# Initial constants
8$plugin_name = 'fuel-plugin-calico'
9$plugin_settings = hiera_hash("${plugin_name}", {})
10$enable_ipv4 = try_get_value($plugin_settings, 'enable_ipv4', true)
11$enable_ipv6 = try_get_value($plugin_settings, 'enable_ipv6', false)
12$as_number = try_get_value($plugin_settings, 'as_number', 65001)
13if try_get_value($plugin_settings, 'enable_external_peering', false) {
14 $ext_peers = convert_external_peers(try_get_value($plugin_settings, 'external_peers', ''))
15} else {
16 $ext_peers = {}
17}
18
19$local_ip = get_network_role_property('neutron/mesh', 'ipaddr')
20
21$compute_nodes = get_nodes_hash_by_roles($network_metadata, ['compute'])
22$compute_nodes_ip = get_node_to_ipaddr_map_by_network_role($compute_nodes, 'neutron/mesh')
23
24# Firewall initials
25class { '::firewall':}
26Class['::firewall'] -> Firewall<||>
27Class['::firewall'] -> Firewallchain<||>
28
29firewall { '410 bird':
30 dport => '179',
31 proto => 'tcp',
32 action => 'accept',
33} ->
34class { 'calico::bird':
35 template => 'rr',
36 as_number => $as_number,
37 enable_ipv4 => $enable_ipv4,
38 enable_ipv6 => $enable_ipv6,
39 src_addr => $local_ip,
40 rr_clients => $compute_nodes_ip,
41 rr_servers => {},
42 ext_peers => $ext_peers,
43}
diff --git a/deployment_scripts/puppet/modules/calico/Modulefile b/deployment_scripts/puppet/modules/calico/Modulefile
new file mode 100644
index 0000000..2015005
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/Modulefile
@@ -0,0 +1,12 @@
1name 'calico'
2version '0.1.0'
3source 'UNKNOWN'
4author 'mirantis'
5license 'Apache License, Version 2.0'
6summary 'UNKNOWN'
7description 'UNKNOWN'
8project_page 'UNKNOWN'
9
10## Add dependencies, if any:
11# dependency 'username/name', '>= 1.2.0'
12dependency 'puppetlabs/stdlib', '>=4.6.0'
diff --git a/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/convert_external_peers.rb b/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/convert_external_peers.rb
new file mode 100644
index 0000000..5cb9f02
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/convert_external_peers.rb
@@ -0,0 +1,28 @@
1Puppet::Parser::Functions::newfunction( :convert_external_peers,
2 :type => :rvalue, :doc => <<-EOS
3 This function get text in format
4 name:asnum:ipaddr:flags...
5 and convert to hash, used into generate_bgp_peers()
6 {
7 peer_name => {
8 ipaddr => '1.2.3.4',
9 as_number => '64646'
10 }
11 }
12
13 EOS
14 ) do |argv|
15
16 if argv.size != 1
17 raise(
18 Puppet::ParseError,
19 "convert_external_peers(): Wrong number of arguments. Should be one."
20 )
21 end
22
23 peers = argv[0]
24 as_number = argv[1]
25
26 Hash[*peers.split(/\n/).map{|v| v.gsub(/\s+/, "")}.reject{|c| c.empty?}.map{|v| v.split(':')}.reject{|v| v.size<3}.map{|l| [l[0],{'as_number'=>l[1],'ipaddr'=> l[2]}]}.flatten]
27end
28# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/convert_internal_peers.rb b/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/convert_internal_peers.rb
new file mode 100644
index 0000000..f0afbb7
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/convert_internal_peers.rb
@@ -0,0 +1,51 @@
1Puppet::Parser::Functions::newfunction( :convert_internal_peers,
2 :type => :rvalue, :doc => <<-EOS
3 This function get peers name-to-ipaddr map, as_number
4 and convert to hassh, used into generate_bgp_peers()
5 Usage:
6 convert_internal_peers(
7 $peers_hash,
8 $local_as_number,
9 )
10
11 Hash
12 {
13 peer_name -> '1.2.3.4'
14 }
15 will be converted to
16 {
17 peer_name => {
18 ipaddr => '1.2.3.4',
19 as_number => '64646'
20 }
21 }
22
23 EOS
24 ) do |argv|
25
26 if argv.size != 2
27 raise(
28 Puppet::ParseError,
29 "convert_internal_peers(): Wrong number of arguments. Should be two."
30 )
31 end
32 if !argv[0].is_a?(Hash)
33 raise(
34 Puppet::ParseError,
35 "convert_internal_peers(): Wrong peers map."
36 )
37 end
38
39 peers = argv[0]
40 as_number = argv[1]
41
42 rv = {}
43 peers.each do |name, ipaddr|
44 rv[name] = {
45 'ipaddr' => ipaddr,
46 'as_number' => as_number,
47 }
48 end
49 return rv
50end
51# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/generate_bgp_peers.rb b/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/generate_bgp_peers.rb
new file mode 100644
index 0000000..ea22755
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/generate_bgp_peers.rb
@@ -0,0 +1,55 @@
1Puppet::Parser::Functions::newfunction( :generate_bgp_peers,
2 :type => :statement, :doc => <<-EOS
3 This function get internal peers map, connectivity options
4 and create corresponded resources.
5 Usage:
6 generate_bgp_peers(
7 $peers_hash,
8 $template_name,
9 $local_ipaddr,
10 $local_as_number,
11 )
12
13 Peers_hash should be in format:
14 {
15 peer_name => {
16 ipaddr => '1.2.3.4',
17 as_number => '64646'
18 }
19 }
20 EOS
21 ) do |argv|
22
23 if argv.size != 4
24 raise(
25 Puppet::ParseError,
26 "generate_bgp_peers(): Wrong number of arguments. Should be four."
27 )
28 end
29 if !argv[0].is_a?(Hash)
30 raise(
31 Puppet::ParseError,
32 "generate_bgp_peers(): Wrong peers map."
33 )
34 end
35
36 peers = argv[0]
37 template = argv[1]
38 local_ipaddr = argv[2]
39 local_as_number = argv[3]
40
41 resources = {}
42 peers.each do |name, peer_hash|
43 #file_name = "/etc/bird/peers/#{template}__#{name}.conf"
44 resources[name] = {
45 'template' => template,
46 'local_ipaddr' => local_ipaddr,
47 'remote_ipaddr' => peer_hash['ipaddr'],
48 'local_as_number' => local_as_number,
49 'remote_as_number' => peer_hash['as_number'],
50 }
51 end
52 function_create_resources(['calico::bird::bgp_peer_record', resources])
53 return true
54end
55# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/remove_ovs_usage.rb b/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/remove_ovs_usage.rb
new file mode 100644
index 0000000..4a391c0
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/lib/puppet/parser/functions/remove_ovs_usage.rb
@@ -0,0 +1,65 @@
1require 'yaml'
2
3Puppet::Parser::Functions::newfunction( :remove_ovs_usage,
4 :type => :rvalue, :doc => <<-EOS
5 This function get network_scheme and returns mangled
6 network scheme without ovs-based elements.
