diff --git a/ci/environments/scenario009-multinode.yaml b/ci/environments/scenario009-multinode.yaml new file mode 100644 index 0000000000..256190ad05 --- /dev/null +++ b/ci/environments/scenario009-multinode.yaml @@ -0,0 +1,55 @@ +resource_registry: + OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml + OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml + OS::TripleO::Services::SwiftProxy: OS::Heat::None + OS::TripleO::Services::SwiftStorage: OS::Heat::None + OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None + OS::TripleO::Services::Keystone: OS::Heat::None + OS::TripleO::Services::GlanceApi: OS::Heat::None + OS::TripleO::Services::MySQL: OS::Heat::None + OS::TripleO::Services::MySQLClient: OS::Heat::None + OS::TripleO::Services::NeutronBgpVpnApi: OS::Heat::None + OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None + OS::TripleO::Services::NeutronL3Agent: OS::Heat::None + OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None + OS::TripleO::Services::NeutronServer: OS::Heat::None + OS::TripleO::Services::NeutronCorePlugin: OS::Heat::None + OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None + OS::TripleO::Services::RabbitMQ: OS::Heat::None + OS::TripleO::Services::HAproxy: OS::Heat::None + OS::TripleO::Services::Keepalived: OS::Heat::None + OS::TripleO::Services::Memcached: OS::Heat::None + OS::TripleO::Services::NovaConductor: OS::Heat::None + OS::TripleO::Services::NovaApi: OS::Heat::None + OS::TripleO::Services::NovaPlacement: OS::Heat::None + OS::TripleO::Services::NovaMetadata: OS::Heat::None + OS::TripleO::Services::NovaScheduler: OS::Heat::None + OS::TripleO::Services::NovaCompute: OS::Heat::None + OS::TripleO::Services::NovaLibvirt: OS::Heat::None + OS::TripleO::Services::Docker: ../../puppet/services/docker.yaml + + + +parameter_defaults: + ControllerServices: + - OS::TripleO::Services::Docker + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::Sshd + - OS::TripleO::Services::OpenShift::Master + - OS::TripleO::Services::OpenShift::Worker + ComputeServices: + - OS::TripleO::Services::Docker + - OS::TripleO::Services::Kernel + - OS::TripleO::Services::Ntp + - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Timezone + - OS::TripleO::Services::TripleoPackages + - OS::TripleO::Services::TripleoFirewall + - OS::TripleO::Services::Sshd + - OS::TripleO::Services::OpenShift::Worker + Debug: true diff --git a/environments/openshift.yaml b/environments/openshift.yaml new file mode 100644 index 0000000000..da63cbb0b1 --- /dev/null +++ b/environments/openshift.yaml @@ -0,0 +1,4 @@ +resource_registry: + OS::TripleO::Services::Docker: ../puppet/services/docker.yaml + OS::TripleO::Services::OpenShift::Worker: ../extraconfig/services/openshift-worker.yaml + OS::TripleO::Services::OpenShift::Master: ../extraconfig/services/openshift-master.yaml diff --git a/extraconfig/services/openshift-master.yaml b/extraconfig/services/openshift-master.yaml new file mode 100644 index 0000000000..36d9d64ae6 --- /dev/null +++ b/extraconfig/services/openshift-master.yaml @@ -0,0 +1,176 @@ +heat_template_version: ocata + +description: External tasks definition for OpenShift + +parameters: + RoleNetIpMap: + default: {} + type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the Openshift Service + value: + service_name: openshift_master + config_settings: + tripleo.openshift_master.firewall_rules: + '200 openshift-master api': + dport: 6443 + proto: tcp + '200 openshift-master etcd': + dport: + - 2379 + - 2380 + proto: tcp + upgrade_tasks: [] + step_config: '' + external_deploy_tasks: + - name: openshift_master step 2 + when: step == '2' + block: + - name: create openshift temp dirs + file: + path: "{{item}}" + state: directory + with_items: + - "{{playbook_dir}}/openshift" + - name: generate openshift inventory + copy: + dest: "{{playbook_dir}}/openshift/inventory.yml" + content: | + masters: + hosts: + {% for host in groups['openshift_master'] -%} + {{ hostvars.raw_get(host)['ansible_hostname'] }}: + ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }} + ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }} + ansible_become: true + {% endfor %} + + nodes: + hosts: + {% for host in groups['openshift_worker'] -%} + {{ hostvars.raw_get(host)['ansible_hostname'] }}: + ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }} + ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }} + ansible_become: true + {% endfor %} + + etcd: + children: + masters: {} + + OSEv3: + children: + masters: {} + nodes: {} + + - name: generate openshift global vars + copy: + dest: "{{playbook_dir}}/openshift/global_vars.yml" + content: | + containerized: true + openshift_master_cluster_method: native + openshift_use_dnsmasq: true + openshift_deployment_type: origin + openshift_release: '3.6' + openshift_image_tag: v3.6.1 + enable_excluders: false + openshift_docker_selinux_enabled: false + osm_etcd_image: "registry.fedoraproject.org/f27/etcd" + # NOTE(flaper87): Needed for the gate + openshift_disable_check: disk_availability,docker_storage,memory_availability,docker_image_availability + skip_ovs_svc_handlers: true + + - name: generate openshift playbook + copy: + dest: "{{playbook_dir}}/openshift/playbook.yml" + content: | + # NOTE(flaper87): The NetworkManager setup has been moved + # into openshift-ansible but it's not been released yet. + # This code will go away as soon as an rpm with the required + # roles hits the repo. + - name: Install NetworkManager + hosts: all + + tasks: + - name: install NetworkManager + package: + name: NetworkManager + state: present + + - name: generate nm dispatcher script + copy: + dest: "/etc/NetworkManager/dispatcher.d/99-os-net-config-origin-dns.sh" + owner: root + mode: 0755 + content: >- + #!/bin/bash -x + + for dev in $(jq '.network_config[] | {name}.name' /etc/os-net-config/config.json); + do + temp="${dev%\"}" + temp="${temp#\"}" + export DEVICE_IFACE=$temp + + /etc/NetworkManager/dispatcher.d/99-origin-dns.sh $DEVICE_IFACE up + done + + - name: Enable NetworkManager + service: + name: NetworkManager + state: restarted + enabled: yes + + - include: /usr/share/ansible/openshift-ansible/playbooks/byo/config.yml + - name: set openshift command + set_fact: + openshift_command: >- + {%- if openshift_command is defined -%} + {{openshift_command}} + {%- else -%} + ANSIBLE_HOST_KEY_CHECKING=False + ansible-playbook + -i '{{playbook_dir}}/openshift/inventory.yml' + --extra-vars '@{{playbook_dir}}/openshift/global_vars.yml' + '{{playbook_dir}}/openshift/playbook.yml' + {%- endif -%} + - name: print openshift command + debug: + var: openshift_command + - name: run openshift (immediate log at {{playbook_dir}}/openshift/playbook.log) + shell: | + {{openshift_command}} 2>&1 | tee {{playbook_dir}}/openshift/playbook.log + exit ${PIPESTATUS[0]} + register: outputs + - name: print openshift outputs + debug: + var: (outputs.stderr|default('')).split('\n')|union(outputs.stdout_lines|default([])) + failed_when: outputs|failed + when: outputs is defined diff --git a/extraconfig/services/openshift-worker.yaml b/extraconfig/services/openshift-worker.yaml new file mode 100644 index 0000000000..38dd5a7103 --- /dev/null +++ b/extraconfig/services/openshift-worker.yaml @@ -0,0 +1,54 @@ +heat_template_version: ocata + +description: External tasks definition for OpenShift + +parameters: + RoleNetIpMap: + default: {} + type: json + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the Openshift Service + value: + # This service template essentially tags the nodes that we want + # as workers. The actual installation is performed in + # openshift-master service template. + service_name: openshift_worker + config_settings: + tripleo.openshift_worker.firewall_rules: + '200 openshift-worker kubelet': + dport: + - 10250 + - 10255 + proto: tcp + '200 openshift-worker external services': + dport: '30000-32767' + upgrade_tasks: [] + step_config: '' diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index dffcd5ed6a..b974c91a68 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -208,6 +208,8 @@ resource_registry: OS::TripleO::Services::NovaMigrationTarget: puppet/services/nova-migration-target.yaml OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml OS::TripleO::Services::ContainersLogrotateCrond: OS::Heat::None + OS::TripleO::Services::OpenShift::Master: OS::Heat::None + OS::TripleO::Services::OpenShift::Worker: OS::Heat::None OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml OS::TripleO::Services::SwiftDispersion: puppet/services/swift-dispersion.yaml OS::TripleO::Services::ExternalSwiftProxy: OS::Heat::None