1 ##############################################################################
2 # Copyright (c) 2017 Tim Rozet (trozet@redhat.com) and others.
4 # All rights reserved. This program and the accompanying materials
5 # are made available under the terms of the Apache License, Version 2.0
6 # which accompanies this distribution, and is available at
7 # http://www.apache.org/licenses/LICENSE-2.0
8 ##############################################################################
20 from apex.common import constants as con
21 from apex.common.exceptions import ApexDeployException
22 from apex.common import parsers
23 from apex.virtual import utils as virt_utils
24 from cryptography.hazmat.primitives import serialization as \
26 from cryptography.hazmat.primitives.asymmetric import rsa
27 from cryptography.hazmat.backends import default_backend as \
28 crypto_default_backend
33 'sfc': 'neutron-sfc-opendaylight.yaml',
34 'vpn': 'neutron-bgpvpn-opendaylight.yaml',
35 'gluon': 'gluon.yaml',
37 'odl_vpp_netvirt': 'neutron-opendaylight-netvirt-vpp.yaml',
38 'default': 'neutron-opendaylight-honeycomb.yaml'
40 'default': 'neutron-opendaylight.yaml',
43 'sfc': 'neutron-onos-sfc.yaml',
44 'default': 'neutron-onos.yaml'
46 'ovn': 'neutron-ml2-ovn.yaml',
48 'vpp': 'neutron-ml2-vpp.yaml',
49 'dataplane': ('ovs_dpdk', 'neutron-ovs-dpdk.yaml')
54 'tacker': 'enable_tacker.yaml',
55 'congress': 'enable_congress.yaml',
56 'barometer': 'enable_barometer.yaml',
57 'rt_kvm': 'enable_rt_kvm.yaml'
61 'HostCpusList': 'dpdk_cores',
62 'NeutronDpdkCoreList': 'pmd_cores',
63 'NeutronDpdkSocketMemory': 'socket_memory',
64 'NeutronDpdkMemoryChannels': 'memory_channels'
67 OVS_NSH_KMOD_RPM = "openvswitch-kmod-2.6.1-1.el7.centos.x86_64.rpm"
68 OVS_NSH_RPM = "openvswitch-2.6.1-1.el7.centos.x86_64.rpm"
69 ODL_NETVIRT_VPP_RPM = "/root/opendaylight-7.0.0-0.1.20170531snap665.el7" \
73 def build_sdn_env_list(ds, sdn_map, env_list=None):
76 for k, v in sdn_map.items():
77 if ds['sdn_controller'] == k or (k in ds and ds[k] is True):
78 if isinstance(v, dict):
79 env_list.extend(build_sdn_env_list(ds, v))
81 env_list.append(os.path.join(con.THT_ENV_DIR, v))
82 elif isinstance(v, tuple):
84 env_list.append(os.path.join(con.THT_ENV_DIR, v[1]))
85 if len(env_list) == 0:
87 env_list.append(os.path.join(
88 con.THT_ENV_DIR, sdn_map['default']))
90 logging.warning("Unable to find default file for SDN")
95 def create_deploy_cmd(ds, ns, inv, tmp_dir,
96 virtual, env_file='opnfv-environment.yaml'):
98 logging.info("Creating deployment command")
99 deploy_options = [env_file, 'network-environment.yaml']
100 ds_opts = ds['deploy_options']
101 deploy_options += build_sdn_env_list(ds_opts, SDN_FILE_MAP)
103 for k, v in OTHER_FILE_MAP.items():
104 if k in ds_opts and ds_opts[k]:
105 deploy_options.append(os.path.join(con.THT_ENV_DIR, v))
108 prep_storage_env(ds, tmp_dir)
109 deploy_options.append(os.path.join(con.THT_ENV_DIR,
110 'storage-environment.yaml'))
111 if ds['global_params']['ha_enabled']:
112 deploy_options.append(os.path.join(con.THT_ENV_DIR,
113 'puppet-pacemaker.yaml'))
116 deploy_options.append('virtual-environment.yaml')
118 deploy_options.append('baremetal-environment.yaml')
124 if 'profile:control' in node['capabilities']:
126 elif 'profile:compute' in node['capabilities']:
129 # TODO(trozet) do we want to allow capabilities to not exist?
