24 Commits

Author SHA1 Message Date
Harald Jensås
e644e3dda9 Add MTU to neutron networks and nic-config templates
Neutron has support[1] to set the guaranteed MTU for
networks and network segments so that this is exposed
to plug-ins. In interest of supporting the use of
plug-ins to configure network devices in the future
this change adds MTU property on neutron networks.

The new (optional) property 'mtu' in the network
defenitions in 'network_data.yaml' is used to control
the MTU settings. By default the mtu is '1500'.

We already configure the MTU on the ctlplane neutron
networks, this adds the MTU to composable networks.

Also update the nic-config sample templates to include
mtu settings. A heat value resource is added to
nic-config templates to get the required minimum
viable MTU value for bridges, bonds and member
interfaces to ensure the MTU is large enough to allow
the largest configured MTU to traverse the path.

Closes-Bug: #1790537
Change-Id: I11e38f82eb9040f77412fe8ad200fcc48031e2f8
2018-12-22 17:03:09 +01:00
Harald Jensås
055e252872 Add ctlplane interface routes
For the isolated networks we use the subnets host_routes
to set and get the routes for overcloud node interfaces.

This change add's this to the ctlplane interface.

Partial: blueprint tripleo-routed-networks-templates
Change-Id: Id4cf0cc17bc331ae27f8d0ef8f285050330b7be0
2018-11-26 17:49:31 +01:00
Derek Higgins
ca3d5e47b0 Add scenario 012 - overlcoud baremetal+ansible-ml2
Used by a new featureset[1] that uses the neutron ansible-networking driver
to configure the switch providing networking for overcloud ironic
nodes such that tenant networks are segregated via vlan.

This scenario also sets up ssh keys so that ansible inside the neutron
container can ssh to the controller to configure OVS.

The new scenario also includes a temporary workaround to upgrade
ansible in the neutron container, this can be removed once ansible
in the container is v2.5.8+

Also remove scenario011 as the patches that used it never merged and
now the tennant networks are working in the overcloud, we'll test
with this instead.

[1] - https://review.openstack.org/#/c/579601/

Change-Id: Ife83825216ccb96a5f24918f42a757d0c48b0e9d
2018-10-24 12:38:34 +01:00
Dan Sneddon
f5f6553797 Add per-network routes to NIC templates
This change adds a new {{network.name}}InterfaceRoutes
parameter to network config templates. It takes a list
of routes i.e:
  [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}]

Co-Authored-By: Harald Jensås <hjensas@redhat.com>
Partial: blueprint tripleo-routed-networks-templates
Depends-On: Ifc5aad7a154c33488a7613c8ee038c92ee6cb1a7
Change-Id: I90aea46d3addab9792c7c9d4feff5c5f61520b9b
2018-07-30 09:53:30 +02:00
Harald Jensås
52ec1a018b DnsServers using get_attr
Nameservers are configured on the ctlplane subnets by the
undercloud installer, the nameservers are used early during
the deployment, prior to running os-net-config.

Remove the default DnsServer's in THT, replacing it with
an empty list and use get_attr to get the values for
DnsServers for the overcloud from the ctlplane subnet(s).

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not [] (default)
to provide backwards compatibilityi and in case the user
want to use different DnsServers for the overcloud and
undercloud.

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5f33e06ca3f4b13cc355e02156edd9d8a1f773cd
2018-07-14 09:19:12 +02:00
Harald Jensås
19381ecffb EC2MetadatIp using get_attr
The route to metadata service is set up in host_routes
of ctlplane subnets by extraconf post deploy::
  extraconfig/post_deploy/undercloud_ctlplane_network.py

Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'EC2MetadatIp' used in the THT/network/config/* templates.

Changes the default for 'EC2MetadatIp' to ''.
Removes the comment that the value should be overriden in
parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the
user set a different value for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'EC2MetadatIpLeafX' parameters for each leaf.  By getting
the value to pass from the server resource this change
reduces the required nic-config template customisation.
(Reduces the risk of user error.)

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I9c019ec840a44ca8c5f98be55daea365bc6554ec
2018-07-14 09:18:58 +02:00
Harald Jensås
c649cf0545 ControlPlaneDefaultRoute using get_attr
Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'ControlPlaneDefaultRoute' used in the THT/network/config/*
templates.

Changes the default for 'ControlPlaneDefaultRoute' to ''
as well as the comment that the value should be overriden
in parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the
user set a different value (different from the one used in
undercloud.conf) for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'ControlPlaneXDefaultRoute' parameters for each leaf. With
8 Leafs in addition to the network local to the undercloud
that is 8 parameters less to place in the configuration.
By getting the value to pass from the server resource this
change reduces the required nic-config template
customisation (reduces the risk of user error).

