From fcaa0cc3e556db2f63f8042d25e7c6c173dd2fcd Mon Sep 17 00:00:00 2001 From: Artem Savinov Date: Tue, 6 Sep 2016 16:22:41 +0300 Subject: [PATCH] Setting up compute nodes to work with nsx-t Added nsx-t components to compute node Added create predefined network Change-Id: I8647c220c4f8750b503568655d1be4a1774845d7 --- .../puppet/manifests/compute-nova-config.pp | 18 +++++ .../manifests/compute-vmware-nova-config.pp | 21 ++++-- .../manifests/neutron-network-create.pp | 59 ++++++++++++++++ ...-node.pp => reg-node-as-transport-node.pp} | 65 ++++++++++++----- ...ane.pp => reg-node-on-management-plane.pp} | 2 +- .../puppet/parser/functions/get_interfaces.rb | 14 ++++ .../nsxt_create_transport_node.rb | 6 +- .../puppet/type/nsxt_create_transport_node.rb | 4 +- deployment_tasks.yaml | 63 ++++++++++++++--- environment_config.yaml | 69 ++++++++++++++++--- 10 files changed, 270 insertions(+), 51 deletions(-) create mode 100644 deployment_scripts/puppet/manifests/compute-nova-config.pp create mode 100644 deployment_scripts/puppet/manifests/neutron-network-create.pp rename deployment_scripts/puppet/manifests/{reg-controller-as-transport-node.pp => reg-node-as-transport-node.pp} (51%) rename deployment_scripts/puppet/manifests/{reg-controller-on-management-plane.pp => reg-node-on-management-plane.pp} (91%) create mode 100644 deployment_scripts/puppet/modules/nsxt/lib/puppet/parser/functions/get_interfaces.rb diff --git a/deployment_scripts/puppet/manifests/compute-nova-config.pp b/deployment_scripts/puppet/manifests/compute-nova-config.pp new file mode 100644 index 0000000..567a627 --- /dev/null +++ b/deployment_scripts/puppet/manifests/compute-nova-config.pp @@ -0,0 +1,18 @@ +notice('fuel-plugin-nsx-t: compute_nova_config.pp') + +include ::nova::params + +nova_config { + 'neutron/service_metadata_proxy': value => 'True'; + 'neutron/ovs_bridge': value => 'nsx-managed'; +} + +service { 'nova-compute': + ensure => running, + name => $::nova::params::compute_service_name, + enable => true, + hasstatus => true, + hasrestart => true, +} + +Nova_config<| |> ~> Service['nova-compute'] diff --git a/deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp b/deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp index 02b7e17..2944f79 100644 --- a/deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp +++ b/deployment_scripts/puppet/manifests/compute-vmware-nova-config.pp @@ -1,14 +1,9 @@ notice('fuel-plugin-nsx-t: compute_vmware_nova_config.pp') include ::nova::params -include ::nsxt::params $neutron_config = hiera_hash('neutron_config') $neutron_metadata_proxy_secret = $neutron_config['metadata']['metadata_proxy_shared_secret'] -$nova_parameters = { - 'neutron/service_metadata_proxy' => { value => 'True' }, - 'neutron/metadata_proxy_shared_secret' => { value => $neutron_metadata_proxy_secret } -} $management_vip = hiera('management_vip') $service_endpoint = hiera('service_endpoint', $management_vip) @@ -36,4 +31,18 @@ class {'nova::network::neutron': neutron_ovs_bridge => '', } -create_resources(nova_config, $nova_parameters) +nova_config { + 'neutron/service_metadata_proxy': value => 'True'; + 'neutron/metadata_proxy_shared_secret': value => $neutron_metadata_proxy_secret; +} + +service { 'nova-compute': + ensure => running, + name => $::nova::params::compute_service_name, + enable => true, + hasstatus => true, + hasrestart => true, +} + +Class['nova::network::neutron'] ~> Service['nova-compute'] +Nova_config<| |> ~> Service['nova-compute'] diff --git a/deployment_scripts/puppet/manifests/neutron-network-create.pp b/deployment_scripts/puppet/manifests/neutron-network-create.pp