Merge branch 'master' into ngs-extra

2017-10-17 17:17:22 +01:00 · 2017-10-17 17:17:22 +01:00 · 4cd2ff7e83
commit 4cd2ff7e83
parent afe1b994ac dd5a6960b9
14 changed files with 182 additions and 31 deletions
--- a/ansible/filter_plugins/switches.py
+++ b/ansible/filter_plugins/switches.py
@ -15,6 +15,22 @@
 import six


+def switch_interface_config_select_name(switch_interface_config, names):
+    """Select and return all switch interfaces matching requested names.
+
+    :param switch_interface_config: Switch interface configuration dict
+    :param names: String or list of strings - interface names to match
+    """
+    if isinstance(names, six.string_types):
+        names = [names]
+
+    return {
+        name: config
+        for name, config in switch_interface_config.items()
+        if name in names
+    }
+
+
 def switch_interface_config_select_description(switch_interface_config, descriptions):
    """Select and return all switch interfaces matching requested descriptions.

@ -32,10 +48,27 @@ def switch_interface_config_select_description(switch_interface_config, descript
    }


+def switch_interface_config_select_trunk(switch_interface_config):
+    """Select and return all switch interfaces which are trunk links.
+
+    Interfaces are assumed to be trunked, unless they have a ngs_trunk_port
+    item which is set to False.
+
+    :param switch_interface_config: Switch interface configuration dict
+    """
+    return {
+        name: config
+        for name, config in switch_interface_config.items()
+        if config.get('ngs_trunk_port', True)
+    }
+
+
 class FilterModule(object):
    """Switch filters."""

    def filters(self):
        return {
+            'switch_interface_config_select_name': switch_interface_config_select_name,
            'switch_interface_config_select_description': switch_interface_config_select_description,
+            'switch_interface_config_select_trunk': switch_interface_config_select_trunk,
        }
--- a/ansible/group_vars/all/inspector
+++ b/ansible/group_vars/all/inspector
@ -15,7 +15,7 @@ inspector_ipa_ramdisk_upstream_url: "{{ ipa_ramdisk_upstream_url }}"
 # Ironic inspector processing configuration.

 # Whether inspector should manage the firewall.
-inspector_manage_firewall: False
+inspector_manage_firewall: True

 # List of of default inspector processing plugins.
 inspector_processing_hooks_default:
--- a/ansible/group_vars/all/kolla
+++ b/ansible/group_vars/all/kolla
@ -235,6 +235,7 @@ kolla_enable_glance: "yes"
 kolla_enable_haproxy: "yes"
 kolla_enable_ironic: "yes"
 kolla_enable_neutron: "yes"
+kolla_enable_nova: "yes"
 kolla_enable_magnum: "no"
 kolla_enable_murano: "no"
 kolla_enable_sahara: "no"
--- a/ansible/kolla-openstack.yml
+++ b/ansible/kolla-openstack.yml
@ -134,7 +134,8 @@
                    'password': hostvars[item].ansible_ssh_pass,
                    'ngs_trunk_ports': (
                         hostvars[item].switch_interface_config |
-                         switch_interface_config_select_description(kolla_neutron_ml2_generic_switch_trunk_port_hosts)).keys() | join(',')
+                         switch_interface_config_select_description(kolla_neutron_ml2_generic_switch_trunk_port_hosts) |
+                         switch_interface_config_select_trunk()).keys() | join(',')
                  } | combine(hostvars[item].kolla_neutron_ml2_generic_switch_extra) ]
              }}
          with_items: "{{ kolla_neutron_ml2_generic_switch_hosts }}"
@ -184,5 +185,7 @@
      kolla_extra_neutron_ml2: "{{ kolla_extra_config.neutron_ml2 | default }}"
      kolla_extra_nova: "{{ kolla_extra_config.nova | default }}"
      kolla_extra_sahara: "{{ kolla_extra_config.sahara | default }}"
-      kolla_extra_glance_path: "{{ kayobe_config_path }}/kolla/config/glance"
      kolla_extra_fluentd_output_path: "{{ kayobe_config_path }}/kolla/config/fluentd/output"
+      kolla_extra_glance_path: "{{ kayobe_config_path }}/kolla/config/glance"
+      kolla_extra_neutron_path: "{{ kayobe_config_path }}/kolla/config/neutron"
+      kolla_extra_nova_path: "{{ kayobe_config_path }}/kolla/config/nova"
--- a/ansible/overcloud-introspection-rules.yml
+++ b/ansible/overcloud-introspection-rules.yml
@ -49,6 +49,6 @@
      # These variables may be referenced in the introspection rules.
      inspector_rule_var_ipmi_username: "{{ inspector_ipmi_username }}"
      inspector_rule_var_ipmi_password: "{{ inspector_ipmi_password }}"
-      inspector_rule_var_lldp_switch_port_interface: "{{ inspector_lldp_switch_port_interface_default }}"
+      inspector_rule_var_lldp_switch_port_interface: "{{ inspector_lldp_switch_port_interface_default or '' }}"
      inspector_rule_var_deploy_kernel: "{{ ipa_kernel_id.stdout }}"
      inspector_rule_var_deploy_ramdisk: "{{ ipa_ramdisk_id.stdout }}"
--- a/ansible/physical-network.yml
+++ b/ansible/physical-network.yml
@ -2,25 +2,75 @@
 # Switch configuration depends on the type of switch, so groups hosts by their
 # switch type and apply tasks/roles to the relevant groups.