7 EOS
8 ) do |argv|
9
10 def bridge_name_max_len
11 15
12 end
13
14 if argv.size != 1
15 raise(
16 Puppet::ParseError,
17 "remove_ovs_usage(): Wrong number of arguments. Should be two."
18 )
19 end
20 if !argv[0].is_a?(Hash)
21 raise(
22 Puppet::ParseError,
23 "remove_ovs_usage(): Wrong network_scheme. Should be non-empty Hash."
24 )
25 end
26 if argv[0]['version'].to_s.to_f < 1.1
27 raise(
28 Puppet::ParseError,
29 "remove_ovs_usage(): You network_scheme hash has wrong format.\nThis parser can work with v1.1 format, please convert you config."
30 )
31 end
32
33 network_scheme = argv[0]
34 rv = {
35 'use_ovs' => false
36 }
37 overrides = []
38
39 network_scheme['transformations'].each do |tr|
40 if tr['provider'] == 'ovs'
41 if tr['action'] == 'add-patch'
42 overrides << {
43 'action' => 'override',
44 'override' => "patch-#{tr['bridges'][0]}:#{tr['bridges'][1]}",
45 'provider' => 'lnx'
46 }
47 else
48 overrides << {
49 'action' => 'override',
50 'override' => tr['name'],
51 'provider' => 'lnx'
52 }
53 end
54 end
55 end
56
57 if ! overrides.empty?
58 rv['network_scheme'] = {
59 'transformations' => overrides
60 }
61 end
62
63 return rv.to_yaml() + "\n"
64end
65# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/manifests/bird.pp b/deployment_scripts/puppet/modules/calico/manifests/bird.pp
new file mode 100644
index 0000000..e873e4c
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/manifests/bird.pp
@@ -0,0 +1,95 @@
1# Copyright 2015 Mirantis, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
15class calico::bird (
16 $template,
17 $src_addr,
18 $as_number = '64511',
19 $enable_ipv4 = true,
20 $enable_ipv6 = false,
21 $rr_clients = {},
22 $rr_servers = {},
23 $ext_peers = {},
24) {
25
26 include ::calico
27
28 tweaks::ubuntu_service_override { 'bird':
29 package_name => 'bird',
30 }
31
32 tweaks::ubuntu_service_override { 'bird6':
33 package_name => 'bird',
34 }
35
36 package { 'bird':
37 ensure => installed,
38 } ->
39 file { '/etc/bird':
40 ensure => directory,
41 } ->
42 file { '/etc/bird/peers':
43 ensure => directory,
44 } ->
45 file { '/etc/bird/custom.conf':
46 ensure => present,
47 } ->
48 file { '/etc/bird/calico_os_filters.conf':
49 ensure => present,
50 mode => '0644',
51 owner => 'root',
52 group => 'root',
53 content => template("calico/bird-calico_os-filters.conf.erb"),
54 } ->
55 file { '/etc/bird/bird.conf':
56 ensure => present,
57 mode => '0644',
58 owner => 'root',
59 group => 'root',
60 content => template("calico/bird-${template}.conf.erb"),
61 }
62
63 # generate peer-config-files
64 generate_bgp_peers(convert_internal_peers($rr_servers, $as_number), 'rr', $src_addr, $as_number)
65 generate_bgp_peers(convert_internal_peers($rr_clients, $as_number), 'compute', $src_addr, $as_number)
66 generate_bgp_peers($ext_peers, 'ext', $src_addr, $as_number)
67
68 if $enable_ipv4 {
69 Package['bird'] ~>
70 service { 'bird':
71 ensure => running,
72 enable => true,
73 hasrestart => false,
74 restart => '/usr/sbin/birdc configure'
75 }
76 File['/etc/bird/calico_os_filters.conf'] ~> Service['bird']
77 File['/etc/bird/custom.conf'] ~> Service['bird']
78 File['/etc/bird/bird.conf'] ~> Service['bird']
79 }
80
81 if $enable_ipv6 {
82 Package['bird'] ~>
83 service { 'bird6':
84 ensure => running,
85 enable => true,
86 hasrestart => false,
87 restart => '/usr/sbin/birdc6 configure'
88 }
89 File['/etc/bird/calico_os_filters.conf'] ~> Service['bird6']
90 File['/etc/bird/custom.conf'] ~> Service['bird6']
91 File['/etc/bird/bird6.conf'] ~> Service['bird6']
92 }
93
94}
95# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/manifests/bird/bgp_peer_record.pp b/deployment_scripts/puppet/modules/calico/manifests/bird/bgp_peer_record.pp
new file mode 100644
index 0000000..2eb35ab
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/manifests/bird/bgp_peer_record.pp
@@ -0,0 +1,35 @@
1define calico::bird::bgp_peer_record (
2 $local_ipaddr,
3 $remote_ipaddr,
4 $local_as_number,
5 $remote_as_number,
6 $include = false,
7 $ensure = 'present',
8 $template = 'ext',
9) {
10 include ::calico::params
11 $peer_config_path = "/etc/bird/peers/${template}__${name}.conf"
12 file { "${peer_config_path}":
13 ensure => $ensure,
14 require => File['/etc/bird/peers'],
15 before => File['/etc/bird/bird.conf'],
16 notify => Service['bird'],
17 content => template("calico/bird-peer-${template}.conf.erb"),
18 }
19 if $include {
20 file_line {"":
21 line => "include ${peer_config_path};",
22 path => '/etc/bird/bird.conf',
23 #after => undef,
24 #ensure => 'present',
25 #match => undef, # /.*match/
26 #multiple => undef, # 'true' or 'false'
27 #name => undef,
28 #replace => true, # 'true' or 'false'
29 require => File['/etc/bird/bird.conf'],
30 notify => Service['bird']
31 }
32 }
33}
34
35# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/manifests/etcd.pp b/deployment_scripts/puppet/modules/calico/manifests/etcd.pp
new file mode 100644
index 0000000..eaea60b
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/manifests/etcd.pp
@@ -0,0 +1,77 @@
1# Copyright 2015 Mirantis, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
15class calico::etcd (
16 $node_name = $::hostname,
17 $node_role,
18 $bind_host = $::ipaddress,
19 $bind_port = '4001',
20 $peer_host = $::ipaddress,
21 $peer_port = '2380',
22 $cluster_nodes = undef,
23 $cluster_token = 'fuel-cluster-1'
24) {
25
26case $node_role {
27 'proxy': {
28 $etcd_cmd_opts = "--proxy on \
29--initial-cluster=${cluster_nodes} \