new file mode 100644 index 0000000..e1ef054 --- /dev/null +++ b/deployment_scripts/puppet/manifests/neutron-network-create.pp @@ -0,0 +1,59 @@ +notice('fuel-plugin-nsx-t: neutron-network-create.pp') + +include ::nsxt::params + +$access_hash = hiera_hash('access',{}) +$neutron_config = hiera_hash('neutron_config') +$floating_net = try_get_value($neutron_config, 'default_floating_net', 'net04_ext') +$internal_net = try_get_value($neutron_config, 'default_private_net', 'net04') +$os_tenant_name = try_get_value($access_hash, 'tenant', 'admin') +$settings = hiera($::nsxt::params::hiera_key) + +$floating_ip_range = split($settings['floating_ip_range'], '-') +$floating_ip_range_start = $floating_ip_range[0] +$floating_ip_range_end = $floating_ip_range[1] +$floating_net_allocation_pool = "start=${floating_ip_range_start},end=${floating_ip_range_end}" + +$floating_net_cidr = $settings['floating_net_cidr'] +$floating_net_gw = $settings['floating_net_gw'] +$default_floating_net_gw = regsubst($floating_net_cidr,'^(\d+\.\d+\.\d+)\.\d+/\d+$','\1.1') + +neutron_network { $floating_net : + ensure => 'present', + provider_physical_network => $settings['external_network'], + provider_network_type => 'local', + router_external => true, + tenant_name => $os_tenant_name, + shared => true, +} +neutron_subnet { "${floating_net}__subnet" : + ensure => 'present', + cidr => $floating_net_cidr, + network_name => $floating_net, + tenant_name => $os_tenant_name, + gateway_ip => pick($floating_net_gw,$default_floating_net_gw), + enable_dhcp => false, + allocation_pools => $floating_net_allocation_pool, + require => Neutron_network[$floating_net], +} + +$internal_net_dns = split($settings['internal_net_dns'], ',') +$internal_net_cidr = $settings['internal_net_cidr'] + +neutron_network { $internal_net : + ensure => 'present', + provider_physical_network => false, + router_external => false, + tenant_name => $os_tenant_name, + shared => true, +} +neutron_subnet { "${internal_net}__subnet" : + ensure => 'present', + cidr => $internal_net_cidr, + network_name => $internal_net, + tenant_name => $os_tenant_name, + gateway_ip => regsubst($internal_net_cidr,'^(\d+\.\d+\.\d+)\.\d+/\d+$','\1.1'), + enable_dhcp => true, + dns_nameservers => pick($internal_net_dns,[]), + require => Neutron_network[$internal_net], +} diff --git a/deployment_scripts/puppet/manifests/reg-controller-as-transport-node.pp b/deployment_scripts/puppet/manifests/reg-node-as-transport-node.pp similarity index 51% rename from deployment_scripts/puppet/manifests/reg-controller-as-transport-node.pp rename to deployment_scripts/puppet/manifests/reg-node-as-transport-node.pp index b3734f5..72eaa37 100644 --- a/deployment_scripts/puppet/manifests/reg-controller-as-transport-node.pp +++ b/deployment_scripts/puppet/manifests/reg-node-as-transport-node.pp @@ -1,4 +1,4 @@ -notice('fuel-plugin-nsx-t: reg-controller-as-transport-node.pp') +notice('fuel-plugin-nsx-t: reg-node-as-transport-node.pp') include ::nsxt::params @@ -7,21 +7,28 @@ $managers = $settings['nsx_api_managers'] $user = $settings['nsx_api_user'] $password = $settings['nsx_api_password'] $uplink_profile_uuid = $settings['uplink_profile_uuid'] -$static_ip_pool_uuid = $settings['static_ip_pool_uuid'] -$transport_zone_uuid = $settings['transport_zone_uuid'] -$pnics_pairs = $settings['pnics_pairs'] +$transport_zone_uuid = $settings['default_overlay_tz_uuid'] -nsxt_create_transport_node { 'Add transport node': - ensure => present, - managers => $managers, - username => $user, - password => $password, - uplink_profile_id => $uplink_profile_uuid, - pnics => $pnics_pairs, - static_ip_pool_id => $static_ip_pool_uuid, - transport_zone_id => $transport_zone_uuid, +if 'primary-controller' in hiera('roles') or 'controller' in hiera('roles') { + $pnics = $settings['controller_pnics_pairs'] + $static_ip_pool_uuid = $settings['controller_ip_pool_uuid'] +} else { + $pnics = $settings['compute_pnics_pairs'] + $static_ip_pool_uuid = $settings['compute_ip_pool_uuid'] } - + +$vtep_interfaces = get_interfaces($pnics) +up_interface { $vtep_interfaces: + before => Nsxt_create_transport_node['Add transport node'], +} + +firewall {'0000 Accept STT traffic': + proto => 'tcp', + dport => ['7471'], + action => 'accept', + before => Nsxt_create_transport_node['Add transport node'], +} + if !$settings['insecure'] { $ca_filename = try_get_value($settings['ca_file'],'name','') if empty($ca_filename) { @@ -33,9 +40,29 @@ if !$settings['insecure'] { Nsxt_create_transport_node { ca_file => $ca_file } } -firewall {'0000 Accept STT traffic': - proto => 'tcp', - dport => ['7471'], - action => 'accept', - before => Nsxt_create_transport_node['Add transport node'], +nsxt_create_transport_node { 'Add transport node': + ensure => present, + managers => $managers, + username => $user, + password => $password, + uplink_profile_id => $uplink_profile_uuid, + pnics => $pnics, + static_ip_pool_id => $static_ip_pool_uuid, + transport_zone_id => $transport_zone_uuid, +} + +# workaround, otherwise $title variable not work, always has a value 'main' +define up_interface { + file { $title: + ensure => file, + path => "/etc/network/interfaces.d/ifcfg-${title}", + mode => '0644', + content => "auto ${title}\niface ${title} inet manual", + replace => true, + } -> + exec { $title: + path => '/usr/sbin:/usr/bin:/sbin:/bin', + command => "ifup ${title}", + provider => 'shell', + } } diff --git a/deployment_scripts/puppet/manifests/reg-controller-on-management-plane.pp b/deployment_scripts/puppet/manifests/reg-node-on-management-plane.pp similarity index 91% rename from deployment_scripts/puppet/manifests/reg-controller-on-management-plane.pp rename to deployment_scripts/puppet/manifests/reg-node-on-management-plane.pp index 68aaff1..f809f9c 100644 --- a/deployment_scripts/puppet/manifests/reg-controller-on-management-plane.pp +++ b/deployment_scripts/puppet/manifests/reg-node-on-management-plane.pp @@ -1,4 +1,4 @@ -notice('fuel-plugin-nsx-t: reg-controller-on-management-plane.pp') +notice('fuel-plugin-nsx-t: reg-node-on-management-plane.pp') include ::nsxt::params diff --git a/deployment_scripts/puppet/modules/nsxt/lib/puppet/parser/functions/get_interfaces.rb b/deployment_scripts/puppet/modules/nsxt/lib/puppet/parser/functions/get_interfaces.rb new file mode 100644 index 0000000..c026315 --- /dev/null +++ b/deployment_scripts/puppet/modules/nsxt/lib/puppet/parser/functions/get_interfaces.rb @@ -0,0 +1,14 @@ +module Puppet::Parser::Functions + newfunction(:get_interfaces, :type => :rvalue, :doc => <<-EOS +Returns the array of interface names for nsx-t VTEPs. +EOS + ) do |args| + pnics = args[0] + vtep_interfaces = [] + pnics.each do |pnic_pair| + device,uplink = pnic_pair.split(':') + vtep_interfaces.push(device.strip) + end + return vtep_interfaces + end +end diff --git a/deployment_scripts/puppet/modules/nsxt/lib/puppet/provider/nsxt_create_transport_node/nsxt_create_transport_node.rb b/deployment_scripts/puppet/modules/nsxt/lib/puppet/provider/nsxt_create_transport_node/nsxt_create_transport_node.rb index 722039e..1ef3cbf 100644 --- a/deployment_scripts/puppet/modules/nsxt/lib/puppet/provider/nsxt_create_transport_node/nsxt_create_transport_node.rb +++ b/deployment_scripts/puppet/modules/nsxt/lib/puppet/provider/nsxt_create_transport_node/nsxt_create_transport_node.rb @@ -139,7 +139,11 @@ Puppet::Type.type(:nsxt_create_transport_node).provide(:nsxt_create_transport_no def create_pnics_array(pnics) result_pnic_pairs = [] - pnics.split(/\n+/).each do |pnic_pair| + # https://projects.puppetlabs.com/issues/9850 + if not pnics.instance_of? Array + pnics = [pnics] + end + pnics.each do |pnic_pair| device,uplink = pnic_pair.split(':') result_pnic_pairs.push({'device_name' => device.strip, 'uplink_name' => uplink.strip}) end diff --git a/deployment_scripts/puppet/modules/nsxt/lib/puppet/type/nsxt_create_transport_node.rb b/deployment_scripts/puppet/modules/nsxt/lib/puppet/type/nsxt_create_transport_node.rb index 9df1057..8343b3d 100644 --- a/deployment_scripts/puppet/modules/nsxt/lib/puppet/type/nsxt_create_transport_node.rb +++ b/deployment_scripts/puppet/modules/nsxt/lib/puppet/type/nsxt_create_transport_node.rb @@ -38,8 +38,8 @@ Puppet::Type.newtype(:nsxt_create_transport_node) do desc 'Ids of Uplink HostSwitch profiles to be associated with this HostSwitch.' end - newparam(:pnics) do - desc 'Multiline string with "device_name : uplink_name" pairs. One per line.' + newparam(:pnics, :array_matching => :all) do + desc 'Array of string with "device_name : uplink_name" pairs.' end newparam(:static_ip_pool_id) do diff --git a/deployment_tasks.yaml b/deployment_tasks.yaml index c5cecdb..b0e8d87 100644 --- a/deployment_tasks.yaml +++ b/deployment_tasks.yaml @@ -20,13 +20,29 @@ groups: - compute-vmware required_for: - - top-role-compute-vmware + - enable_nova_compute_service requires: + - top-role-compute-vmware - top-role-compute parameters: puppet_manifest: puppet/manifests/compute-vmware-nova-config.pp puppet_modules: puppet/modules - timeout: 300 + timeout: 180 + +- id: nsx-t-compute-nova-config + version: 2.0.0 + type: puppet + groups: + - compute + required_for: + - enable_nova_compute_service + requires: + - top-role-compute + - openstack-network-compute-nova + parameters: + puppet_manifest: puppet/manifests/compute-nova-config.pp + puppet_modules: puppet/modules + timeout: 180 - id: nsx-t-gem-install version: 2.0.0 @@ -36,8 +52,8 @@ - controller - compute required_for: - - nsx-t-reg-controller-on-management-plane - - nsx-t-reg-controller-as-transport-node + - nsx-t-reg-node-on-management-plane + - nsx-t-reg-node-as-transport-node requires: - setup_repositories parameters: @@ -135,7 +151,6 @@ required_for: - primary-openstack-network-agents-metadata - primary-openstack-network-agents-dhcp - - openstack-network-networks requires: - nsx-t-configure-plugin cross-depends: @@ -145,35 +160,39 @@ puppet_modules: puppet/modules timeout: 300 -- id: nsx-t-reg-controller-on-management-plane +- id: nsx-t-reg-node-on-management-plane version: 2.0.0 type: puppet groups: - primary-controller - controller + - compute required_for: - primary-openstack-network-agents-metadata - primary-openstack-network-agents-dhcp + - openstack-network-end requires: - nsx-t-install-packages parameters: - puppet_manifest: puppet/manifests/reg-controller-on-management-plane.pp + puppet_manifest: puppet/manifests/reg-node-on-management-plane.pp puppet_modules: puppet/modules timeout: 300 -- id: nsx-t-reg-controller-as-transport-node +- id: nsx-t-reg-node-as-transport-node version: 2.0.0 type: puppet groups: - primary-controller - controller + - compute required_for: - primary-openstack-network-agents-metadata - primary-openstack-network-agents-dhcp + - openstack-network-end requires: - - nsx-t-reg-controller-on-management-plane + - nsx-t-reg-node-on-management-plane parameters: - puppet_manifest: puppet/manifests/reg-controller-as-transport-node.pp + puppet_manifest: puppet/manifests/reg-node-as-transport-node.pp puppet_modules: puppet/modules timeout: 300 @@ -203,7 +222,7 @@ groups: - primary-controller required_for: - - openstack-network-networks + - openstack-network-end requires: - primary-openstack-network-agents-dhcp cross-depends: @@ -227,6 +246,22 @@ puppet_modules: puppet/modules timeout: 120 +- id: nsx-t-neutron-network-create + version: 2.0.0 + type: puppet + groups: + - primary-controller + required_for: + - openstack-network-routers + requires: + - nsx-t-primary-neutron-server-start + - nsx-t-configure-agents-dhcp + - primary-openstack-network-agents-metadata + parameters: + puppet_manifest: puppet/manifests/neutron-network-create.pp + puppet_modules: puppet/modules + timeout: 300 + # skipped tasks - id: openstack-network-networks version: 2.0.0 @@ -243,3 +278,9 @@ - id: openstack-network-agents-l3 version: 2.0.0 type: skipped +- id: openstack-network-agents-sriov + version: 2.0.0 + type: skipped +- id: enable_nova_compute_service + version: 2.0.0 + type: skipped diff --git a/environment_config.yaml b/environment_config.yaml index 69beff4..f1d62b0 100644 --- a/environment_config.yaml +++ b/environment_config.yaml @@ -85,25 +85,72 @@ attributes: source: *uuid error: 'Enter uplink profile ID' type: "text" - static_ip_pool_uuid: + controller_ip_pool_uuid: value: '' - label: 'IP pool ID for STT VTEP' + label: 'IP pool ID for controller VTEPs' weight: 50 regex: source: *uuid error: 'Enter IP pool ID' type: "text" - transport_zone_uuid: - value: '' - label: 'Transport zone ID' + controller_pnics_pairs: + value: + - 'enp0s1:uplink-1' + label: 'Colon separated pnics pairs for controller nodes' + min: 1 weight: 55 + type: "text_list" + compute_ip_pool_uuid: + value: '' + label: 'IP pool ID for compute VTEPs' + weight: 60 regex: source: *uuid - error: 'Enter transport zone ID' + error: 'Enter IP pool ID' type: "text" - pnics_pairs: - value: 'enp0s1:uplink-1' - label: 'Colon separated pnics pairs, one per line' + compute_pnics_pairs: + value: + - 'enp0s1:uplink-1' + label: 'Colon separated pnics pairs for compute nodes' min: 1 - weight: 60 - type: "textarea" + weight: 65 + type: "text_list" + floating_ip_range: + value: '' + label: 'Floating IP range' + description: 'Dash separated IP addresses allocation pool from external network, e.g. "start_ip_address-end_ip_address"' + weight: 70 + type: 'text' + regex: + source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}-(?:[0-9]{1,3}\.){3}[0-9]{1,3}$' + error: 'Invalid IP ranges' + floating_net_cidr: + value: '' + label: 'External network CIDR' + description: 'Network in CIDR notation that includes floating IP ranges' + weight: 75 + type: 'text' + regex: + source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$' + error: 'Invalid network in CIDR notation' + floating_net_gw: + value: '' + label: 'Gateway' + description: 'Default gateway for external network, if not defined, first IP address of the network is used' + weight: 80 + type: 'text' + internal_net_cidr: + value: '' + label: 'Internal network CIDR' + description: 'Network in CIDR notation for use as internal' + weight: 85 + type: 'text' + regex: + source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$' + error: 'Invalid network in CIDR notation' + internal_net_dns: + value: '' + label: 'DNS for internal network' + description: 'Comma separated IP addresses of DNS server for internal network' + weight: 90 + type: 'text'