130 logging.error("Every node must include a 'capabilities' key "
131 "tagged with either 'profile:control' or "
133 raise ApexDeployException("Node missing capabilities "
134 "key: {}".format(node))
135 if num_control == 0 or num_compute == 0:
136 logging.error("Detected 0 control or compute nodes. Control nodes: "
137 "{}, compute nodes{}".format(num_control, num_compute))
138 raise ApexDeployException("Invalid number of control or computes")
139 elif num_control > 1 and not ds['global_params']['ha_enabled']:
141 cmd = "openstack overcloud deploy --templates --timeout {} " \
142 "--libvirt-type kvm".format(con.DEPLOY_TIMEOUT)
144 for option in deploy_options:
145 cmd += " -e {}".format(option)
146 cmd += " --ntp-server {}".format(ns['ntp'][0])
147 cmd += " --control-scale {}".format(num_control)
148 cmd += " --compute-scale {}".format(num_compute)
149 cmd += ' --control-flavor control --compute-flavor compute'
150 logging.info("Deploy command set: {}".format(cmd))
152 with open(os.path.join(tmp_dir, 'deploy_command'), 'w') as fh:
157 def prep_image(ds, img, tmp_dir, root_pw=None):
159 Locates sdn image and preps for deployment.
160 :param ds: deploy settings
161 :param img: sdn image
162 :param tmp_dir: dir to store modified sdn image
163 :param root_pw: password to configure for overcloud image
166 # TODO(trozet): Come up with a better way to organize this logic in this
168 logging.info("Preparing image: {} for deployment".format(img))
169 if not os.path.isfile(img):
170 logging.error("Missing SDN image {}".format(img))
171 raise ApexDeployException("Missing SDN image file: {}".format(img))
173 ds_opts = ds['deploy_options']
175 sdn = ds_opts['sdn_controller']
176 # we need this due to rhbz #1436021
177 # fixed in systemd-219-37.el7
179 logging.info("Neutron openvswitch-agent disabled")
182 "rm -f /etc/systemd/system/multi-user.target.wants/"
183 "neutron-openvswitch-agent.service"},
186 "rm -f /usr/lib/systemd/system/neutron-openvswitch-agent"
191 virt_cmds.append({con.VIRT_RUN_CMD: "systemctl enable zrpcd"})
192 logging.info("ZRPC and Quagga enabled")
194 dataplane = ds_opts['dataplane']
195 if dataplane == 'ovs_dpdk' or dataplane == 'fdio':
196 logging.info("Enabling kernel modules for dpdk")
197 # file to module mapping
199 os.path.join(tmp_dir, 'vfio_pci.modules'): 'vfio_pci',
200 os.path.join(tmp_dir, 'uio_pci_generic.modules'): 'uio_pci_generic'
202 for mod_file, mod in uio_types.items():
203 with open(mod_file, 'w') as fh:
204 fh.write('#!/bin/bash\n')
205 fh.write('exec /sbin/modprobe {}'.format(mod))
209 {con.VIRT_UPLOAD: "{}:/etc/sysconfig/modules/".format(
211 {con.VIRT_RUN_CMD: "chmod 0755 /etc/sysconfig/modules/"
212 "{}".format(os.path.basename(mod_file))}
215 pw_op = "password:{}".format(root_pw)
216 virt_cmds.append({con.VIRT_PW: pw_op})
217 if ds_opts['sfc'] and dataplane == 'ovs':
219 {con.VIRT_RUN_CMD: "yum -y install "
220 "/root/ovs/rpm/rpmbuild/RPMS/x86_64/"
221 "{}".format(OVS_NSH_KMOD_RPM)},
222 {con.VIRT_RUN_CMD: "yum downgrade -y "
223 "/root/ovs/rpm/rpmbuild/RPMS/x86_64/"
224 "{}".format(OVS_NSH_RPM)}
226 if dataplane == 'fdio':
227 # Patch neutron with using OVS external interface for router
228 # and add generic linux NS interface driver
230 {con.VIRT_RUN_CMD: "cd /usr/lib/python2.7/site-packages && patch "
231 "-p1 < neutron-patch-NSDriver.patch"})
