Contrail TSN node tasks
Change-Id: I8a0bf78bd9056edfeb44678367ebc435c3534c07 Signed-off-by: Illia Polliul <ipolliul@mirantis.com>
This commit is contained in:
parent
0943990630
commit
0391dd7e57
|
@ -0,0 +1,18 @@
|
|||
# Copyright 2016 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
notice('MODULAR: contrail/contrail-tsn-provision.pp')
|
||||
|
||||
include contrail
|
||||
class { 'contrail::provision::tsn': }
|
|
@ -0,0 +1,18 @@
|
|||
# Copyright 2016 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
notice('MODULAR: contrail/reconfigure-contrail-tsn-vrouter.pp')
|
||||
|
||||
include contrail
|
||||
class { 'contrail::tsn': }
|
|
@ -110,6 +110,14 @@ class contrail {
|
|||
$dpdk_vf_number = 0
|
||||
$sriov_hash = get_sriov_devices($compute_dpkd_on_vf, $phys_dev)
|
||||
|
||||
# ToR agent settings
|
||||
$enable_tor_agents = $settings['enable_tor_agents']
|
||||
$tor_agents_ssl = $settings['tor_agents_ssl']
|
||||
if $enable_tor_agents == true {
|
||||
$tor_agents_configurations = parseyaml($settings['tor_agents_configurations'])
|
||||
}
|
||||
|
||||
|
||||
# Custom mount point for contrail-db
|
||||
$cassandra_path = '/var/lib/contrail_db'
|
||||
|
||||
|
|
|
@ -0,0 +1,69 @@
|
|||
# Copyright 2016 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
define contrail::provision::tor_agent(
|
||||
$ovs_port,
|
||||
$ovs_protocol,
|
||||
$tor_device_name,
|
||||
$tor_vendor_name,
|
||||
$tor_mgmt_ip,
|
||||
$tor_tun_ip,
|
||||
$contrail_dev_ip = $::contrail::address,
|
||||
$tsn_vip_ip = $::contrail::address,
|
||||
$tor_id = $name,
|
||||
$contrail_discovery_server = $::contrail::contrail_private_vip,
|
||||
)
|
||||
{
|
||||
|
||||
Exec {
|
||||
provider => 'shell',
|
||||
path => '/bin:/sbin:/usr/bin:/usr/sbin',
|
||||
}
|
||||
|
||||
exec { "provision-tor-agent-${name}":
|
||||
command => "contrail-provision-vrouter \
|
||||
--api_server_ip ${::contrail::contrail_mgmt_vip} \
|
||||
--api_server_port 8082 \
|
||||
--openstack_ip ${::contrail::keystone_address} \
|
||||
--oper add \
|
||||
--host_name '${::fqdn}-${tor_id}' \
|
||||
--host_ip ${::contrail::address} \
|
||||
--admin_user '${::contrail::neutron_user}' \
|
||||
--admin_tenant_name '${::contrail::service_tenant}' \
|
||||
--admin_password '${::contrail::service_token}' \
|
||||
--router_type tor-agent \
|
||||
&& touch /opt/contrail/provision-tor-agent-${name}-DONE",
|
||||
creates => "/opt/contrail/provision-tor-agent-${name}-DONE",
|
||||
}
|
||||
|
||||
exec { "provision-tor-${name}":
|
||||
command => "python /opt/contrail/utils/provision_physical_device.py \
|
||||
--device_name ${tor_device_name} \
|
||||
--vendor_name ${tor_vendor_name} \
|
||||
--device_mgmt_ip ${tor_mgmt_ip} \
|
||||
--device_tunnel_ip ${tor_tun_ip} \
|
||||
--device_tor_agent ${::fqdn}-${tor_id} \
|
||||
--device_tsn ${::fqdn} \
|
||||
--oper add \
|
||||
--admin_user '${::contrail::neutron_user}' \
|
||||
--admin_tenant_name '${::contrail::service_tenant}' \
|
||||
--admin_password '${::contrail::service_token}' \
|
||||
--api_server_ip ${::contrail::contrail_mgmt_vip} \
|
||||
--api_server_port 8082 \
|
||||
--openstack_ip ${::contrail::keystone_address} \
|
||||
&& touch /opt/contrail/provision-tor-${name}-DONE",
|
||||
creates => "/opt/contrail/provision-tor-${name}-DONE",
|
||||
require => Exec["provision-tor-agent-${name}"],
|
||||
}
|
||||
}
|
|
@ -0,0 +1,48 @@
|
|||
# Copyright 2016 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
class contrail::provision::tsn {
|
||||
|
||||
Exec {
|
||||
provider => 'shell',
|
||||
path => '/bin:/sbin:/usr/bin:/usr/sbin',
|
||||
}
|
||||
|
||||
package { 'contrail-utils':
|
||||
ensure => present,
|
||||
} ->
|
||||
file { '/etc/contrail/vnc_api_lib.ini':
|
||||
content => template('contrail/vnc_api_lib.ini.erb')
|
||||
} ->
|
||||