30>>/var/log/etcd.log 2>&1"
31 }
32 'server': {
33 $etcd_cmd_opts = "--name=${node_name} \
34--advertise-client-urls=http://${bind_host}:${bind_port} \
35--listen-client-urls=http://127.0.0.1:${bind_port},http://${bind_host}:${bind_port} \
36--listen-peer-urls=http://127.0.0.1:${peer_port},http://${peer_host}:${peer_port} \
37--initial-cluster-token='${cluster_token}' \
38--initial-cluster=${cluster_nodes} \
39--initial-cluster-state=new \
40--initial-advertise-peer-urls=http://${peer_host}:${peer_port} \
41>>/var/log/etcd.log 2>&1"
42 }
43 default: {
44 }
45}
46
47 tweaks::ubuntu_service_override { 'etcd':
48 package_name => 'etcd',
49 }
50
51 package { ['etcd','python-etcd']:
52 ensure => installed,
53 } ->
54
55 file { '/var/log/etcd.log':
56 ensure => present,
57 mode => '0644',
58 owner => 'etcd',
59 group => 'etcd',
60 } ->
61
62 file { '/etc/init/etcd.conf':
63 ensure => present,
64 mode => '0644',
65 owner => 'root',
66 group => 'root',
67 content => template('calico/etcd.conf.erb'),
68 } ~>
69
70 service { 'etcd':
71 ensure => 'running',
72 enable => true,
73 provider => 'upstart'
74 }
75
76}
77# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/manifests/init.pp b/deployment_scripts/puppet/modules/calico/manifests/init.pp
new file mode 100644
index 0000000..9ebdf7d
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/manifests/init.pp
@@ -0,0 +1,20 @@
1# Copyright 2015 Mirantis, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
15class calico {
16
17include calico::params
18
19}
20# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/manifests/params.pp b/deployment_scripts/puppet/modules/calico/manifests/params.pp
new file mode 100644
index 0000000..c70a72b
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/manifests/params.pp
@@ -0,0 +1,43 @@
1# Copyright 2016 Mirantis, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
15class calico::params {
16
17 # Network
18 $network_scheme = hiera_hash('network_scheme', {})
19 $network_metadata = hiera_hash('network_metadata', {})
20 prepare_network_config($network_scheme)
21
22 # current node params
23 $node = hiera('node')
24 $roles = hiera('roles')
25 $mgmt_ip = get_network_role_property('mgmt/vip', 'ipaddr')
26
27 # computes
28 $compute_nodes = get_nodes_hash_by_roles($network_metadata, ['compute'])
29 $compute_nodes_count = size($compute_nodes)
30
31 # etcd nodes
32 $etcd_nodes = get_nodes_hash_by_roles($network_metadata, ['calico-etcd'])
33 $etcd_nodes_map = get_node_to_ipaddr_map_by_network_role($etcd_nodes, 'mgmt/vip')
34 $etcd_nodes_ips = ipsort(values($etcd_nodes_map))
35
36 # etcd daemon settings
37 $etcd_port = '4001'
38 $etcd_peer_port = '2380'
39 $etcd_servers = suffix(prefix($etcd_nodes_ips, 'http://'), ":${etcd_port}")
40 $etcd_servers_list = join($etcd_servers, ',')
41 $etcd_servers_named_list = join(suffix(join_keys_to_values($etcd_nodes_map,"=http://"), ":${etcd_peer_port}"), ',')
42}
43# vim: set ts=2 sw=2 et : \ No newline at end of file
diff --git a/deployment_scripts/puppet/modules/calico/spec/spec_helper.rb b/deployment_scripts/puppet/modules/calico/spec/spec_helper.rb
new file mode 100644
index 0000000..5fda588
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/spec/spec_helper.rb
@@ -0,0 +1,17 @@
1dir = File.expand_path(File.dirname(__FILE__))
2$LOAD_PATH.unshift File.join(dir, 'lib')
3
4require 'mocha'
5require 'puppet'
6require 'rspec'
7require 'spec/autorun'
8
9Spec::Runner.configure do |config|
10 config.mock_with :mocha
11end
12
13# We need this because the RAL uses 'should' as a method. This
14# allows us the same behaviour but with a different method name.
15class Object
16 alias :must :should
17end
diff --git a/deployment_scripts/puppet/modules/calico/templates/bird-calico_os-filters.conf.erb b/deployment_scripts/puppet/modules/calico/templates/bird-calico_os-filters.conf.erb
new file mode 100644
index 0000000..9ed46df
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/bird-calico_os-filters.conf.erb
@@ -0,0 +1,18 @@
1# We are only going to export routes from Calico interfaces.
2# Currently, 'tap*' is used by the OpenStack implimentation
3# and 'cali*' is used by the docker implimentation.
4# dummy1 is the interface that bare metal "service" addresses
5# should be bound to if they should be exported.
6# This will need to be updated as we add new interface names.
7#
8# Also filter out default, just in case.
9#
10# We should automate the build of this out of variables when
11# we have time.
12
13filter calico_openstack__export_bgp {
14 if ( (ifname ~ "tap*") || (ifname ~ "cali*") || (ifname ~ "dummy1") ) then {
15 if net != 0.0.0.0/0 then accept;
16 }
17 reject;
18}
diff --git a/deployment_scripts/puppet/modules/calico/templates/bird-compute.conf.erb b/deployment_scripts/puppet/modules/calico/templates/bird-compute.conf.erb
new file mode 100644
index 0000000..a5068cb
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/bird-compute.conf.erb
@@ -0,0 +1,29 @@
1router id <%= @src_addr %>;
2listen bgp address <%= @src_addr %>;
3
4include "/etc/bird/calico_os_filters.conf";
5
6# Configure synchronization between BIRD's routing tables and the
7# kernel.
8protocol kernel {
9 learn; # Learn all alien routes from the kernel
10 persist; # Don't remove routes on bird shutdown
11 scan time 2; # Scan kernel routing table every 2 seconds
12 import all;
13 graceful restart;
14 export all; # Default is export none
15}
16
17# Watch interface up/down events.