233 if sdn == 'opendaylight':
234 if ds_opts['odl_version'] != con.DEFAULT_ODL_VERSION:
236 {con.VIRT_RUN_CMD: "yum -y remove opendaylight"},
237 {con.VIRT_RUN_CMD: "yum -y install /root/{}/*".format(
238 ds_opts['odl_version'])},
239 {con.VIRT_RUN_CMD: "rm -rf /etc/puppet/modules/opendaylight"},
240 {con.VIRT_RUN_CMD: "cd /etc/puppet/modules && tar xzf "
241 "/root/puppet-opendaylight-"
242 "{}.tar.gz".format(ds_opts['odl_version'])}
244 elif sdn == 'opendaylight' and 'odl_vpp_netvirt' in ds_opts \
245 and ds_opts['odl_vpp_netvirt']:
247 {con.VIRT_RUN_CMD: "yum -y remove opendaylight"},
248 {con.VIRT_RUN_CMD: "yum -y install /root/{}/*".format(
249 ODL_NETVIRT_VPP_RPM)}
254 {con.VIRT_RUN_CMD: "cd /root/ovs28 && yum update -y "
256 {con.VIRT_RUN_CMD: "cd /root/ovs28 && yum downgrade -y "
260 tmp_oc_image = os.path.join(tmp_dir, 'overcloud-full.qcow2')
261 shutil.copyfile(img, tmp_oc_image)
262 logging.debug("Temporary overcloud image stored as: {}".format(
264 virt_utils.virt_customize(virt_cmds, tmp_oc_image)
265 logging.info("Overcloud image customization complete")
270 Creates public and private ssh keys with 1024 bit RSA encryption
271 :return: private, public key
273 key = rsa.generate_private_key(
274 backend=crypto_default_backend(),
275 public_exponent=65537,
279 private_key = key.private_bytes(
280 crypto_serialization.Encoding.PEM,
281 crypto_serialization.PrivateFormat.PKCS8,
282 crypto_serialization.NoEncryption())
283 public_key = key.public_key().public_bytes(
284 crypto_serialization.Encoding.OpenSSH,
285 crypto_serialization.PublicFormat.OpenSSH
287 pub_key = re.sub('ssh-rsa\s*', '', public_key.decode('utf-8'))
288 return private_key.decode('utf-8'), pub_key
291 def prep_env(ds, ns, opnfv_env, net_env, tmp_dir):
293 Creates modified opnfv/network environments for deployment
294 :param ds: deploy settings
295 :param ns: network settings
296 :param opnfv_env: file path for opnfv-environment file
297 :param net_env: file path for network-environment file
298 :param tmp_dir: Apex tmp dir
302 logging.info("Preparing opnfv-environment and network-environment files")
303 ds_opts = ds['deploy_options']
304 tmp_opnfv_env = os.path.join(tmp_dir, os.path.basename(opnfv_env))
305 shutil.copyfile(opnfv_env, tmp_opnfv_env)
306 tenant_nic_map = ns['networks']['tenant']['nic_mapping']
307 tenant_ctrl_nic = tenant_nic_map['controller']['members'][0]
308 tenant_comp_nic = tenant_nic_map['compute']['members'][0]
311 private_key, public_key = make_ssh_key()
313 # Make easier/faster variables to index in the file editor
314 if 'performance' in ds_opts:
317 if 'vpp' in ds_opts['performance']['Compute']:
318 perf_vpp_comp = ds_opts['performance']['Compute']['vpp']
321 if 'vpp' in ds_opts['performance']['Controller']:
322 perf_vpp_ctrl = ds_opts['performance']['Controller']['vpp']
327 if 'ovs' in ds_opts['performance']['Compute']:
328 perf_ovs_comp = ds_opts['performance']['Compute']['ovs']
333 if 'kernel' in ds_opts['performance']['Compute']:
334 perf_kern_comp = ds_opts['performance']['Compute']['kernel']
336 perf_kern_comp = None
340 # Modify OPNFV environment
341 # TODO: Change to build a dict and outputing yaml rather than parsing
342 for line in fileinput.input(tmp_opnfv_env, inplace=True):
343 line = line.strip('\n')
345 if 'CloudDomain' in line:
346 output_line = " CloudDomain: {}".format(ns['domain_name'])
347 elif 'replace_private_key' in line:
348 output_line = " key: '{}'".format(private_key)
349 elif 'replace_public_key' in line:
350 output_line = " key: '{}'".format(public_key)
352 if ds_opts['sdn_controller'] == 'opendaylight' and \
353 'odl_vpp_routing_node' in ds_opts and ds_opts[
354 'odl_vpp_routing_node'] != 'dvr':
355 if 'opendaylight::vpp_routing_node' in line:
356 output_line = (" opendaylight::vpp_routing_node: ${}.${}"
357 .format(ds_opts['odl_vpp_routing_node'],
359 elif 'ControllerExtraConfig' in line:
360 output_line = (" ControllerExtraConfig:\n "
361 "tripleo::profile::base::neutron::agents::"
362 "honeycomb::interface_role_mapping:"
363 " ['{}:tenant-interface]'"
364 .format(tenant_ctrl_nic))
365 elif 'NovaComputeExtraConfig' in line:
366 output_line = (" NovaComputeExtraConfig:\n "
367 "tripleo::profile::base::neutron::agents::"
368 "honeycomb::interface_role_mapping:"
369 " ['{}:tenant-interface]'"
370 .format(tenant_comp_nic))
371 elif not ds_opts['sdn_controller'] and ds_opts['dataplane'] == 'fdio':
372 if 'NeutronVPPAgentPhysnets' in line:
373 output_line = (" NeutronVPPAgentPhysnets: 'datacentre:{}'".
374 format(tenant_ctrl_nic))
377 for role in 'NovaCompute', 'Controller':
378 if role == 'NovaCompute':
379 perf_opts = perf_vpp_comp
381 perf_opts = perf_vpp_ctrl
382 cfg = "{}ExtraConfig".format(role)
383 if cfg in line and perf_opts:
385 if 'main-core' in perf_opts:
386 perf_line += ("\n fdio::vpp_cpu_main_core: '{}'"
387 .format(perf_opts['main-core']))
388 if 'corelist-workers' in perf_opts:
390 "fdio::vpp_cpu_corelist_workers: '{}'"
391 .format(perf_opts['corelist-workers']))
393 output_line = (" {}:{}".format(cfg, perf_line))
396 # (FIXME) use compute's kernel settings for all nodes for now.
397 if 'ComputeKernelArgs' in line and perf_kern_comp:
399 for k, v in perf_kern_comp.items():
400 kernel_args += "{}={} ".format(k, v)
402 output_line = " ComputeKernelArgs: '{}'".\
404 if ds_opts['dataplane'] == 'ovs_dpdk' and perf_ovs_comp:
405 for k, v in OVS_PERF_MAP.items():
406 if k in line and v in perf_ovs_comp:
407 output_line = " {}: '{}'".format(k, perf_ovs_comp[v])
411 logging.info("opnfv-environment file written to {}".format(tmp_opnfv_env))
413 # Modify Network environment
414 for line in fileinput.input(net_env, inplace=True):
415 line = line.strip('\n')
416 if 'ComputeExtraConfigPre' in line and \
417 ds_opts['dataplane'] == 'ovs_dpdk':
418 print(' OS::TripleO::ComputeExtraConfigPre: '
419 './ovs-dpdk-preconfig.yaml')
420 elif ((perf and perf_kern_comp) or ds_opts.get('rt_kvm')) and \
421 'resource_registry' in line:
422 print("resource_registry:\n"
423 " OS::TripleO::NodeUserData: first-boot.yaml")
424 elif perf and perf_kern_comp and \
425 'NovaSchedulerDefaultFilters' in line:
426 print(" NovaSchedulerDefaultFilters: 'RamFilter,"
427 "ComputeFilter,AvailabilityZoneFilter,"
428 "ComputeCapabilitiesFilter,ImagePropertiesFilter,"
429 "NUMATopologyFilter'")
433 logging.info("network-environment file written to {}".format(net_env))
436 def generate_ceph_key():
438 header = struct.pack('<hiih', 1, int(time.time()), 0, len(key))
439 return base64.b64encode(header + key)
442 def prep_storage_env(ds, tmp_dir):
444 Creates storage environment file for deployment. Source file is copied by
445 undercloud playbook to host.