file { '/opt/contrail':
|
||||
ensure => 'directory',
|
||||
}
|
||||
|
||||
exec { 'provision-tsn-vrouter':
|
||||
command => "contrail-provision-vrouter \
|
||||
--api_server_ip ${::contrail::contrail_mgmt_vip} \
|
||||
--api_server_port 8082 \
|
||||
--openstack_ip ${::contrail::keystone_address} \
|
||||
--oper add \
|
||||
--host_name ${::fqdn} \
|
||||
--host_ip ${::contrail::address} \
|
||||
--admin_user '${::contrail::neutron_user}' \
|
||||
--admin_tenant_name '${::contrail::service_tenant}' \
|
||||
--admin_password '${::contrail::service_token}' \
|
||||
--router_type tor-service-node \
|
||||
&& touch /opt/contrail/provision-vrouter-DONE",
|
||||
creates => '/opt/contrail/provision-vrouter-DONE',
|
||||
require => File['/opt/contrail'],
|
||||
}
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
# Copyright 2016 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
define contrail::tor_agent (
|
||||
$ovs_port,
|
||||
$ovs_protocol,
|
||||
$tor_device_name,
|
||||
$tor_vendor_name,
|
||||
$tor_mgmt_ip,
|
||||
$tor_tun_ip,
|
||||
$contrail_dev_ip = $::contrail::address,
|
||||
$tsn_vip_ip = $::contrail::address,
|
||||
$tor_id = $name,
|
||||
$contrail_discovery_server = $::contrail::contrail_private_vip,
|
||||
)
|
||||
{
|
||||
|
||||
file{"/etc/contrail/contrail-tor-agent-${name}.conf":
|
||||
content => template('contrail/contrail-tor-agent.conf.erb')
|
||||
}
|
||||
|
||||
file{"/etc/contrail/supervisord_vrouter_files/contrail-tor-agent-${name}.ini":
|
||||
content => template('contrail/contrail-tor-agent.ini.erb')
|
||||
}
|
||||
|
||||
if $ovs_protocol == 'pssl' {
|
||||
exec { "generate_tor-${name}_cert":
|
||||
provider => 'shell',
|
||||
path => '/usr/bin:/bin:/sbin',
|
||||
cwd => '/etc/contrail/',
|
||||
command => "ovs-pki req+sign tor-${name}",
|
||||
creates => "/etc/contrail/tor-${name}-cert.pem",
|
||||
require => Exec['generate_ca_cert'],
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,61 @@
|
|||
# Copyright 2016 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
class contrail::tsn () {
|
||||
|
||||
if $::contrail::enable_tor_agents == true {
|
||||
|
||||
if $::contrail::tor_agents_ssl == false {
|
||||
$default_ovs_protocol = 'tcp'
|
||||
} else {
|
||||
$default_ovs_protocol = 'pssl'
|
||||
}
|
||||
package {'openvswitch-common':
|
||||
ensure => present
|
||||
}
|
||||
|
||||
exec { 'generate_ca_cert':
|
||||
provider => 'shell',
|
||||
path => '/usr/bin:/bin:/sbin',
|
||||
command => 'ovs-pki init --force',
|
||||
creates => '/var/lib/openvswitch/pki/switchca/cacert.pem',
|
||||
require => Package['openvswitch-common'],
|
||||
}
|
||||
|
||||
service {'nova-compute':
|
||||
ensure => stopped
|
||||
} ->
|
||||
|
||||
ini_setting {'set_tsn_vrouter':
|
||||
ensure => present,
|
||||
path => '/etc/contrail/contrail-vrouter-agent.conf',
|
||||
section => 'DEFAULT',
|
||||
setting => 'agent_mode',
|
||||
value => 'tsn',
|
||||
} ~>
|
||||
|
||||
service {'supervisor-vrouter':
|
||||
ensure => 'running'
|
||||
}
|
||||
|
||||
$tor_agents_defaults = {
|
||||
'notify' => 'Service[supervisor-vrouter]',
|
||||
'ovs_protocol' => $default_ovs_protocol,
|
||||
}
|
||||
|
||||
create_resources(::contrail::tor_agent, $::contrail::tor_agents_configurations, $tor_agents_defaults)
|
||||
create_resources(::contrail::provision::tor_agent, $::contrail::tor_agents_configurations)
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,117 @@
|
|||
#
|
||||
# Vnswad configuration options
|
||||
#
|
||||
|
||||
[CONTROL-NODE]
|
||||
# IP address to be used to connect to control-node. Maximum of 2 IP addresses
|
||||
# (separated by a space) can be provided. If no IP is configured then the
|
||||
# value provided by discovery service will be used. (optional)
|
||||
# server=10.0.0.1 10.0.0.2
|
||||
|
||||
[DEFAULT]
