[fuel.git] / mcp / reclass / classes / cluster / all-mcp-arch-common / infra / maas.yml.j2

##############################################################################
# Copyright (c) 2018 Mirantis Inc., Enea AB and others.
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
{%- import 'net_map.j2' as nm with context %}
---
# NOTE: pod_config is generated and transferred into its final location on
# cfg01 only during deployment to prevent leaking sensitive data
classes:
  - system.maas.region.single
  - service.maas.cluster.single
  - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf
  - cluster.all-mcp-arch-common.opnfv.pod_config
parameters:
  _param:
    mcpcontrol_interface: ${_param:opnfv_fn_vm_primary_interface}
    primary_interface: ${_param:opnfv_fn_vm_secondary_interface}
    pxe_admin_interface: ${_param:opnfv_fn_vm_tertiary_interface}
    interface_mtu: 1500
    # MaaS has issues using MTU > 1500 for PXE interface
    pxe_admin_interface_mtu: 1500
    linux_system_codename: xenial
    maas_admin_username: opnfv
    maas_admin_password: opnfv_secret
    maas_db_password: opnfv_secret
    dns_server01: '{{ nm.dns_public[0] }}'
    single_address: ${_param:infra_maas_node01_deploy_address}
    hwe_kernel: 'hwe-16.04'
    opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }}
    opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }}
  maas:
    region:
      boot_sources_delete_all_others: true
      boot_sources:
        resources_mirror:
          url: http://images.maas.io/ephemeral-v3/daily
          keyring_file: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
      boot_sources_selections:
        xenial:
          url: "http://images.maas.io/ephemeral-v3/daily"
          os: "ubuntu"
          release: "${_param:linux_system_codename}"
          arches:
{%- for arch in nm.cluster.arch %}
            - "{{ arch | dpkg_arch }}"
{%- endfor %}
          subarches:
            - "generic"
            - "ga-16.04"
            - "hwe-16.04"
          labels: '"*"'
      fabrics:
        pxe_admin:
          name: 'pxe_admin'
          description: Fabric for PXE/admin
          vlans:
            0:
              name: 'vlan 0'
              description: PXE/admin VLAN
              dhcp: true
              primary_rack: "${linux:network:hostname}"
      subnets:
        {{ nm.net_admin }}:
          name: {{ nm.net_admin }}
          cidr: {{ nm.net_admin }}
          gateway_ip: ${_param:single_address}
          fabric: ${maas:region:fabrics:pxe_admin:name}
          vlan: 0
          ipranges:
            1:
              start: {{ nm.net_admin_pool_start }}
              end: {{ nm.net_admin_pool_end }}
              type: dynamic
      sshprefs:
        - '{{ conf.MAAS_SSH_KEY }}'
{%- if 'aarch64' in nm.cluster.arch %}
      package_repositories:
        armband:
          name: armband
          enabled: '1'
          url: 'http://linux.enea.com/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}'
          distributions: '${_param:openstack_version}-armband'
          components: 'main'
          arches: 'arm64'
          key: &armband_key |
            -----BEGIN PGP PUBLIC KEY BLOCK-----
            Version: GnuPG v2.0.14 (GNU/Linux)

            mQENBFagAroBCADWboNIjuF6lB1mWv2+EbvqY3lKl5mLKhr2DnSUkKeHUPBv8gNM
            qK8Q00AMIyPiyEhgjA+dWizZ+5aBgxoiY7oMeLJ2Xym36U/8SYq2BWd3SGCbMNoz
            SJDxDUSM/HFVs6atF1M3DY9oN65hSVnu4uy5Tu6asf6k4rhAyk0z4+pRcPBCu2vq
            mnGi3COM/+9PShrEKeVOx5W2vRJywUFuq8EDvQnRoJ0GvM28JiJIanw17YwIPxhg
            BKZVpZjan5X+ihVMXwA2h/G/FS5Omhd50RqV6LWSYs94VJJgYqHx8UMm7izcxI+P
            ct3IcbD195bPbJ+SbuiFe45ZLsdY1MyGiU2BABEBAAG0K0VuZWEgQXJtYmFuZCBE
