Code Review / fuel.git / blob
? search:


41871d87250533c57d19e2fa37612fb60f5e6faa
[fuel.git] / mcp / reclass / classes / cluster / all-mcp-arch-common / infra / maas.yml.j2
1 ##############################################################################
2 # Copyright (c) 2018 Mirantis Inc., Enea AB and others.
3 # All rights reserved. This program and the accompanying materials
4 # are made available under the terms of the Apache License, Version 2.0
5 # which accompanies this distribution, and is available at
6 # http://www.apache.org/licenses/LICENSE-2.0
7 ##############################################################################
8 {%- import 'net_map.j2' as nm with context %}
9 ---
10 # NOTE: pod_config is generated and transferred into its final location on
11 # cfg01 only during deployment to prevent leaking sensitive data
12 classes:
13   - system.maas.region.single
14   - service.maas.cluster.single
15   - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf
16   - cluster.all-mcp-arch-common.opnfv.pod_config
17 parameters:
18   _param:
19     linux_system_codename: bionic
20     maas_admin_username: opnfv
21     dns_server01: '{{ nm.dns_public[0] }}'
22     single_address: ${_param:infra_maas_node01_deploy_address}
23     hwe_kernel: 'ga-18.04'
24     opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }}
25     opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }}
26   maas:
27     region:
28 {%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO or '-fdio-' in conf.MCP_DEPLOY_SCENARIO %}
29       tags:
30         aarch64_hugepages_1g:
31           comment: 'Enable 1G pagesizes on aarch64'
32           definition: '//capability[@id="asimd"]|//capability[@id="cp15_barrier"]'
33           kernel_opts: 'default_hugepagesz=1G hugepagesz=1G'
34 {%- endif %}
35       timeout:
36         # Set maas.wait_for_<state> timeouts to ~2.5x of MaaS <state> timeout
37         ready: {{ nm.maas_timeout_comissioning * 150 }}
38         deployed: {{ nm.maas_timeout_deploying * 150 }}
39         attempts: 3
40       boot_sources_delete_all_others: true
41       boot_sources:
42         resources_mirror:
43           url: http://images.maas.io/ephemeral-v3/daily
44           keyring_file: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
45       boot_sources_selections:
46         bionic:
47           url: "http://images.maas.io/ephemeral-v3/daily"
48           os: "ubuntu"
49           release: "${_param:linux_system_codename}"
50           arches:
51 {%- for arch in nm.cluster.arch %}
52             - "{{ arch | dpkg_arch }}"
53 {%- endfor %}
54           subarches:
55             - "generic"
56             - "ga-18.04"
57           labels: '"*"'
58       fabrics:
59         pxe_admin:
60           name: 'pxe_admin'
61           description: Fabric for PXE/admin
62           vlans:
63             0:
64               name: 'vlan 0'
65               description: PXE/admin VLAN
66               dhcp: true
67               primary_rack: "${linux:network:hostname}"
68       subnets:
69         {{ nm.net_admin }}:
70           name: {{ nm.net_admin }}
71           cidr: {{ nm.net_admin }}
72           gateway_ip: ${_param:single_address}
73           fabric: ${maas:region:fabrics:pxe_admin:name}
74           vlan: 0
75           ipranges:
76             1:
77               start: {{ nm.net_admin_pool_start }}
78               end: {{ nm.net_admin_pool_end }}
79               type: dynamic
80       sshprefs:
81         - '{{ conf.MAAS_SSH_KEY }}'
82 {%- if 'aarch64' in nm.cluster.arch %}
83       package_repositories:
84         armband:
85           name: armband
86           enabled: '1'
87           url: 'http://linux.enea.com/mcp-repos/${_param:armband_repo_version}/xenial'
88           distributions: '${_param:armband_repo_version}-armband'
89           components: 'main'
90           arches: 'arm64'
91           key: ${_param:armband_key}
92 {%- endif %}
93       salt_master_ip: ${_param:reclass_config_master}
94       domain: ${_param:cluster_domain}
95       ~maas_config:
96         maas_name: mas01
97         active_discovery_interval: 600
98         ntp_external_only: true
99         upstream_dns: ${_param:dns_server01}
100         commissioning_distro_series: 'bionic'
101         default_distro_series: 'bionic'
102         default_osystem: 'ubuntu'
103         default_storage_layout: 'lvm'
104         enable_http_proxy: true
105         disk_erase_with_secure_erase: false
106         dnssec_validation: 'no'
107         enable_third_party_drivers: true
108         network_discovery: 'enabled'
109         default_min_hwe_kernel: ${_param:hwe_kernel}
110     cluster:
111       saltstack_repo_bionic: "deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7/ bionic main"
112       region:
113         host: ${_param:single_address}
114         port: 5240
115   linux:
116     system:
117       repo:
118         armband_3:
119           enabled: false
120       ~locale: ''
121       ~kernel:
122         sysctl:
123           net.ipv4.ip_forward: 1
124     network:
125       resolv:
126         dns:
127 {%- for server in nm.dns_public %}
128           - {{ server }}
129 {%- endfor %}
130   iptables:
131     schema:
132       epoch: 1
133     service:
134       v4:
135         enabled: true
136         persistent_config: /etc/iptables/rules.v4
137       v6:
138         enabled: false
139     tables:
140       v4:
141         filter:
142           chains:
143             INPUT:
144               ruleset:
145                 10:
146                   rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
147                 11:
148                   rule: -d ${_param:single_address}/${_param:opnfv_net_admin_mask}
149         nat:
150           chains:
151             POSTROUTING:
152               policy: ACCEPT
153               ruleset:
154                 10:
155                   rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
156                   action: MASQUERADE