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I5139249d55e9ac01761c270b8c0f31ef35595940
2018-07-14 09:11:39 +02:00
Harald Jensås
6ab86a3ebe ControlPlaneSubnetCidr using get_attr
Use get_attr on the server resource to resolve attribute
value from the subnet(s) and pass it to the parameter
'ControlPlaneSubnetCidr' used in the THT/network/config/*
templates.

As the value is now resolved from resource attributes,
this changes the default for 'ControlPlaneSubnetCidr' to ''
as well as the comment that these value should be overriden
in parameters_defaults. It also removes the parameter from
network-environment templates.

A conditinal is used in  puppet/role.role.j2.yaml so that
the parameter value is used whenever it is not '' (the
default) to provide backwards compatibility in case the user
set a different value (different from the one used in
undercloud.conf) for this parameter in
network-environment.yaml.

When deploying a routed control plane the network config
templates would previously need to be updated to carry
'ControlPlaneXSubnetCidr' parameter (in case the subnet
mask is not the same for all the routed network leafs).
With 8 Leafs in addition to the network local to the
undercloud that is 8 parameters less to place in the
configuration. By getting the value to pass from the
server resource this change reduces the required nic-config
template customisation (reduces the risk of user error).

Partial: blueprint tripleo-routed-networks-templates
Change-Id: I92ee0f9a2107cdf1ca5903d3756a235a79c36c73
2018-07-14 09:11:28 +02:00
Derek Higgins
683de3683b Add scenario011 to install ironic in the overcloud
Depends-On: Ib3f183980ce3e383c0e6319ee373bd8438e8e6b8
Change-Id: Ice806c363950c7868f464c856c0594e5fc41b554
2018-06-25 12:09:38 +00:00
Jiri Stransky
e9e2b4d104 Don't delete br-ex on upgrade in multinode jobs
The hook for os-net-config in multinode NIC config templates contains
a call to `ovs-vsctl del-br br-ex` to remove the bridge we got from
nodepool and initialize network config. We need to avoid executing
that again on upgrade, or the Ansible process running the upgrade gets
stuck.

Change-Id: Ie36342402426d74fd528e320d60adc951bf8c9ac
Closes-Bug: #1772040
2018-05-21 17:03:43 +02:00
Carlos Camacho
44ef2a3ec1 Change template names to rocky
The new master branch should point now to rocky.

So, HOT templates should specify that they might contain features
for rocky release [1]

Also, this submission updates the yaml validation to use only latest
heat_version alias. There are cases in which we will need to set
the version for specific templates i.e. mixed versions, so there
is added a variable to assign specific templates to specific heat_version
aliases, avoiding the introductions of error by bulk replacing the
the old version in new releases.

[1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#rocky
Change-Id: Ib17526d9cc453516d99d4659ee5fa51a5aa7fb4b
2018-05-09 08:28:42 +02:00
Emilien Macchi
c43a9100fa Import net-config-simple-bridge.yaml from tropleo-ci repo
This file has been used for the containerized undercloud so we can
deploy a simple bridge with os-net-config.

We're moving the environments used for CI into THT, so we can branch
them. This is part of this effort.

Change-Id: I4255120e12123568a388c75956e6e8d32dec66aa
2018-03-02 00:31:37 +00:00
Jan Provaznik
ee65c76a27 Add a StorageNFS network for use by Manila/Ganesha
This change adds a StorageNFS network. It's required by
https://review.openstack.org/#/c/471245 which implements
NFS Ganesha backend for Manila service.

To define and enable the StorageNFS network, deploy using
network_data_ganesha.yaml instead of network_data.yaml.
Besides the former adding the StorageNFS network, these
are otherwise identical.

If enabled it's also necessary to add StorageNFSIpSubnet and
StorageNFSNetworkVlanID heat parameters into network templates.

Co-Authored-By: Dan Sneddon <dsneddon@redhat.com>

Change-Id: If31722d669efe91082c93ecb815e6c41676480c8
Partially-Implements: blueprint nfs-ganesha
2018-02-03 10:11:20 -05:00
James Slagle
86608ee51a Don't assume single sub_node in nic config
This nic config only works when there is one sub_node since we were
cat'ing /etc/nodepool/sub_nodes_private expecting to get a single IP
back. Instead, cat /etc/nodepool/node_private which will be the IP
address of the given sub_node.

Change-Id: I4958170b77838ea57c8f27531f70bf8d7a44302e
2017-11-27 16:05:27 -05:00
Carlos Camacho
927495fe3d Change template names to queens
The new master branch should point now to queens instead of pike.

So, HOT templates should specify that they might contain features
for queens release [1]

[1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#queens

Change-Id: I7654d1c59db0c4508a9d7045f452612d22493004
2017-11-23 10:15:32 +01:00
Sagi Shnaidman
bee21457c6 Use sub_nodes_private instead of node_private
node_private file doesn't exist anymore, use sub_nodes_private
instead

Change-Id: Ifb3af18733c0e1fd6895c270bb39199acaa98968
2017-10-05 04:21:37 +00:00
Dan Sneddon
e148ac870b Render IP map and host maps according to network_data.yaml
This change renders the network IP maps and hostname maps for
all networks defined in network_data.yaml. This should make it
possible to create custom networks that will be rendered for
all applicable roles.

