1 ##############################################################################
2 # Copyright (c) 2018 Mirantis Inc., Enea AB and others.
3 # All rights reserved. This program and the accompanying materials
4 # are made available under the terms of the Apache License, Version 2.0
5 # which accompanies this distribution, and is available at
6 # http://www.apache.org/licenses/LICENSE-2.0
7 ##############################################################################
8 {%- import 'net_map.j2' as nm with context %}
10 # NOTE: pod_config is generated and transferred into its final location on
11 # cfg01 only during deployment to prevent leaking sensitive data
13 - system.maas.region.single
14 - service.maas.cluster.single
15 - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf
16 - cluster.all-mcp-arch-common.opnfv.pod_config
19 mcpcontrol_interface: ${_param:opnfv_fn_vm_primary_interface}
20 primary_interface: ${_param:opnfv_fn_vm_secondary_interface}
21 pxe_admin_interface: ${_param:opnfv_fn_vm_tertiary_interface}
22 linux_system_codename: xenial
23 maas_admin_username: opnfv
24 dns_server01: '{{ nm.dns_public[0] }}'
25 pxe_admin_address: ${_param:infra_maas_node01_deploy_address}
26 single_address: ${_param:pxe_admin_address}
27 hwe_kernel: 'hwe-16.04'
28 opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }}
29 opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }}
33 # Set maas.wait_for_<state> timeouts to ~2.5x of MaaS <state> timeout
34 ready: {{ nm.maas_timeout_comissioning * 150 }}
35 deployed: {{ nm.maas_timeout_deploying * 150 }}
37 boot_sources_delete_all_others: true
40 url: http://images.maas.io/ephemeral-v3/daily
41 keyring_file: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
42 boot_sources_selections:
44 url: "http://images.maas.io/ephemeral-v3/daily"
46 release: "${_param:linux_system_codename}"
48 {%- for arch in nm.cluster.arch %}
49 - "{{ arch | dpkg_arch }}"
59 description: Fabric for PXE/admin
63 description: PXE/admin VLAN
65 primary_rack: "${linux:network:hostname}"
68 name: {{ nm.net_admin }}
69 cidr: {{ nm.net_admin }}
70 gateway_ip: ${_param:single_address}
71 fabric: ${maas:region:fabrics:pxe_admin:name}
75 start: {{ nm.net_admin_pool_start }}
76 end: {{ nm.net_admin_pool_end }}
79 - '{{ conf.MAAS_SSH_KEY }}'
80 {%- if 'aarch64' in nm.cluster.arch %}
85 url: 'http://linux.enea.com/mcp-repos/${_param:armband_repo_version}/${_param:linux_system_codename}'
86 distributions: '${_param:armband_repo_version}-armband'
89 key: ${_param:armband_key}
91 salt_master_ip: ${_param:reclass_config_master}
92 domain: ${_param:cluster_domain}
95 active_discovery_interval: 600
96 ntp_external_only: true
97 upstream_dns: ${_param:dns_server01}
98 commissioning_distro_series: 'xenial'
99 default_distro_series: 'xenial'
100 default_osystem: 'ubuntu'
101 default_storage_layout: 'lvm'
102 enable_http_proxy: true
103 disk_erase_with_secure_erase: false
104 dnssec_validation: 'no'
105 enable_third_party_drivers: true
106 network_discovery: 'enabled'
107 default_min_hwe_kernel: ${_param:hwe_kernel}
109 saltstack_repo_xenial: "deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/ xenial main"
114 net.ipv4.ip_forward: 1
117 mcpcontrol_interface:
119 name: ${_param:mcpcontrol_interface}
122 mtu: ${_param:interface_mtu}
125 name: ${_param:primary_interface}
127 {%- if conf.idf.fuel.jumphost.get('trunks', {}).get('mgmt', False) and (nm.vlan_mgmt | int > 0) %}
129 mtu: ${_param:interface_mtu}
130 primary_interface_vlan:
133 name: ${_param:primary_interface}.{{ nm.vlan_mgmt }}
135 - ${_param:primary_interface}
138 mtu: ${_param:interface_mtu}
139 address: ${_param:infra_maas_node01_address}
140 netmask: ${_param:opnfv_net_mgmt_mask}
143 name: ${_param:pxe_admin_interface}
144 # MaaS has issues using MTU > 1500 for PXE interface
147 address: ${_param:single_address}
148 netmask: ${_param:opnfv_net_admin_mask}
156 persistent_config: /etc/iptables/rules.v4
166 rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
168 rule: -d ${_param:single_address}/${_param:opnfv_net_admin_mask}
175 rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}