|
||||
agent_name=<%= @fqdn -%>-<%= @tor_id %>
|
||||
|
||||
# Everything in this section is optional
|
||||
|
||||
# IP address and port to be used to connect to collector. If these are not
|
||||
# configured, value provided by discovery service will be used. Multiple
|
||||
# IP:port strings separated by space can be provided
|
||||
# collectors=127.0.0.1:8086
|
||||
|
||||
# Enable/disable debug logging. Possible values are 0 (disable) and 1 (enable)
|
||||
# debug=0
|
||||
|
||||
# Aging time for flow-records in seconds
|
||||
# flow_cache_timeout=0
|
||||
|
||||
# Hostname of compute-node. If this is not configured value from `hostname`
|
||||
# will be taken
|
||||
# hostname=
|
||||
|
||||
# Category for logging. Default value is '*'
|
||||
# log_category=
|
||||
|
||||
# Local log file name
|
||||
log_file=/var/log/contrail/contrail-tor-agent-<%= @tor_id -%>.log
|
||||
|
||||
# Log severity levels. Possible values are SYS_EMERG, SYS_ALERT, SYS_CRIT,
|
||||
# SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO and SYS_DEBUG. Default is SYS_DEBUG
|
||||
# log_level=SYS_DEBUG
|
||||
|
||||
# Enable/Disable local file logging. Possible values are 0 (disable) and 1 (enable)
|
||||
# log_local=0
|
||||
|
||||
# Enable/Disable local flow message logging. Possible values are 0 (disable) and 1 (enable)
|
||||
# log_flow=0
|
||||
|
||||
# Encapsulation type for tunnel. Possible values are MPLSoGRE, MPLSoUDP, VXLAN
|
||||
# tunnel_type=
|
||||
|
||||
# Enable/Disable headless mode for agent. In headless mode agent retains last
|
||||
# known good configuration from control node when all control nodes are lost.
|
||||
# Possible values are true(enable) and false(disable)
|
||||
# headless_mode=
|
||||
|
||||
# Define agent mode. Only supported value is "tor"
|
||||
agent_mode=tor
|
||||
|
||||
|
||||
|
||||
# Http server port for inspecting vnswad state (useful for debugging)
|
||||
# http_server_port=8085
|
||||
http_server_port=<%= @tor_id +8084 %>
|
||||
|
||||
[DISCOVERY]
|
||||
#If DEFAULT.collectors and/or CONTROL-NODE and/or DNS is not specified this
|
||||
#section is mandatory. Else this section is optional
|
||||
|
||||
# IP address of discovery server
|
||||
server=<%= @contrail_discovery_server %>
|
||||
|
||||
# Number of control-nodes info to be provided by Discovery service. Possible
|
||||
# values are 1 and 2
|
||||
# max_control_nodes=1
|
||||
|
||||
[DNS]
|
||||
# IP address to be used to connect to dns-node. Maximum of 2 IP addresses
|
||||
# (separated by a space) can be provided. If no IP is configured then the
|
||||
# value provided by discovery service will be used. (Optional)
|
||||
# server=10.0.0.1 10.0.0.2
|
||||
|
||||
[NETWORKS]
|
||||
# control-channel IP address used by WEB-UI to connect to vnswad to fetch
|
||||
# required information (Optional)
|
||||