18protocol device {
19 scan time 2; # Scan interfaces every 2 seconds
20}
21
22protocol direct {
23 debug all;
24 interface "br-mesh";
25}
26
27<%- @rr_servers.each do |name, ipaddr| -%>
28include "/etc/bird/peers/rr__<%= name %>.conf";
29<%- end -%>
diff --git a/deployment_scripts/puppet/modules/calico/templates/bird-peer-compute.conf.erb b/deployment_scripts/puppet/modules/calico/templates/bird-peer-compute.conf.erb
new file mode 100644
index 0000000..f4bafa2
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/bird-peer-compute.conf.erb
@@ -0,0 +1,10 @@
1protocol bgp '<%= @name %>' {
2 local as <%= @local_as_number %>;
3 neighbor <%= @remote_ipaddr %> as <%= @remote_as_number %>;
4 description "RR-client <%= @name %>";
5 multihop;
6 rr client;
7 import all;
8 export all;
9 source address <%= @local_ipaddr %>;
10}
diff --git a/deployment_scripts/puppet/modules/calico/templates/bird-peer-ext.conf.erb b/deployment_scripts/puppet/modules/calico/templates/bird-peer-ext.conf.erb
new file mode 100644
index 0000000..84d55e5
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/bird-peer-ext.conf.erb
@@ -0,0 +1,10 @@
1protocol bgp '<%= @name %>' {
2 local as <%= @local_as_number %>;
3 neighbor <%= @remote_ipaddr %> as <%= @remote_as_number %>;
4 description "Ext. peer <%= @name %>";
5 multihop;
6 import none;
7 export all;
8 next hop keep;
9 source address <%= @local_ipaddr %>;
10}
diff --git a/deployment_scripts/puppet/modules/calico/templates/bird-peer-rr.conf.erb b/deployment_scripts/puppet/modules/calico/templates/bird-peer-rr.conf.erb
new file mode 100644
index 0000000..60638c8
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/bird-peer-rr.conf.erb
@@ -0,0 +1,11 @@
1protocol bgp '<%= @name %>' {
2 local as <%= @local_as_number %>;
3 neighbor <%= @remote_ipaddr %> as <%= @remote_as_number %>;
4 description "Route Reflector <%= @name %>";
5 multihop;
6 import all;
7 export filter calico_openstack__export_bgp;
8 next hop self; # Disable next hop processing and always advertise our
9 # local address as nexthop
10 source address <%= @local_ipaddr %>;
11}
diff --git a/deployment_scripts/puppet/modules/calico/templates/bird-rr.conf.erb b/deployment_scripts/puppet/modules/calico/templates/bird-rr.conf.erb
new file mode 100644
index 0000000..a7f034e
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/bird-rr.conf.erb
@@ -0,0 +1,26 @@
1# Configure logging
2log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug };
3log stderr all;
4#log "tmp" all;
5# Override router ID
6router id <%= @src_addr %>;
7
8include "/etc/bird/calico_os_filters.conf";
9
10# Turn on global debugging of all protocols
11debug protocols all;
12# This pseudo-protocol watches all interface up/down events.
13protocol device {
14 scan time 2; # Scan interfaces every 2 seconds
15}
16
17# Include custom config
18include "/etc/bird/custom.conf";
19
20<%- @rr_clients.each do |name, ipaddr| -%>
21include "/etc/bird/peers/compute__<%= name %>.conf";
22<%- end -%>
23
24<%- @ext_peers.each do |name, peer| -%>
25include "/etc/bird/peers/ext__<%= name %>.conf";
26<%- end -%>
diff --git a/deployment_scripts/puppet/modules/calico/templates/calico-alt-gateway.conf.erb b/deployment_scripts/puppet/modules/calico/templates/calico-alt-gateway.conf.erb
new file mode 100644
index 0000000..93bdd94
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/calico-alt-gateway.conf.erb
@@ -0,0 +1,13 @@
1description "calico-alt-gateway"
2author "Alternative default gateway for Calico network"
3
4#start on stopped rc RUNLEVEL=[2345]
5start on (net-device-up and started etcd)
6#stop on runlevel [!2345]
7
8#respawn
9
10script
11 ip r add default via <%= @calico_alt_gateway %> table <%= @calico_mark %>
12 ip rule add fwmark <%= @calico_mark %> table <%= @calico_mark %>
13end script
diff --git a/deployment_scripts/puppet/modules/calico/templates/etcd.conf.erb b/deployment_scripts/puppet/modules/calico/templates/etcd.conf.erb
new file mode 100644
index 0000000..2f9dc8c
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/etcd.conf.erb
@@ -0,0 +1,15 @@
1# vim:set ft=upstart ts=2 et:
2description "etcd"
3author "etcd maintainers"
4
5start on stopped rc RUNLEVEL=[2345]
6stop on runlevel [!2345]
7
8respawn
9
10setuid etcd
11
12env ETCD_DATA_DIR=/var/lib/etcd
13export ETCD_DATA_DIR
14
15exec /usr/bin/etcd <%=@etcd_cmd_opts %>
diff --git a/deployment_scripts/puppet/modules/calico/templates/felix.cfg.erb b/deployment_scripts/puppet/modules/calico/templates/felix.cfg.erb
new file mode 100644
index 0000000..c87cac9
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/templates/felix.cfg.erb
@@ -0,0 +1,6 @@
1[global]
2EtcdAddr = <%= @etcd_host %>:<%= @etcd_port %>
3#FelixHostname = hostname
4MetadataAddr = <%= @metadata_host %>
5MetadataPort = <%= @metadata_port %>
6InterfacePrefix = tap
diff --git a/deployment_scripts/puppet/modules/calico/tests/init.pp b/deployment_scripts/puppet/modules/calico/tests/init.pp
new file mode 100644
index 0000000..4e799ab
--- /dev/null
+++ b/deployment_scripts/puppet/modules/calico/tests/init.pp
@@ -0,0 +1,12 @@
1# The baseline for module testing used by Puppet Labs is that each manifest
2# should have a corresponding test manifest that declares that class or defined
3# type.
4#
5# Tests are then run by using puppet apply --noop (to check for compilation
6# errors and view a log of events) or by fully applying the test in a virtual
7# environment (to compare the resulting system state to the desired state).
8#
9# Learn more about module testing here:
10# http://docs.puppetlabs.com/guides/tests_smoke.html
11#
12include calico
diff --git a/deployment_scripts/remove_default_networks.sh b/deployment_scripts/remove_default_networks.sh
deleted file mode 100755
index 15c633e..0000000
--- a/deployment_scripts/remove_default_networks.sh
+++ /dev/null
@@ -1,45 +0,0 @@
1#!/bin/bash
2# This script removes default network config created in OpenStack as part of a
3# Fuel deployment. These networks do not work for instance creation with
4# Calico, so need to be removed.
5
6# OpenStack authentication and authorization requires environment variables
7# contained in the openrc file, this will allow us to issue commands via the
8# neutron API.
9source /root/openrc
10
11# Details of the default networks/routers created on Fuel deployment of a
12# Mirantis OpenStack environment.
13DEFAULT_NET=net04
14DEFAULT_NET_EXT=net04_ext
15DEFAULT_ROUTER=router04
16
17# DEFAULT_NET_EXT is set as the gateway for DEFAULT_ROUTER, we must clear that
18# before we can delete the network.
19neutron router-gateway-clear $DEFAULT_ROUTER
20neutron net-delete $DEFAULT_NET_EXT
21
22# DEFAULT_NET cannot be deleted until all ports configured on the network have
23# been removed. We get details of the configured ports from the "neutron port-list"
24# command, whose output is of the form:
25# +-----+------+-------------------+-----------------------------------------------+
26# | id | name | mac_address | fixed_ips |
27# +-----+------+-------------------+-----------------------------------------------+
28# | foo | | fa:16:3e:ae:70:4e | {"subnet_id": "bar", "ip_address": "a.b.c.d"} |
29# +-----+------+-------------------+-----------------------------------------------+
30port_ids=$(neutron port-list | grep "|" | grep -v "fixed_ips" | cut -d " " -f 2)
31for port_id in "${port_ids[@]}"
32do
33 neutron port-delete $port_id
34 if [[ $? != 0 ]]; then
35 # One of the ports is associated with the interface for the default router.