Note that at this time all networks will be rendered whether
they are enabled or not. All networks will be present in all
roles, but ports will be associated with noop.yaml in roles
that do not use the network. This is in accordance with
previous behavior, although we may wish to change this in
the future to limit the size of the role definitions and
reduce the number of placeholder resources in deployments
with many networks.

Note that this patch is a replacement for original patch
https://review.openstack.org/#/c/486280, which I was having
trouble rebasing to current.

Change-Id: I445b008fc1240af57c2b76a5dbb6c751a05b7a2a
Depends-on: I662e8d0b3737c7807d18c8917bfce1e25baa3d8a
Partially-implements: blueprint composable-networks
2017-08-16 13:30:54 +01:00
Ben Nemec
766de0cacb Disable network validation in multinode jobs
Sometimes the infracloud gateway refuses to ping even though
everything else is working fine.  Since we have coverage of this
functionality in the OVB jobs it should be safe to turn it off
here so it stops spuriously failing our jobs.

We can't just set the resource to OS::Heat::None because there
are other resources with dependencies on it.  Instead, this adds
a noop version of the validation software config that always
returns true.

Change-Id: I8361bc8be442b45c3ef6bdccdc53598fcb1d9540
Partial-Bug: 1680167
2017-07-08 14:49:42 +00:00
Carlos Camacho
0a0e2ee629 Update the template_version alias for all the templates to pike.
Master is now the development branch for pike
changing the release alias name.

Change-Id: I938e4a983e361aefcaa0bd9a4226c296c5823127
2017-05-19 09:58:07 +02:00
Emilien Macchi
f48c665099 net-config-multinode: make controlplane int idempotent
When doing a stack-update, it will try to create the control plane
interface again.
Add this conditional so the interface is not created if already exist.

Note: this code has been taken from tripleo-ci and is consistent with
how multinode jobs are currently tested.

Co-Authored-By: James Slagle <jslagle@redhat.com>
Co-Authored-By: Steven Hardy <shardy@redhat.com>
Co-Authored-By: Mathieu Bultel <mbultel@redhat.com>

Change-Id: I773fdf5359cead6961b595e3c8192b02406452b7
Related-Bug: #1661412
2017-02-03 09:17:59 -05:00
Carlos Camacho
e5d594ea2d Moving the validation for using the template alias version for all templates
Currently we are applying this validation for the services templates, this
submission moves it to run with all templates.

Also fixed those templates not using the alias name.

Change-Id: I3a2c0ce6adcc8061fdc51f73fdc6b9748c0fead9
2017-02-02 10:52:42 +01:00
Emilien Macchi
1dd364fc8a Use os-net-config in multinode jobs
Full credits to James Slagle, author of this code in TripleO CI:
https://review.openstack.org/#/c/409346

This patch adds a new template for configuring networking on the
Overcloud nodes using os-net-config in multinode jobs. Previously we
were not using os-net-config at all.

Also updates the multinode.yaml environment to use this network config
template.

The IP of each subnode is used when the vxlan tunnels are configured in
OVS, given that, each node needs its own unique network configuration.
To accomodate that, the templates makes use of the network_config_hook
function to influence run-os-net-config.sh

This patch is just the first step to totally switching to os-net-config
in multinode jobs. The devstack-gate code is still in use to bootstrap
the initial networking on the undercloud and subnodes. That will be
switched over in subsequent patches.

Change-Id: I6efa71eb23109d0b3b480061135c572ab89f5981
Co-Authorized-By: James Slagle <jslagle@redhat.com>
Implements: blueprint multinode-ci-os-net-config
2017-01-27 14:26:31 +00:00
Steven Hardy
3c6ec654b4 Bump template version for all templates to "ocata"
Heat now supports release name aliases, so we can replace
the inconsistent mix of date related versions with one consistent
version that aligns with the supported version of heat for this
t-h-t branch.

This should also help new users who sometimes copy/paste old templates
and discover intrinsic functions in the t-h-t docs don't work because
their template version is too old.

Change-Id: Ib415e7290fea27447460baa280291492df197e54
2016-12-23 11:43:39 +00:00
Emilien Macchi
2819cb391b Import TripleO CI environments from tripleo-ci
Import TripleO CI environments from tripleo-ci into THT for some
reasons:

1) THT is branched while tripleo-ci is not. Having them here would allow
   to make scenarios able to evolve over the releases without adding
   more scenarios.
2) Help our developers to run TripleO CI scenarios themselves from THT
   by exposing the templates here.

The whole discussion is here:
http://lists.openstack.org/pipermail/openstack-dev/2016-November/107816.html

Change-Id: I3527a64c0c8f56ca77115d32849fa23fe710112d
2016-11-25 07:54:33 -05:00