control_network_ip=<%= @contrail_dev_ip %>
|
||||
|
||||
[TOR]
|
||||
# IP address of the TOR to manage
|
||||
tor_ip=<%= @tor_mgmt_ip %>
|
||||
|
||||
# Identifier for ToR. Agent will subscribe to ifmap-configuration by this name
|
||||
tor_id=<%= @tor_id %>
|
||||
|
||||
# ToR management scheme is based on this type. Only supported value is "ovs"
|
||||
tor_type=ovs
|
||||
|
||||
# OVS server port number on the ToR
|
||||
tor_ovs_port=<%=@ovs_port%>
|
||||
|
||||
# IP-Transport protocol used to connect to tor. Supported values are "tcp", "pssl"
|
||||
tor_ovs_protocol=<%=@ovs_protocol%>
|
||||
|
||||
|
||||
<% if @ovs_protocol == 'pssl' -%>
|
||||
# Path to ssl certificate for tor-agent, needed for pssl
|
||||
ssl_cert=/etc/contrail/tor-<%= @tor_id -%>-cert.pem
|
||||
|
||||
# Path to ssl private-key for tor-agent, needed for pssl
|
||||
ssl_privkey=/etc/contrail/tor-<%= @tor_id -%>-privkey.pem
|
||||
|
||||
# Path to ssl cacert for tor-agent, needed for pssl
|
||||
ssl_cacert=/var/lib/openvswitch/pki/switchca/cacert.pem
|
||||
<% end -%>
|
||||
|
||||
tsn_ip=<%= @tsn_vip_ip %>
|
||||
|
||||
# OVS keep alive timer interval in milliseconds
|
||||
tor_keepalive_interval=10000
|
|
@ -0,0 +1,13 @@
|
|||
|
||||
[program:contrail-tor-agent-<%= @tor_id -%>]
|
||||
command=/usr/bin/contrail-tor-agent --config_file /etc/contrail/contrail-tor-agent-<%= @tor_id -%>.conf
|
||||
priority=420
|
||||
autostart=true
|
||||
killasgroup=true
|
||||
stopsignal=KILL
|
||||
stdout_capture_maxbytes=1MB
|
||||
redirect_stderr=true
|
||||
stdout_logfile=/var/log/contrail/contrail-tor-agent-<%= @tor_id -%>-stdout.log
|
||||
stderr_logfile=/dev/null
|
||||
startsecs=5
|
||||
exitcodes=0 ; 'expected' exit codes for process (default 0,2)
|
|
@ -61,6 +61,17 @@
|
|||
parameters:
|
||||
strategy:
|
||||
type: parallel
|
||||
|
||||
- id: contrail-tsn
|
||||
type: group
|
||||
role: [contrail-tsn]
|
||||
tasks: [hiera, globals, tools, logging, netconfig, hosts, deploy_start]
|
||||
required_for: [deploy_end]
|
||||
requires: [deploy_start, primary-contrail-control]
|
||||
parameters:
|
||||
strategy:
|
||||
type: parallel
|
||||
|
||||
#
|
||||
# Group for post-deployment tasks
|
||||
- id: contrail-post-deploy
|
||||
|
@ -335,6 +346,54 @@
|
|||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 720
|
||||
|
||||
##############################################################
|
||||
# TSN tasks section
|
||||
##############################################################
|
||||
|
||||
# Set proper apt pin for Contrail repository
|
||||
- id: contrail-repository-tsn
|
||||
type: puppet
|
||||
groups: [contrail-tsn]
|
||||
required_for: [tools]
|
||||
requires: [deploy_start, globals]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/contrail-compute-repo.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 720
|
||||
|
||||
