From: Narinder Gupta Date: Wed, 11 Apr 2018 21:34:01 +0000 (-0500) Subject: added ssl support based on default. X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F67%2F55467%2F8;p=joid.git added ssl support based on default. Change-Id: I0198520e43c81d7734bc3b2f4396e55c42d33e5c Signed-off-by: Narinder Gupta --- diff --git a/ci/03-maasdeploy.sh b/ci/03-maasdeploy.sh index d10e9a30..7ccb72d7 100755 --- a/ci/03-maasdeploy.sh +++ b/ci/03-maasdeploy.sh @@ -61,9 +61,9 @@ if [ "$snapinstall" -eq "0" ]; then sudo apt-add-repository ppa:maas/stable -y fi if [ "bionic" != "$opnfvdistro" ]; then - sudo apt-add-repository cloud-archive:pike -y + sudo apt-add-repository cloud-archive:queens -y if [ "aarch64" == "$NODE_ARCTYPE" ]; then - sudo add-apt-repository ppa:ubuntu-cloud-archive/pike-staging -y + sudo add-apt-repository ppa:ubuntu-cloud-archive/queens-staging -y fi fi diff --git a/ci/config_tpl/juju2/bundle_tpl/aodh.yaml b/ci/config_tpl/juju2/bundle_tpl/aodh.yaml index 1c297ce2..3402c5e9 100644 --- a/ci/config_tpl/juju2/bundle_tpl/aodh.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/aodh.yaml @@ -1,6 +1,6 @@ aodh: charm: "./{{ ubuntu.release }}/aodh" - num_units: 1 + num_units: {{ unit_qty() }} {% if os.service.bindings %} bindings: "": *oam-space @@ -11,6 +11,19 @@ {% endif %} options: openstack-origin: *openstack-origin +{% if os.ha.mode == 'ha' %} + vip: *aodh-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_aodh_public + os-internal-hostname: *hostname_aodh_public + os-admin-hostname: *hostname_aodh_public +{% endif %} to: - - "lxd:nodes/0" +{% for unit_id in to_select() %} + - "lxd:nodes/{{ unit_id }}" +{% endfor %} {# Empty block to avoid bad block trim #} diff --git a/ci/config_tpl/juju2/bundle_tpl/bundle.yaml b/ci/config_tpl/juju2/bundle_tpl/bundle.yaml index 8c248ce0..1f4dd0c9 100644 --- a/ci/config_tpl/juju2/bundle_tpl/bundle.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/bundle.yaml @@ -57,6 +57,7 @@ {% include 'rabbitmq.yaml' %} {% include 'neutron-api.yaml' %} {% include 'heat.yaml' %} +{% include 'designate.yaml' %} {% if os.network.controller != 'ocl' %} {% include 'neutron-gateway.yaml' %} {% include 'ceilometer.yaml' %} diff --git a/ci/config_tpl/juju2/bundle_tpl/ceilometer.yaml b/ci/config_tpl/juju2/bundle_tpl/ceilometer.yaml index 33bbbd8a..1a6b4cd0 100644 --- a/ci/config_tpl/juju2/bundle_tpl/ceilometer.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/ceilometer.yaml @@ -1,23 +1,42 @@ gnocchi: charm: ./{{ ubuntu.release }}/gnocchi - num_units: 1 + num_units: {{ unit_qty() }} {% if os.service.bindings %} bindings: - "": *internal-space + "": *oam-space + public: *public-space + admin: *admin-space + internal: *internal-space {% endif %} options: openstack-origin: *openstack-origin +{% if os.ha.mode == 'ha' %} + vip: *gnocchi-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_gnocchi_public + os-internal-hostname: *hostname_gnocchi_public + os-admin-hostname: *hostname_gnocchi_public +{% endif %} to: - - "lxd:nodes/0" +{% for unit_id in to_select() %} + - "lxd:nodes/{{ unit_id }}" +{% endfor %} memcached: charm: ./{{ ubuntu.release }}/memcached - num_units: 1 + num_units: 2 {% if os.service.bindings %} bindings: "": *internal-space {% endif %} + options: + allow-ufw-ip6-softfail: True to: - - "lxd:nodes/0" + - "designate-bind/0" + - "designate-bind/1" ceilometer: charm: "./{{ ubuntu.release }}/ceilometer" num_units: {{ unit_qty() }} @@ -32,7 +51,15 @@ openstack-origin: *openstack-origin region: *openstack-region {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.ceilometer }} + vip: *ceilometer-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_ceilometer_public + os-internal-hostname: *hostname_ceilometer_public + os-admin-hostname: *hostname_ceilometer_public {% endif %} to: {% for unit_id in to_select() %} diff --git a/ci/config_tpl/juju2/bundle_tpl/ceph.yaml b/ci/config_tpl/juju2/bundle_tpl/ceph.yaml index b8948e61..c46abeb9 100644 --- a/ci/config_tpl/juju2/bundle_tpl/ceph.