450 ds_opts = ds['deploy_options']
451 storage_file = os.path.join(tmp_dir, 'storage-environment.yaml')
452 if not os.path.isfile(storage_file):
453 logging.error("storage-environment file is not in tmp directory: {}. "
454 "Check if file was copied from "
455 "undercloud".format(tmp_dir))
456 raise ApexDeployException("storage-environment file not copied from "
458 for line in fileinput.input(storage_file, inplace=True):
459 line = line.strip('\n')
460 if 'CephClusterFSID' in line:
461 print(" CephClusterFSID: {}".format(str(uuid.uuid4())))
462 elif 'CephMonKey' in line:
463 print(" CephMonKey: {}".format(generate_ceph_key().decode(
465 elif 'CephAdminKey' in line:
466 print(" CephAdminKey: {}".format(generate_ceph_key().decode(
470 if 'ceph_device' in ds_opts and ds_opts['ceph_device']:
471 with open(storage_file, 'a') as fh:
472 fh.write(' ExtraConfig:\n')
473 fh.write(" ceph::profile::params::osds:{{{}:{{}}}}\n".format(
474 ds_opts['ceph_device']
478 def external_network_cmds(ns):
480 Generates external network openstack commands
481 :param ns: network settings
482 :return: list of commands to configure external network
484 if 'external' in ns.enabled_network_list:
485 net_config = ns['networks']['external'][0]
487 pool_start, pool_end = net_config['floating_ip_range']
489 net_config = ns['networks']['admin']
491 pool_start, pool_end = ns['apex']['networks']['admin'][
492 'introspection_range']
493 nic_config = net_config['nic_mapping']
494 gateway = net_config['gateway']
496 # create network command
497 if nic_config['compute']['vlan'] == 'native':
500 ext_type = "vlan --provider-segment {}".format(nic_config[
502 cmds.append("openstack network create external --project service "
503 "--external --provider-network-type {} "
504 "--provider-physical-network datacentre".format(ext_type))
505 # create subnet command
506 cidr = net_config['cidr']
507 subnet_cmd = "openstack subnet create external-subnet --project " \
508 "service --network external --no-dhcp --gateway {} " \
509 "--allocation-pool start={},end={} --subnet-range " \
510 "{}".format(gateway, pool_start, pool_end, str(cidr))
511 if external and cidr.version == 6:
512 subnet_cmd += ' --ip-version 6 --ipv6-ra-mode slaac ' \
513 '--ipv6-address-mode slaac'
514 cmds.append(subnet_cmd)
515 logging.debug("Neutron external network commands determined "
516 "as: {}".format(cmds))
520 def create_congress_cmds(overcloud_file):
521 drivers = ['nova', 'neutronv2', 'cinder', 'glancev2', 'keystone', 'doctor']
522 overcloudrc = parsers.parse_overcloudrc(overcloud_file)
523 logging.info("Creating congress commands")
526 "username={}".format(overcloudrc['OS_USERNAME']),
527 "tenant_name={}".format(overcloudrc['OS_PROJECT_NAME']),
528 "password={}".format(overcloudrc['OS_PASSWORD']),
529 "auth_url={}".format(overcloudrc['OS_AUTH_URL'])
532 logging.error("Unable to find all keys required for congress in "
533 "overcloudrc: OS_USERNAME, OS_PROJECT_NAME, "
534 "OS_PASSWORD, OS_AUTH_URL. Please check overcloudrc "
535 "file: {}".format(overcloud_file))
538 ds_cfg = '--config ' + ' --config '.join(ds_cfg)
540 for driver in drivers:
541 if driver == 'doctor':
542 cmd = "{} \"{}\"".format(driver, driver)
544 cmd = "{} \"{}\" {}".format(driver, driver, ds_cfg)
546 cmd += ' --config api_version="2.34"'
547 logging.debug("Congress command created: {}".format(cmd))