- name: Group hosts by their switch type
+- name: Group hosts by their switch type and apply configuration filters
  hosts: switches
  gather_facts: no
  vars:
-    # Set this variable to True to configure of network for hardware discovery.
+    # Set this variable to True to configure the network for hardware
+    # discovery.
    physical_network_enable_discovery: False
+    # Set this variable to a comma-separated list of names of interfaces to
+    # configure in order to restrict configuration to a subset of interfaces.
+    physical_network_interface_limit: ''
+    # Set this variable to a comma-separated list of descriptions of interfaces
+    # to configure in order to restrict configuration to a subset of
+    # interfaces.
+    physical_network_interface_description_limit: ''
+    # Set this variable to True in order to display the candidate switch
+    # configuration and exit without applying it.
+    physical_network_display: False
  tasks:
+    - name: Fail if both interface name and description limits are specified
+      fail:
+        msg: >
+          The interface name and interface description limits are mutually
+          exclusive.
+      when:
+        - physical_network_interface_limit != ''
+        - physical_network_interface_description_limit != ''
+
    - name: Group hosts by their switch type
      group_by:
        key: "switches_of_type_{{ switch_type }}"

+    - name: Group hosts by whether display mode is set
+      group_by:
+        key: "switches_in_display_mode_{{ physical_network_display | bool }}"
+
    - name: Add discovery interface configuration when performing discovery
      set_fact:
        switch_interface_config: >
          {{ switch_interface_config | combine(switch_interface_config_discovery) }}
      when: "{{ physical_network_enable_discovery | bool }}"

+    - name: Restrict switch interfaces to requested subset by name
+      set_fact:
+        switch_interface_config: >
+          {{ switch_interface_config |
+             switch_interface_config_select_name(physical_network_interface_limit.split(",")) }}
+      when: physical_network_interface_limit != ''
+
+    - name: Restrict switch interfaces to requested subset by description
+      set_fact:
+        switch_interface_config: >
+          {{ switch_interface_config |
+             switch_interface_config_select_description(physical_network_interface_description_limit.split(",")) }}
+      when: physical_network_interface_description_limit != ''
+
+- name: Display switch configuration
+  hosts: switches_in_display_mode_True
+  gather_facts: no
+  tasks:
+    - name: Display the candidate global switch configuration
+      debug:
+        var: switch_config
+
+    - name: Display the candidate switch interface configuration
+      debug:
+        var: switch_interface_config
+
 - name: Ensure DellOS physical switches are configured
-  hosts: switches_of_type_dellos6:switches_of_type_dellos9
+  hosts: switches_of_type_dellos6:switches_of_type_dellos9:&switches_in_display_mode_False
  gather_facts: no
  roles:
    - role: ssh-known-host
@ -32,7 +82,7 @@
      dell_switch_interface_config: "{{ switch_interface_config }}"

 - name: Ensure Juniper physical switches are configured
-  hosts: switches_of_type_junos
+  hosts: switches_of_type_junos:&switches_in_display_mode_False
  gather_facts: no
  roles:
    - role: ssh-known-host
--- a/ansible/roles/kolla-ansible/vars/main.yml
+++ b/ansible/roles/kolla-ansible/vars/main.yml
@ -77,6 +77,7 @@ kolla_feature_flags:
  - cloudkitty
  - congress
  - designate
+  - elasticsearch
  - etcd
  - freezer
  - gnocchi
--- a/ansible/roles/kolla-openstack/defaults/main.yml
+++ b/ansible/roles/kolla-openstack/defaults/main.yml
@ -18,6 +18,9 @@ kolla_enable_glance:
 # glance-registry.conf.
 kolla_extra_glance:

+# Path to extra Glance configuration files.
+kolla_extra_glance_path:
+
 ###############################################################################
 # Ironic configuration.