            ZXZvcHMgVGVhbSA8YXJtYmFuZEBlbmVhLmNvbT6JATgEEwECACICGwMGCwkIBwMC
            BhUIAgkKCwQWAgMBAh4BAheABQJaY3bYAAoJEN6rkLp5irHRoQMH/0PYl0A/6eWw
            nQ/szhEFrr76Ln6wA4vEO+PiuWj9kTkZM2NaCnkisrIuHSPIVvOLfFmztbE6sKGe
            t+a2b7Jqw48DZ/gq508aZE4Q307ookxdCOrzIu/796hFO34yXg3sqZoJh3VmKIjY
            4DL8yG1iAiQ5vOw3IFWQnATwIZUgaCcjmE7HGap+9ePuJfFuQ8mIG5cy28t8qocx
            AB/B2tucfBMwomYxKqgbLI5AG7iSt58ajvrrNa9f8IX7Ihj/jiuXhUwX+geEp98K
            IWVI1ftEthZvfBpZW4BS98J4z//dEPi31L4jb9RQXq3afF2RpXchDeUN85bW45nu
            W/9PMAlgE/U=
            =m+zE
            -----END PGP PUBLIC KEY BLOCK-----
{%- endif %}
      machines:
      {%- set pxe_interface = conf.idf.net_config.admin.interface %}
      {%- set ctl_roles = conf.virtual.nodes.control | length %}
      {%- for node in conf.nodes %}
      {%- if (node.node.type == 'baremetal' and (
              loop.index > nm.cmp001.idx or loop.index0 < ctl_roles)) %}
        {%- if loop.index > nm.cmp001.idx %}
        cmp{{ '%03d' | format(loop.index - nm.cmp001.idx) }}:
        {%- else %}
        {{ conf.virtual.nodes.control[loop.index0] }}:
        {%- endif %}
          interface:
            mac: {{ node.interfaces[pxe_interface].mac_address }}
          power_parameters:
            power_address: {{ node.remote_management.address.rsplit('/')[0] }}
            power_password: {{ node.remote_management.pass }}
            power_type: {{ node.remote_management.type }}
            power_user: {{ node.remote_management.user }}
          architecture: {{ node.node.arch | dpkg_arch }}/generic
          distro_series: xenial
          hwe_kernel: ${_param:hwe_kernel}
          {%- if loop.index > nm.cmp001.idx %}
          disk_layout:
            type: lvm
            root_device: sda
            volume_group: vgroot
            volume_name: lvroot
            volume_size: 100
          {%- endif %}
      {%- endif %}
      {%- endfor %}
      salt_master_ip: ${_param:reclass_config_master}
      domain: ${_param:cluster_domain}
      maas_config:
        commissioning_distro_series: 'xenial'
        default_distro_series: 'xenial'
        default_osystem: 'ubuntu'
        default_storage_layout: 'lvm'
        enable_http_proxy: true
        disk_erase_with_secure_erase: false
        dnssec_validation: 'no'
        enable_third_party_drivers: true
        network_discovery: 'enabled'
        default_min_hwe_kernel: ${_param:hwe_kernel}
    cluster:
      saltstack_repo_xenial: "deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/ xenial main"
  linux:
    network:
      interface:
        mcpcontrol_interface:
          enabled: true
          name: ${_param:mcpcontrol_interface}
          type: eth
          proto: dhcp
        primary_interface:
          enabled: true
          name: ${_param:primary_interface}
          type: eth
{%- if conf.idf.fuel.jumphost.get('trunks', {}).get('mgmt', False) and (nm.vlan_mgmt | int > 0) %}
          proto: manual
          mtu: ${_param:interface_mtu}
        primary_interface_vlan:
          enabled: true
          type: vlan
          name: ${_param:primary_interface}.{{ nm.vlan_mgmt }}
          use_interfaces:
            - ${_param:primary_interface}
{%- endif %}
          proto: static
          mtu: ${_param:interface_mtu}
          address: ${_param:infra_maas_node01_address}
          netmask: ${_param:opnfv_net_mgmt_mask}
        pxe_admin_interface:
          enabled: true
          name: ${_param:pxe_admin_interface}
          mtu: ${_param:pxe_admin_interface_mtu}
          proto: static
          address: ${_param:single_address}
          netmask: ${_param:opnfv_net_admin_mask}
          type: eth