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/ceph.yaml @@ -90,7 +90,15 @@ ceph-osd-replication-count: {{ unit_ceph_qty() }} {% endif %} {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.radosgw }} + vip: *rados-gateway-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_radosgw_public + os-admin-hostname: *hostname_radosgw_public + os-internal-hostname: *hostname_radosgw_public {% endif %} to: {% for unit_id in to_select(unit_qty()) %} diff --git a/ci/config_tpl/juju2/bundle_tpl/cinder.yaml b/ci/config_tpl/juju2/bundle_tpl/cinder.yaml index 12b6acc6..f7aee301 100644 --- a/ci/config_tpl/juju2/bundle_tpl/cinder.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/cinder.yaml @@ -32,7 +32,15 @@ ceph-osd-replication-count: {{ unit_ceph_qty() }} {% endif %} {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.cinder }} + vip: *cinder-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_cinder_public + os-internal-hostname: *hostname_cinder_public + os-admin-hostname: *hostname_cinder_public {% endif %} to: {% if opnfv.storage_dict.scaleio is defined %} diff --git a/ci/config_tpl/juju2/bundle_tpl/designate.yaml b/ci/config_tpl/juju2/bundle_tpl/designate.yaml new file mode 100644 index 00000000..fa727413 --- /dev/null +++ b/ci/config_tpl/juju2/bundle_tpl/designate.yaml @@ -0,0 +1,47 @@ + designate: + charm: "./{{ ubuntu.release }}/designate" + num_units: {{ unit_qty() }} +{% if os.service.bindings %} + bindings: + "": *oam-space + public: *public-space + admin: *admin-space + internal: *internal-space + shared-db: *internal-space +{% endif %} + options: + openstack-origin: *openstack-origin +{% if os.git_repo.origin_git %} + openstack-origin-git: "{{ os.git_repo.branch }}" +{% endif %} + region: *openstack-region +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_keystone_public + os-internal-hostname: *hostname_keystone_public + os-admin-hostname: *hostname_keystone_public +{% endif %} +{% if os.network.ipv6 %} + prefer-ipv6: {{ os.network.ipv6 }} +{% endif %} +{% if os.api.worker_multiplier %} + worker-multiplier: *worker-multiplier +{% endif %} +{% if os.ha.mode == 'ha' %} + vip: *designate-vip +{% endif %} + to: +{% for unit_id in to_select() %} + - "lxd:nodes/{{ unit_id }}" +{% endfor %} + designate-bind: + charm: "./{{ ubuntu.release }}/designate-bind" + num_units: 2 + bindings: + "": *internal-space + to: + - lxd:nodes/0 + - lxd:nodes/1 + diff --git a/ci/config_tpl/juju2/bundle_tpl/glance.yaml b/ci/config_tpl/juju2/bundle_tpl/glance.yaml index e765bc30..cc98ad35 100644 --- a/ci/config_tpl/juju2/bundle_tpl/glance.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/glance.yaml @@ -24,7 +24,15 @@ ceph-osd-replication-count: {{ unit_ceph_qty() }} {% endif %} {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.glance }} + vip: *glance-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_glance_public + os-internal-hostname: *hostname_glance_public + os-admin-hostname: *hostname_glance_public {% endif %} to: {% for unit_id in to_select() %} diff --git a/ci/config_tpl/juju2/bundle_tpl/haclusters.yaml b/ci/config_tpl/juju2/bundle_tpl/haclusters.yaml index 26ea2867..093c9499 100644 --- a/ci/config_tpl/juju2/bundle_tpl/haclusters.