@ -252,6 +255,9 @@ kolla_extra_neutron:
 # Free form extra configuration to append to ml2_conf.ini.
 kolla_extra_neutron_ml2:

+# Path to extra Neutron configuration files.
+kolla_extra_neutron_path:
+
 ###############################################################################
 # Nova configuration.

@ -261,6 +267,9 @@ kolla_enable_nova:
 # Free form extra configuration to append to nova.conf.
 kolla_extra_nova:

+# Path to extra Nova configuration files.
+kolla_extra_nova_path:
+
 ###############################################################################
 # Sahara configuration.

--- a/ansible/roles/kolla-openstack/tasks/config.yml
+++ b/ansible/roles/kolla-openstack/tasks/config.yml
@ -6,11 +6,12 @@
    mode: 0750
  with_items:
    - { name: fluentd/output, enabled: "{{ kolla_extra_fluentd_output_path != None }}" }
+    - { name: glance, enabled: "{{ kolla_enable_glance }}" }
    - { name: ironic, enabled: "{{ kolla_enable_ironic }}" }
    - { name: neutron, enabled: "{{ kolla_enable_neutron }}" }
+    - { name: nova, enabled: "{{ kolla_enable_nova }}" }
    - { name: swift, enabled: "{{ kolla_enable_swift }}" }
-    - { name: glance, enabled: "{{ kolla_enable_glance }}" }
-  when: "{{ item.enabled | bool }}"
+  when: item.enabled | bool

 - name: Ensure the Kolla OpenStack configuration files exist
  template:
@ -29,7 +30,7 @@
    - { src: nova.conf.j2, dest: nova.conf, enabled: "{{ kolla_enable_nova }}" }
    - { src: pxelinux.default.j2, dest: ironic/pxelinux.default, enabled: "{{ kolla_enable_ironic }}" }
    - { src: sahara.conf.j2, dest: sahara.conf, enabled: "{{ kolla_enable_sahara }}" }
-  when: "{{ item.enabled | bool }}"
+  when: item.enabled | bool

 - name: Ensure extra glance configuration files exist
  template:
@ -38,7 +39,7 @@
    mode: 0640
  with_fileglob:
    - "{{ kolla_extra_glance_path }}/*"
-  when: "{{ kolla_extra_glance_path != None }}"
+  when: kolla_extra_glance_path != None

 - name: Ensure extra fluentd output configuration files exist
  template:
@ -47,7 +48,7 @@
    mode: 0640
  with_fileglob:
    - "{{ kolla_extra_fluentd_output_path }}/*.conf"
-  when: "{{ kolla_extra_fluentd_output_path != None }}"
+  when: kolla_extra_fluentd_output_path != None

 - name: Ensure the ironic inspector kernel and ramdisk are downloaded
  get_url:
@ -72,3 +73,21 @@
  when:
    - kolla_enable_ironic | bool
    - item.path != None
+
+- name: Ensure extra neutron configuration files exist
+  template:
+    src: "{{ item }}"
+    dest: "{{ kolla_node_custom_config_path }}/neutron/{{ item | basename }}"
+    mode: 0640
+  with_fileglob:
+    - "{{ kolla_extra_neutron_path }}/*"
+  when: kolla_extra_neutron_path != None
+
+- name: Ensure extra nova configuration files exist
+  template:
+    src: "{{ item }}"
+    dest: "{{ kolla_node_custom_config_path }}/nova/{{ item | basename }}"
+    mode: 0640
+  with_fileglob:
+    - "{{ kolla_extra_nova_path }}/*"
+  when: kolla_extra_nova_path != None
--- a/ansible/roles/kolla-openstack/templates/nova.conf.j2
+++ b/ansible/roles/kolla-openstack/templates/nova.conf.j2
@ -1,22 +1,5 @@
 # {{ ansible_managed }}

