Add Ironic Networking Baremetal Templates

Ironic neutron agent will be installed on controller nodes, or
networker nodes, when environments/services/ironic.yaml or
environments/services-docker/ironic.yaml is used.

It should also be enabled on undercloud.

Also enables ``baremetal`` ML2 mechanism driver on undercloud.

Depends-On: Ic1f44414e187393d35e1382a42d384760d5757ef
Depends-On: I3c40f84052a41ed440758b971975c5c81ace4225
Change-Id: I0b4ef83a5383ff9726f6d69e0394fc544c381a7e
This commit is contained in:
Harald Jensas 2018-02-16 19:26:23 +01:00 committed by Harald Jensås
parent b10b9ac4cd
commit 5203e43979
15 changed files with 225 additions and 0 deletions

View File

@ -0,0 +1,122 @@
heat_template_version: queens
description: >
OpenStack ironic-neutron-agent service
parameters:
DockerIronicNeutronAgentImage:
description: The container image to use for the ironic-neutron-agent
type: string
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
type: string
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
resources:
ContainersCommon:
type: ./containers-common.yaml
IronicNeutronAgentBase:
type: ../../puppet/services/ironic-neutron-agent.yaml
properties:
EndpointMap: {get_param: EndpointMap}
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
NeutronLogging:
type: OS::TripleO::Services::Logging::NeutronCommon
properties:
NeutronServiceName: ironic-neutron-agent
outputs:
role_data:
description: Role data for ironic-neutron-agent service
value:
service_name: {get_attr: [IronicNeutronAgentBase, role_data, service_name]}
config_settings:
map_merge:
- get_attr: [IronicNeutronAgentBase, role_data, config_settings]
- get_attr: [NeutronLogging, config_settings]
puppet_config:
config_volume: neutron
puppet_tags: neutron_config,ironic_neutron_agent_config
step_config:
get_attr: [IronicNeutronAgentBase, role_data, step_config]
config_image: {get_param: DockerNeutronConfigImage}
kolla_config:
/var/lib/kolla/config_files/ironic_neutron_agent.json:
command: /usr/bin/ironic-neutron-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ironic_neutron_agent.ini --config-dir /etc/neutron/conf.d/common
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
permissions:
- path: /var/log/neutron
owner: neutron:neutron
recurse: true
docker_config:
step_4:
ironic_neutron_agent:
start_order: 80
image: {get_param: DockerIronicNeutronAgentImage}
net: host
pid: host
privileged: true
restart: always
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- {get_attr: [NeutronLogging, volumes]}
-
- /var/lib/kolla/config_files/ironic_neutron_agent.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/neutron/:/var/lib/kolla/config_files/src:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks: {get_attr: [NeutronLogging, host_prep_tasks]}
upgrade_tasks:
- name: Check if ironic-neutron-agent is deployed
command: systemctl is-enabled --quiet ironic-neutron-agent
tags: common
ignore_errors: True
register: ironic_neutron_agent_enabled
- name: "PreUpgrade step0,validation: Check service ironic-neutron-agent is running"
command: systemctl is-active --quiet ironic-neutron-agent
when:
- step|int == 0
- ironic_neutron_agent_enabled.rc == 0
tags: validation
- name: Stop and disable ironic-neutron-agent service
when:
- step|int == 2
- ironic_neutron_agent_enabled.rc == 0
service: name=ironic-neutron-agent state=stopped enabled=no

View File

@ -2,5 +2,6 @@ resource_registry:
OS::TripleO::Services::IronicApi: ../../puppet/services/ironic-api.yaml
OS::TripleO::Services::IronicConductor: ../../puppet/services/ironic-conductor.yaml
OS::TripleO::Services::NovaIronic: ../../puppet/services/nova-ironic.yaml
OS::TripleO::Services::IronicNeutronAgent: ../../puppet/services/ironic-neutron-agent.yaml
parameter_defaults:
NovaSchedulerDiscoverHostsInCellsInterval: 15

View File

@ -3,5 +3,6 @@ resource_registry:
OS::TripleO::Services::IronicConductor: ../../docker/services/ironic-conductor.yaml
OS::TripleO::Services::IronicPxe: ../../docker/services/ironic-pxe.yaml
OS::TripleO::Services::NovaIronic: ../../docker/services/nova-ironic.yaml
OS::TripleO::Services::IronicNeutronAgent: ../../docker/services/ironic-neutron-agent.yaml
parameter_defaults:
NovaSchedulerDiscoverHostsInCellsInterval: 15