36 # This causes port deletion to fail. So we delete the interface on the
37 # router (this also removes the port).
38 neutron router-interface-delete $DEFAULT_ROUTER port=$port_id
39 fi
40done
41
42# We can now delete the default router and the default network.
43neutron router-delete $DEFAULT_ROUTER
44neutron net-delete $DEFAULT_NET
45
diff --git a/deployment_scripts/update_etcd_cluster.sh b/deployment_scripts/update_etcd_cluster.sh
deleted file mode 100755
index fd1cdbe..0000000
--- a/deployment_scripts/update_etcd_cluster.sh
+++ /dev/null
@@ -1,42 +0,0 @@
1#!/bin/bash
2# Copyright 2015 Metaswitch Networks
3
4this_node_address=$(python get_node_ip.py `hostname`)
5controller_node_addresses=$(python get_node_ips_by_role.py controller)
6
7for node_address in ${controller_node_addresses[@]}
8do
9 initial_cluster+="${node_address}=http://${node_address}:2380,"
10done
11
12initial_cluster=${initial_cluster::-1} # remove trailing comma
13
14service etcd stop
15rm -rf /var/lib/etcd/*
16awk '/exec \/usr\/bin\/etcd/{while(getline && $0 != ""){}}1' /etc/init/etcd.conf > tmp
17mv tmp /etc/init/etcd.conf
18cat << EXEC_CMD >> /etc/init/etcd.conf
19exec /usr/bin/etcd -name ${this_node_address} \\
20 -advertise-client-urls "http://${this_node_address}:2379,http://${this_node_address}:4001" \\
21 -listen-client-urls "http://0.0.0.0:2379,http://0.0.0.0:4001" \\
22 -listen-peer-urls "http://0.0.0.0:2380" \\
23 -initial-advertise-peer-urls "http://${this_node_address}:2380" \\
24 -initial-cluster-token fuel-cluster-1 \\
25 -initial-cluster ${initial_cluster} \\
26 -initial-cluster-state new
27
28EXEC_CMD
29service etcd start
30
31retry_count=0
32while [[ $retry_count < 5 ]]; do
33 etcdctl cluster-health
34 if [[ $? == 0 ]]; then
35 break
36 else
37 ((retry_count++))
38 service etcd restart
39 sleep 2
40 fi
41done
42
diff --git a/deployment_tasks.yaml b/deployment_tasks.yaml
new file mode 100644
index 0000000..ab809fe
--- /dev/null
+++ b/deployment_tasks.yaml
@@ -0,0 +1,340 @@
1# Groups
2
3- id: calico-rrs
4 type: group
5 version: 2.1.0
6 role:
7 - calico-rr
8 tasks: [hiera, globals, setup_repositories, tools, logging, netconfig, hosts, deploy_start]
9 requires:
10 - deploy_start
11 required_for:
12 - deploy_end
13 parameters:
14 strategy:
15 type: one_by_one
16
17- id: calico-etcds
18 type: group
19 version: 2.1.0
20 role:
21 - calico-etcd
22 tasks: [hiera, globals, setup_repositories, tools, logging, netconfig, hosts, deploy_start]
23 requires:
24 - deploy_start
25 required_for:
26 - deploy_end
27 parameters:
28 strategy:
29 type: one_by_one
30
31# Plugin tasks
32
33- id: hiera_override
34 type: puppet
35 version: 2.1.0
36 groups: ["/.*/"]
37 requires:
38 - hiera
39 required_for:
40 - globals
41 parameters:
42 puppet_manifest: puppet/manifests/hiera_override.pp
43 puppet_modules: puppet/modules:/etc/puppet/modules
44 timeout: 3600
45
46- id: calico-private-gateway-check
47 groups: ["/.*/"]
48 version: 2.1.0
49 requires:
50 - globals
51 required_for:
52 - deploy_end
53 - netconfig
54 - hosts
55 type: puppet
56 parameters:
57 timeout: 180
58 puppet_manifest: puppet/manifests/private_gateway_check.pp
59 puppet_modules: puppet/modules:/etc/puppet/modules
60
61- id: calico-repo-setup
62 role:
63 - calico-rr
64 - calico-etcd
65 - primary-controller
66 - controller
67 - compute
68 version: 2.1.0
69 requires:
70 - netconfig
71 - hosts
72 required_for:
73 - deploy_end
74 - openstack-network-start
75 type: puppet
76 parameters:
77 timeout: 180
78 puppet_manifest: puppet/manifests/repo_setup.pp
79 puppet_modules: puppet/modules:/etc/puppet/modules
80
81- id: calico-rr
82 role:
83 - calico-rr
84 version: 2.1.0
85 requires:
86 - netconfig
87 - hosts
88 - firewall
89 - calico-repo-setup
90 required_for:
91 - deploy_end
92 - openstack-network-start
93 condition:
94 yaql_exp: >
95 changedAny($.configuration, $.debug, $.network_metadata, $.network_scheme, $['fuel-plugin-calico'])
96 type: puppet
97 parameters:
98 timeout: 180
99 puppet_manifest: puppet/manifests/role_rr.pp
100 puppet_modules: puppet/modules:/etc/puppet/modules
101
102- id: calico-etcd
103 role:
104 - calico-etcd
105 version: 2.1.0
106 requires:
107 - netconfig
108 - hosts
109 - firewall
110 - calico-repo-setup
111 required_for:
112 - deploy_end
113 - openstack-network-start
114 condition:
115 yaql_exp: >
116 changedAny($.configuration, $.debug, $.network_metadata, $.network_scheme, $['fuel-plugin-calico'])
117 type: puppet
118 parameters:
119 timeout: 180
120 puppet_manifest: puppet/manifests/role_etcd.pp
121 puppet_modules: puppet/modules:/etc/puppet/modules
122
123- id: calico-etcd-proxy
124 role:
125 - primary-controller
126 - controller
127 - compute
128 version: 2.1.0
129 requires:
130 - netconfig
131 - hosts
132 - firewall
133 - calico-repo-setup
134 required_for:
135 - deploy_end
136 - openstack-network-start
137 cross-depends:
138 - name: primary-calico-etcd
139 role: ["/(primary-)?calico-etcd/"]
140 - name: calico-etcd
141 role: ["/(primary-)?calico-etcd/"]
142 condition:
143 yaql_exp: not ('calico-etcd' in $.roles)
144 type: puppet
145 parameters:
146 timeout: 180
147 puppet_manifest: puppet/manifests/etcd_proxy.pp
148 puppet_modules: puppet/modules:/etc/puppet/modules
149
150- id: openstack-network-server-config
151 type: puppet
152 version: 2.1.0
153 groups:
154 - primary-controller
155 - controller
156 requires:
157 - calico-repo-setup
158 - calico-etcd-proxy
159 - openstack-network-start
160 - openstack-network-common-config
161 required_for:
162 - openstack-network-end
163 cross-depends:
164 - name: /(primary-)?calico-rr/
165 role: ["/(primary-)?calico-rr/"]
166 - name: /(primary-)?calico-etcd/
167 role: ["/(primary-)?calico-etcd/"]
168 condition:
169 yaql_exp: >
170 changedAny($.quantum, $.configuration, $.quantum_settings,
171 $.get('database_vip'), $.network_metadata.vips, $.nova,
172 $.get('neutron_primary_controller_roles'),
173 $.get('neutron_compute_nodes'), $.get('region', 'RegionOne'),
174 $.get('use_ssl'), $.neutron_advanced_configuration, $.network_scheme)
175 refresh_on:
176 - neutron_plugin_ml2
177 - neutron_config
178 - neutron_api_config
179 parameters:
180 puppet_manifest: puppet/manifests/neutron_server_config.pp
181 puppet_modules: puppet/modules:/etc/puppet/modules
182 timeout: 1800
183
184- id: openstack-network-networks
185 type: puppet
186 version: 2.1.0
187 groups:
188 - primary-controller
189 requires:
190 - openstack-network-start
191 - openstack-network-common-config
192 - openstack-network-server-config
193 required_for:
194 - openstack-network-end
195 condition:
196 yaql_exp: "changedAny($.access, $.quantum_settings, $.quantum)"
197 parameters:
198 puppet_manifest: puppet/manifests/neutron_networks.pp
199 puppet_modules: puppet/modules:/etc/puppet/modules
200 timeout: 1800
201
202- id: calico-compute-bird
203 role:
204 - compute
205 version: 2.1.0
206 requires:
207 - netconfig
208 - hosts
209 - firewall
210 - calico-repo-setup
211 required_for:
212 - deploy_end
213 - openstack-network-start
214 cross-depends:
215 - name: /(primary-)?calico-rr/
216 role: ["/(primary-)?calico-rr/"]
217 condition:
218 yaql_exp: >
219 changedAny($.configuration, $.debug, $.network_metadata, $.network_scheme, $['fuel-plugin-calico'])
220 type: puppet
221 parameters:
222 timeout: 180
223 puppet_manifest: puppet/manifests/compute_bird.pp
224 puppet_modules: puppet/modules:/etc/puppet/modules
225
226- id: openstack-network-compute-nova
227 type: puppet
228 version: 2.1.0
229 groups: [compute]
230 requires: [openstack-network-start, calico-etcd-proxy]
231 required_for: [openstack-network-end]
232 condition:
233 yaql_exp: >
234 changedAny($.network_scheme, $.quantum, $.quantum_settings, $.nova,
235 $.network_metadata.vips, $.get('region'), $.get('use_ssl'), $['fuel-plugin-calico'])
236 parameters:
237 puppet_manifest: puppet/manifests/compute_neutron_nova.pp
238 puppet_modules: puppet/modules:/etc/puppet/modules
239 timeout: 1800
240
241- id: calico-compute-metadata-api
242 type: puppet
243 version: 2.1.0
244 groups: [compute]
245 requires: [openstack-network-end, calico-etcd-proxy, top-role-compute]
246 required_for: [enable_nova_compute_service]
247 condition:
248 yaql_exp: >
249 changedAny($.quantum, $.configuration, $.debug,
250 $.neutron_advanced_configuration, $['fuel-plugin-calico'])
251 parameters:
252 puppet_manifest: puppet/manifests/compute_metadata_api.pp
253 puppet_modules: puppet/modules:/etc/puppet/modules
254 timeout: 1800
255
256- id: calico-compute-alt-gateway
257 type: puppet
258 version: 2.1.0
259 groups: [compute]
260 requires: [openstack-network-end, calico-etcd-proxy, top-role-compute]
261 required_for: [enable_nova_compute_service, calico-compute-felix]
262 condition:
263 yaql_exp: >
264 changedAny($.quantum, $.configuration,
265 $.neutron_advanced_configuration, $['fuel-plugin-calico'])
266 parameters:
267 puppet_manifest: puppet/manifests/compute_alt_gateway.pp
268 puppet_modules: puppet/modules:/etc/puppet/modules
269 timeout: 1800
270
271- id: calico-compute-felix
272 type: puppet
273 version: 2.1.0
274 groups: [compute]
275 requires: [openstack-network-end, calico-etcd-proxy, top-role-compute]
276 required_for: [enable_nova_compute_service]
277 condition:
278 yaql_exp: >
279 changedAny($.quantum, $.configuration, $.debug,
280 $.neutron_advanced_configuration, $['fuel-plugin-calico'])
281 parameters:
282 puppet_manifest: puppet/manifests/compute_felix.pp
283 puppet_modules: puppet/modules:/etc/puppet/modules
284 timeout: 1800
285
286- id: openstack-network-agents-dhcp
287 type: puppet
288 version: 2.1.0
289 groups: [compute]
290 requires: [openstack-network-end, calico-etcd-proxy, calico-compute-felix, top-role-compute]
291 required_for: [enable_nova_compute_service]
292 condition:
293 yaql_exp: >
294 changedAny($.quantum, $.configuration, $.debug,
295 $.neutron_advanced_configuration, $['fuel-plugin-calico'])
296 refresh_on: [neutron_dhcp_agent_config]
297 parameters:
298 puppet_manifest: puppet/manifests/compute_dhcp_agent.pp
299 puppet_modules: puppet/modules:/etc/puppet/modules
300 timeout: 1800
301
302# Disable Neutron tasks, not required for Calice setup
303
304- id: openstack-network-routers
305 groups: ["/.*/"]
306 version: 2.1.0
307 type: skipped
308
309- id: primary-openstack-network-agents-dhcp
310 groups: ["/.*/"]
311 version: 2.1.0
312 type: skipped
313# Task with id:openstack-network-agents-dhcp was redefined above
314
315- id: primary-openstack-network-plugins-l2
316 groups: ["/.*/"]
317 version: 2.1.0
318 type: skipped
319- id: openstack-network-plugins-l2
320 groups: ["/.*/"]
321 version: 2.1.0
322 type: skipped
323
324- id: primary-openstack-network-agents-l3
325 groups: ["/.*/"]
326 version: 2.1.0
327 type: skipped
328- id: openstack-network-agents-l3
329 groups: ["/.*/"]
330 version: 2.1.0
331 type: skipped
332
333- id: primary-openstack-network-agents-metadata
334 groups: ["/.*/"]
335 version: 2.1.0
336 type: skipped
337- id: openstack-network-agents-metadata
338 groups: ["/.*/"]
339 version: 2.1.0
340 type: skipped
diff --git a/environment_config.yaml b/environment_config.yaml
index 63aed59..a848ccc 100644
--- a/environment_config.yaml
+++ b/environment_config.yaml
@@ -1 +1,45 @@
1attributes: {} 1attributes:
2 metadata:
3 label: Calico networking
4 description: Deploy OpenStack with Calico L3 fabric instead of Neutron L2 isolation
5 weight: 28400
6 group: network
7 as_number:
8 value: '64512'
9 label: AS Number
10 description: AS number for BGP communication
11 weight: 20
12 type: "text"
13 regex:
14 source: '^([1-9]|[0-9]{2,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-4])$'
15 error: "Invalid AS number"
16 enable_ipv4:
17 type: checkbox
18 weight: 60
19 value: true
20 label: Enable IPv4
21 description: Operate with bird4 BGP daemon
22 enable_ipv6:
23 type: checkbox
24 weight: 62
25 value: false
26 label: Enable IPv6
27 description: Operate with bird6 BGP daemon
28 restrictions:
29 - condition: "settings:fuel-plugin-calico.metadata.enabled == true" # disable, because in TODO
30 strict: false
31 enable_external_peering:
32 type: checkbox
33 weight: 70
34 value: false
35 label: Allow external BGP peering
36 external_peers:
37 label: External BGP peers
38 description: One BGP peer per line in format 'name:as_number:ipaddr:optional_flags...'