-[DEFAULT]
-{% if kolla_enable_ironic | bool %}
-# Taken from the ironic configuration guide.
-
-# Flag to decide whether to use baremetal_scheduler_default_filters or not.
-# (boolean value)
-scheduler_use_baremetal_filters=True
-
-# Determines if the Scheduler tracks changes to instances to help with
-# its filtering decisions (boolean value)
-scheduler_tracks_instance_changes=False
-
-# For ironic, this should be set to a number >= the number of ironic nodes
-# to more evenly distribute instances across the nodes.
-scheduler_host_subset_size=9999999
-{% endif %}
-
 {% if kolla_extra_nova %}
 #######################
 # Extra configuration
--- a/ansible/seed-introspection-rules.yml
+++ b/ansible/seed-introspection-rules.yml
@ -12,6 +12,6 @@
      # These variables may be referenced in the introspection rules.
      inspector_rule_var_ipmi_username: "{{ kolla_bifrost_inspector_ipmi_username }}"
      inspector_rule_var_ipmi_password: "{{ kolla_bifrost_inspector_ipmi_password }}"
-      inspector_rule_var_lldp_switch_port_interface: "{{ kolla_bifrost_inspector_lldp_switch_port_interface }}"
+      inspector_rule_var_lldp_switch_port_interface: "{{ kolla_bifrost_inspector_lldp_switch_port_interface or '' }}"
      inspector_rule_var_deploy_kernel: "{{ kolla_bifrost_inspector_deploy_kernel }}"
      inspector_rule_var_deploy_ramdisk: "{{ kolla_bifrost_inspector_deploy_ramdisk }}"
--- a/doc/source/deployment.rst
+++ b/doc/source/deployment.rst
@ -40,6 +40,19 @@ The ``--enable-discovery`` argument enables a one-time configuration of ports
 attached to baremetal compute nodes to support hardware discovery via ironic
 inspector.

+It is possible to limit the switch interfaces that will be configured, either
+by interface name or interface description::
+
+    (kayobe) $ kayobe physical network configure --group <group> --interface-limit <interface names>
+    (kayobe) $ kayobe physical network configure --group <group> --interface-description-limit <interface descriptions>
+
+The names or descriptions should be separated by commas.  This may be useful
+when adding compute nodes to an existing deployment, in order to avoid changing
+the configuration interfaces in use by active nodes.
+
+The ``display`` argument will display the candidate switch configuration,
+without actually applying it.
+
 Seed Hypervisor
 ===============

--- a/doc/source/release-notes.rst
+++ b/doc/source/release-notes.rst
@ -2,6 +2,29 @@
 Release Notes
 =============

+In Development
+==============
+
+Features
+--------
+
+* Adds ``--interface-limit`` and ``--interface-description-limit`` arguments to
+  the ``kayobe physical network configure`` command.  These arguments allow
+  configuration to be limited to a subset of switch interfaces.
+* Adds a ``--display`` argument to ``kayobe physical network configure``
+  command.  This will output the candidate switch configuration without
+  applying it.
+* Adds support for custom neutron and nova configuration files in
+  ``$KAYOBE_CONFIG_PATH/kolla/config/[neutron,nova]``.
+
+Upgrade Notes
+-------------
+
+* Modifies the default value for ``inspector_manage_firewall`` from ``False``
+  to ``True``.  Management of the firewall by ironic inspector is important to
+  ensure that DHCP offers are not made to nodes during provisioning by
+  inspector's DHCP server.
+
 Kayobe 3.0.0
 ============

--- a/kayobe/cli/commands.py
+++ b/kayobe/cli/commands.py
@ -227,15 +227,31 @@ class PhysicalNetworkConfigure(KayobeAnsibleMixin, VaultMixin, Command):
        group = parser.add_argument_group("Physical Networking")
        group.add_argument("--group", required=True,
                           help="the Ansible group to apply configuration to")
+        group.add_argument("--display", action="store_true",
+                           help="display the candidate configuration and exit "
+                                "without applying it")
        group.add_argument("--enable-discovery", action="store_true",
                           help="configure the network for hardware discovery")
+        group.add_argument("--interface-limit",
+                           help="limit the switch interfaces to be configured "
+                                "by interface name")
+        group.add_argument("--interface-description-limit",
+                           help="limit the switch interfaces to be configured "
+                                "by interface description")
        return parser

    def take_action(self, parsed_args):
        self.app.LOG.debug("Configuring a physical network")
        extra_vars = {}
+        extra_vars["physical_network_display"] = parsed_args.display
        if parsed_args.enable_discovery:
            extra_vars["physical_network_enable_discovery"] = True
+        if parsed_args.interface_limit:
+            extra_vars["physical_network_interface_limit"] = (
+                parsed_args.interface_limit)
+        if parsed_args.interface_description_limit:
+            extra_vars["physical_network_interface_description_limit"] = (
+                parsed_args.interface_description_limit)
        self.run_kayobe_playbook(parsed_args, "ansible/physical-network.yml",
                                 limit=parsed_args.group,
                                 extra_vars=extra_vars)