View File

@ -75,6 +75,7 @@ parameter_defaults:
MistralCorsAllowedOrigin: '*'
MistralExecutionFieldSizeLimit: 16384
NeutronServicePlugins: router,segments
NeutronMechanismDrivers: ['openvswitch', 'baremetal']
NeutronNetworkVLANRanges: 'physnet1:1000:2999'
NeutronPluginExtensions: 'port_security'
NeutronFirewallDriver: ''

View File

@ -278,6 +278,7 @@ resource_registry:
OS::TripleO::Services::IronicConductor: OS::Heat::None
OS::TripleO::Services::IronicInspector: OS::Heat::None
OS::TripleO::Services::IronicPxe: OS::Heat::None
OS::TripleO::Services::IronicNeutronAgent: OS::Heat::None
OS::TripleO::Services::NovaIronic: OS::Heat::None
OS::TripleO::Services::TripleoPackages: puppet/services/tripleo-packages.yaml
OS::TripleO::Services::TripleoFirewall: puppet/services/tripleo-firewall.yaml

View File

@ -0,0 +1,87 @@
heat_template_version: queens
description: >
OpenStack ironic-neutron-agent configured with Puppet
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
IronicPassword:
description: The password for the Ironic service and db account, used by the Ironic services
type: string
hidden: true
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
resources:
NeutronBase:
type: ./neutron-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the ironic-neutron-agent service.
value:
service_name: ironic_neutron_agent
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- neutron::agents::ml2::networking_baremetal::user: 'ironic'
- neutron::agents::ml2::networking_baremetal::password: {get_param: IronicPassword}
- neutron::agents::ml2::networking_baremetal::auth_url: { get_param: [ EndpointMap, KeystoneInternal, uri_no_suffix ] }
- neutron::agents::ml2::networking_baremetal::project_name: 'service'
- neutron::agents::ml2::networking_baremetal::user_domain_name: 'Default'
- neutron::agents::ml2::networking_baremetal::project_domain_name: 'Default'
- neutron::agents::ml2::networking_baremetal::region_name: {get_param: KeystoneRegion}
step_config: |
include tripleo::profile::base::neutron::agents::networking_baremetal
upgrade_tasks:
- name: Check if ironic-neutron-agent is deployed
command: systemctl is-enabled ironic-neutron-agent
tags: common
ignore_errors: True
register: ironic_neutron_agent_enabled
- name: "PreUpgrade step0,validation: Check service ironic-neutron-agent is running"
shell: /usr/bin/systemctl show 'ironic-neutron-agent' --property ActiveState | grep '\bactive\b'
when:
- step|int == 0
- ironic_neutron_agent_enabled.rc == 0
tags: validation
- name: Stop ironic-neutron-agent service
when:
- step|int == 1
- ironic_neutron_agent_enabled.rc == 0
service: name=ironic-neutron-agent state=stopped

View File

@ -0,0 +1,4 @@
---
features:
- Adds support for Ironic Networking Baremetal. Networking Baremetal
is used to integrate the Bare Metal service with the Networking service.

View File

@ -94,6 +94,7 @@
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::IronicNeutronAgent
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel

View File

@ -87,6 +87,7 @@
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::IronicNeutronAgent
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel

View File

@ -73,6 +73,7 @@
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::IronicNeutronAgent
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel

View File

@ -82,6 +82,7 @@
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::IronicNeutronAgent
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel

View File

@ -17,6 +17,7 @@
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Fluentd
- OS::TripleO::Services::Ipsec
- OS::TripleO::Services::IronicNeutronAgent
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::LoginDefs
- OS::TripleO::Services::MySQLClient

View File

@ -25,6 +25,7 @@
- OS::TripleO::Services::IronicConductor
- OS::TripleO::Services::IronicInspector
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::IronicNeutronAgent
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::LoginDefs

View File

@ -97,6 +97,7 @@
- OS::TripleO::Services::IronicApi
- OS::TripleO::Services::IronicConductor
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::IronicNeutronAgent
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Kernel

View File

@ -28,6 +28,7 @@
- OS::TripleO::Services::IronicConductor
- OS::TripleO::Services::IronicInspector
- OS::TripleO::Services::IronicPxe
- OS::TripleO::Services::IronicNeutronAgent
- OS::TripleO::Services::Iscsid
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::LoginDefs