39 weight: 71
40 type: "textarea"
41 value: ''
42 restrictions:
43 - condition: "settings:fuel-plugin-calico.enable_external_peering.value != true"
44 strict: false
45
diff --git a/metadata.yaml b/metadata.yaml
index 76381eb..f0e7917 100644
--- a/metadata.yaml
+++ b/metadata.yaml
@@ -1,15 +1,19 @@
1# Plugin name 1# Plugin name
2name: calico-fuel-plugin 2name: fuel-plugin-calico
3# Human-readable name for your plugin 3# Human-readable name for your plugin
4title: Use Calico Virtual Networking 4title: Use Calico Virtual Networking
5# Plugin version 5# Plugin version
6version: 2.0.0 6version: 3.0.1
7# Description 7# Description
8description: Layer 3 Virtual Networking for Highly Scalable Data Centers 8description: Layer 3 Virtual Networking for Highly Scalable Data Centers
9# Required fuel version 9# Required fuel version
10fuel_version: ['7.0'] 10fuel_version: ['9.0','9.1']
11# Plugin authors 11# Plugin authors
12authors: ['Emma Gordon'] 12authors:
13 - Emma Gordon <emma@projectcalico.org>
14 - Alexander Didenko <adidenko@mirantis.com>
15 - Oleksandr Martsyniuk <omartsyniuk@mirantis.com>
16 - Sergey Vasilenko <svasilenko@mirantis.com>
13# Plugin license 17# Plugin license
14licenses: [Apache License Version 2.0] 18licenses: [Apache License Version 2.0]
15# Plugin project homepage 19# Plugin project homepage
@@ -20,10 +24,16 @@ groups: ['network']
20# The plugin is compatible with releases in the list 24# The plugin is compatible with releases in the list
21releases: 25releases:
22 - os: ubuntu 26 - os: ubuntu
23 version: 2015.1-7.0 27 version: mitaka-9.0
24 mode: ['ha', 'multinode'] 28 mode: ['ha']
29 deployment_scripts_path: deployment_scripts/
30 repository_path: repositories/ubuntu
31 - os: ubuntu
32 version: mitaka-9.1
33 mode: ['ha']
25 deployment_scripts_path: deployment_scripts/ 34 deployment_scripts_path: deployment_scripts/
26 repository_path: repositories/ubuntu 35 repository_path: repositories/ubuntu
27 36
28# Version of plugin package 37# Version of plugin package
29package_version: '2.0.0' 38package_version: '4.0.0'
39is_hotpluggable: false
diff --git a/node_roles.yaml b/node_roles.yaml
new file mode 100644
index 0000000..9b5ccee
--- /dev/null
+++ b/node_roles.yaml
@@ -0,0 +1,20 @@
1calico-rr:
2 name: Calico - RR
3 description: Calico route-reflector role
4 has_primary: false
5 limits:
6 min: 1
7 recommended: 2
8 public_ip_required: false
9 weight: 100
10 conflicts:
11 - compute
12calico-etcd:
13 name: Calico - etcd
14 description: Calico etcd instance.
15 has_primary: false
16 limits:
17 min: 1
18 recommended: 3
19 public_ip_required: false
20 weight: 100
diff --git a/pre_build_hook b/pre_build_hook
deleted file mode 100644
index be74a7e..0000000
--- a/pre_build_hook
+++ /dev/null
@@ -1,18 +0,0 @@
1#!/bin/bash
2
3# Add here any the actions which are required before plugin build
4# like packages building, packages downloading from mirrors and so on.
5# The script should return 0 if there were no errors.
6
7#!/bin/bash
8set -eux
9ROOT="$(dirname `readlink -f $0`)"
10MODULES="${ROOT}"/deployment_scripts/puppet/modules
11mkdir -p "${MODULES}"
12REPO_PATH='https://github.com/openstack/fuel-library/tarball/f43d885914d74fbd062096763222f350f47480e1'
13RPM_REPO="${ROOT}"/repositories/centos/
14DEB_REPO="${ROOT}"/repositories/ubuntu/
15
16wget -qO- "${REPO_PATH}" | \
17 tar -C "${MODULES}" --strip-components=3 -zxvf - \
18 openstack-fuel-library-f43d885/deployment/puppet/{inifile,stdlib}
diff --git a/pre_install.sh b/pre_install.sh
new file mode 100644
index 0000000..1aba92e
--- /dev/null
+++ b/pre_install.sh
@@ -0,0 +1,45 @@
1#!/bin/sh
2
3PWD=`pwd`
4
5FUEL_VERSION=`rpm -q --info fuel | tr -s \[:space:\] | grep 'Version :' | awk -F': ' '{print $2}'`
6if [ $FUEL_VERSION == '9.0.0' ] ; then
7# Implement minor patch to l23network (included into 9.1, but not present in 9.0)
8# For additional information see Openstack Bug #1590735
9# or Change-Id: I89ef5630ab2dfd373b8cd4b7db481278c659db75
10
11cd /etc/puppet/modules/l23network
12patch -N -p4 <<EOF
13diff --git a/deployment/puppet/l23network/lib/puppetx/l23_network_scheme.rb b/deployment/puppet/l23network/lib/puppetx/l23_network_scheme.rb
14index 4f80daf..a2c1049 100644
15--- a/deployment/puppet/l23network/lib/puppetx/l23_network_scheme.rb
16+++ b/deployment/puppet/l23network/lib/puppetx/l23_network_scheme.rb
17@@ -101,7 +101,13 @@
18 transformations = org_tranformations.reject{|x| x[:action]=='override'}
19 org_tranformations.select{|x| x[:action]=='override'}.each do |ov|
20 next if ov[:override].nil?