- id: contrail-tsn-vrouter
|
||||
type: puppet
|
||||
role: [contrail-tsn]
|
||||
requires: [post_deployment_start]
|
||||
required_for: [reconfigure-contrail-tsn-vrouter]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/contrail-compute-vrouter.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 720
|
||||
|
||||
- id: reconfigure-contrail-tsn-vrouter
|
||||
type: puppet
|
||||
role: [contrail-tsn]
|
||||
requires: [contrail-tsn-vrouter]
|
||||
required_for: [provision-tsn-vrouter]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/reconfigure-contrail-tsn-vrouter.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 720
|
||||
|
||||
|
||||
- id: provision-tsn-vrouter
|
||||
type: puppet
|
||||
role: [contrail-tsn]
|
||||
required_for: [post_deployment_end]
|
||||
requires: [reconfigure-contrail-tsn-vrouter]
|
||||
parameters:
|
||||
puppet_manifest: puppet/manifests/contrail-tsn-provision.pp
|
||||
puppet_modules: puppet/modules:/etc/puppet/modules
|
||||
timeout: 720
|
||||
|
||||
|
||||
|
||||
##############################################################
|
||||
# Compute tasks section
|
||||
##############################################################
|
||||
|
|
|
@ -141,3 +141,30 @@ attributes:
|
|||
restrictions:
|
||||
- action: hide
|
||||
condition: not (settings:contrail.contrail_global_sriov.value == true)
|
||||
enable_tor_agents:
|
||||
value: false
|
||||
label: "Enable ToR agents"
|
||||
description: "Enable this option to unlock the Tor Agent configuration feature."
|
||||
weight: 230
|
||||
type: "checkbox"
|
||||
tor_agents_ssl:
|
||||
value: false
|
||||
label: "Enable ToR agents ssl mode"
|
||||
description: "Enable this option to generate ssl certificates and configure them for tor agents."
|
||||
weight: 240
|
||||
type: "checkbox"
|
||||
restrictions:
|
||||
- condition: "settings:contrail.enable_tor_agents.value == false"
|
||||
action: "hide"
|
||||
tor_agents_configurations:
|
||||
value: ""
|
||||
label: "Configuration for TOR agents"
|
||||
description: "Provide here configuration data for ToR agents in YAML format"
|
||||
weight: 250
|
||||
type: "textarea"
|
||||
regex:
|
||||
source: '.'
|
||||
error: "Provide information for ToR agents"
|
||||
restrictions:
|
||||
- condition: "settings:contrail.enable_tor_agents.value == false"
|
||||
action: "hide"
|
|
@ -37,6 +37,19 @@ contrail-control:
|
|||
- ceph-osd
|
||||
- cinder
|
||||
|
||||
contrail-tsn:
|
||||
name: Contrail - TSN node
|
||||
description: >
|
||||
Contrail TSN role. Provides Control TSN and TOR agent components of Contrail.
|
||||
has_primary: false
|
||||
public_ip_required: false
|
||||
weight: 100
|
||||
conflicts:
|
||||
- controller
|
||||
- compute
|
||||
- ceph-osd
|
||||
- cinder
|
||||
|
||||
dpdk:
|
||||
name: DPDK compute
|
||||
description: >
|
||||
|
|
Loading…
Reference in New Issue