21- tr_index = transformations.index{|x| x[:name]==ov[:override]}
22+ pm = ov[:override].match(/patch-([\w\-]+)\:([\w\-]+)/)
23+ if !pm.nil? and pm.size == 3
24+ # we should override patch, to search patch use bridge names
25+ tr_index = transformations.index{|x| x[:action]=='add-patch' and (x[:bridges]==[pm[1],pm[2]] or x[:bridges]==[pm[2],pm[1]])}
26+ else
27+ tr_index = transformations.index{|x| x[:name]==ov[:override]}
28+ end
29 next if tr_index.nil?
30 ov.reject{|k,v| [:override, :action].include? k}.each do |k,v|
31 if k == :'override-action' and v.to_s!=''
32EOF
33rc=$?
34if [ $rc -gt 1 ] ; then
35 echo
36 echo "Can't patch l23network module. Chech whether 'patch' utility installed."
37 echo "rc=$rc"
38 echo
39 echo "Use 'yum install -y patch' if not found"
40 echo
41 exit $rc
42fi
43
44fi
45cd $PWD
diff --git a/repositories/ubuntu/nova-api-metadata_13.0.0-7-u14.04+mos43_all.deb b/repositories/ubuntu/nova-api-metadata_13.0.0-7-u14.04+mos43_all.deb
new file mode 100644
index 0000000..0fbcc6f
--- /dev/null
+++ b/repositories/ubuntu/nova-api-metadata_13.0.0-7-u14.04+mos43_all.deb
Binary files differ
diff --git a/specs/calico-fuel-plugin.rst b/specs/calico-fuel-plugin.rst
index 5a8e885..7cf5af3 100755
--- a/specs/calico-fuel-plugin.rst
+++ b/specs/calico-fuel-plugin.rst
@@ -1,4 +1,4 @@
1Copyright 2015 Metaswitch Networks 1Copyright 2016 Mirantis
2 2
3Fuel Plugin for Project Calico 3Fuel Plugin for Project Calico
4============================== 4==============================
@@ -6,7 +6,7 @@ Fuel Plugin for Project Calico
6The Calico plugin provides the ability to use Calico as a networking backend 6The Calico plugin provides the ability to use Calico as a networking backend
7for Mirantis OpenStack. 7for Mirantis OpenStack.
8 8
9Compatible with Fuel version 7.0. 9Compatible with Fuel version 9.0.
10 10
11Problem description 11Problem description
12=================== 12===================
@@ -22,8 +22,9 @@ and destination workloads.
22Proposed change 22Proposed change
23=============== 23===============
24 24
25Update the Calico plugin for Fuel version 6.1 to support version 7.0. This will 25Re-design the Calico plugin for Fuel version 6.1 to support version 9.0.
26involve moving from the Juno to the Kilo release of Mirantis OpenStack. 26This will involve moving from the Juno to the Mitaka release of
27Mirantis OpenStack.
27 28
28Support for HA deployments with multiple controllers will also be added. 29Support for HA deployments with multiple controllers will also be added.
29 30
@@ -45,7 +46,7 @@ None.
45Upgrade impact 46Upgrade impact
46-------------- 47--------------
47 48
48When upgrading the Fuel Master node to Fuel Version higher than 7.0, plugin 49When upgrading the Fuel Master node to Fuel Version higher than 9.0, plugin
49compatibility should be checked, and a new plugin installed if necessary. 50compatibility should be checked, and a new plugin installed if necessary.
50 51
51Security impact 52Security impact
@@ -62,7 +63,7 @@ Other end user impact
62--------------------- 63---------------------
63 64
64Once the plugin is installed, the user can enable Calico networking on the 65Once the plugin is installed, the user can enable Calico networking on the
65Settings tab of the Fuel Web UI, and customize the network settings. 66Wizard while create Openstack Env, and customize the network settings.
66 67
67Performance Impact 68Performance Impact
68------------------ 69------------------
@@ -96,15 +97,16 @@ Assignee(s)
96----------- 97-----------
97 98
98Primary assignee: 99Primary assignee:
99 Emma Gordon <emma@projectcalico.org> (developer) 100 Sergey Vasilenko <svasilenko@mirantis.com>
100 101
101Other contributors: 102Other contributors:
102 Neil Jerram <neil@projectcalico.org> (developer, reviewer) 103 Alexander Didenko <adidenko@mirantis.com>
104 Oleksandr Martsyniuk <omartsyniuk@mirantis.com>
103 105
104Work Items 106Work Items
105---------- 107----------
106 108
107* Integrate Calico with Fuel 7.0. 109* Integrate Calico with Fuel 9.0.
108 110
109* Update the Calico plugin. 111* Update the Calico plugin.
110 112
@@ -115,7 +117,7 @@ Work Items
115Dependencies 117Dependencies
116============ 118============
117 119
118* Fuel 7.0. 120* Fuel 9.0.
119 121
120Testing 122Testing
121======= 123=======
@@ -142,7 +144,4 @@ References
142 144
143* Calico Documentation - http://docs.projectcalico.org/en/latest/index.html 145* Calico Documentation - http://docs.projectcalico.org/en/latest/index.html
144 146
145* Subscribe to the Calico Technical Mailing List -
146 http://lists.projectcalico.org/listinfo/calico-tech
147
148* Calico IRC - freenode IRC: #calico 147* Calico IRC - freenode IRC: #calico
diff --git a/tasks.yaml b/tasks.yaml
index 6e628c7..e69de29 100644
--- a/tasks.yaml
+++ b/tasks.yaml
@@ -1,33 +0,0 @@
1# Copyright 2015 Metaswitch Networks
2
3# Install/configure calico on the controller after cluster deployment
4# but before starting the BGP Route Reflector.
5- role: ['controller', 'primary-controller']
6 stage: post_deployment/50
7 type: shell
8 parameters:
9 cmd: ./calico_controller.sh
10 timeout: 600
11
12- role: ['controller', 'primary-controller']
13 stage: post_deployment/100
14 type: shell
15 parameters:
16 cmd: ./calico_route_reflector.sh
17 timeout: 60
18
19# Remove default OpenStack network configuration which doesn't work with Calico.
20#- role: ['primary-controller']
21# stage: post_deployment/150
22# type: shell
23# parameters:
24# cmd: ./remove_default_networks.sh
25# timeout: 60
26
27# Install/configure calico on the compute nodes after cluster deployment.
28- role: ['compute']
29 stage: post_deployment
30 type: shell
31 parameters:
32 cmd: ./calico_compute.sh
33 timeout: 600