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/haclusters.yaml @@ -73,7 +73,6 @@ {% if os.network.ipv6 %} prefer-ipv6: {{ os.network.ipv6 }} {% endif %} -{% if os.beta.hacluster_ceph_radosgw %} hacluster-ceph-radosgw: charm: "./{{ ubuntu.release }}/hacluster" options: @@ -82,4 +81,27 @@ {% if os.network.ipv6 %} prefer-ipv6: {{ os.network.ipv6 }} {% endif %} + hacluster-aodh: + charm: "./{{ ubuntu.release }}/hacluster" + options: + corosync_transport: unicast + cluster_count: 3 +{% if os.network.ipv6 %} + prefer-ipv6: {{ os.network.ipv6 }} +{% endif %} + hacluster-gnocchi: + charm: "./{{ ubuntu.release }}/hacluster" + options: + corosync_transport: unicast + cluster_count: 3 +{% if os.network.ipv6 %} + prefer-ipv6: {{ os.network.ipv6 }} +{% endif %} + hacluster-designate: + charm: "./{{ ubuntu.release }}/hacluster" + options: + corosync_transport: unicast + cluster_count: 3 +{% if os.network.ipv6 %} + prefer-ipv6: {{ os.network.ipv6 }} {% endif %} diff --git a/ci/config_tpl/juju2/bundle_tpl/harelations.yaml b/ci/config_tpl/juju2/bundle_tpl/harelations.yaml index e5274ed8..60652fe6 100644 --- a/ci/config_tpl/juju2/bundle_tpl/harelations.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/harelations.yaml @@ -11,4 +11,7 @@ - [ 'nova-cloud-controller:ha', 'hacluster-nova:ha' ] - [ 'openstack-dashboard:ha', 'hacluster-horizon:ha' ] - [ 'ceph-radosgw:ha', 'hacluster-ceph-radosgw:ha' ] + - [ 'aodh:ha', 'hacluster-aodh:ha' ] + - [ 'gnocchi:ha', 'hacluster-gnocchi:ha' ] + - [ 'designate:ha', 'hacluster-designate:ha' ] {% endif %} diff --git a/ci/config_tpl/juju2/bundle_tpl/heat.yaml b/ci/config_tpl/juju2/bundle_tpl/heat.yaml index bff431d3..83497747 100644 --- a/ci/config_tpl/juju2/bundle_tpl/heat.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/heat.yaml @@ -18,7 +18,15 @@ {% endif %} worker-multiplier: *worker-multiplier {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.heat }} + vip: *heat-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_heat_public + os-internal-hostname: *hostname_heat_public + os-admin-hostname: *hostname_heat_public {% endif %} to: {% for unit_id in to_select() %} diff --git a/ci/config_tpl/juju2/bundle_tpl/keystone.yaml b/ci/config_tpl/juju2/bundle_tpl/keystone.yaml index 1c6b78f6..6450060e 100644 --- a/ci/config_tpl/juju2/bundle_tpl/keystone.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/keystone.yaml @@ -18,6 +18,16 @@ admin-role: {{ os.admin.role }} keystone-admin-role: {{ os.admin.role }} preferred-api-version: 3 +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + #use-https: 'yes' + #https-service-endpoints: 'True' + os-public-hostname: *hostname_keystone_public + os-internal-hostname: *hostname_keystone_public + os-admin-hostname: *hostname_keystone_public +{% endif %} {% if os.network.ipv6 %} prefer-ipv6: {{ os.network.ipv6 }} {% endif %} @@ -27,7 +37,7 @@ admin-password: {{ opnfv.admin_password | default(os.admin.password) }} admin-token: {{ os.admin.name }} {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.keystone }} + vip: *keystone-vip {% endif %} to: {% for unit_id in to_select() %} diff --git a/ci/config_tpl/juju2/bundle_tpl/mysql.yaml b/ci/config_tpl/juju2/bundle_tpl/mysql.yaml index f7ecc708..72d1311c 100644 --- a/ci/config_tpl/juju2/bundle_tpl/mysql.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/mysql.yaml @@ -23,7 +23,7 @@ prefer-ipv6: {{ os.network.ipv6 }} {% endif %} {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.mysql }} + vip: *mysql-vip {% endif %} min-cluster-size: {{ unit_qty() }} to: diff --git a/ci/config_tpl/juju2/bundle_tpl/neutron-api.yaml b/ci/config_tpl/juju2/bundle_tpl/neutron-api.yaml index f6daca52..f7ea60a5 100644 --- a/ci/config_tpl/juju2/bundle_tpl/neutron-api.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/neutron-api.yaml @@ -21,7 +21,7 @@ prefer-ipv6: {{ os.network.ipv6 }} {% endif %} {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.neutron }} + vip: *neutron-api-vip {% endif %} {% if os.network.controller == 'nosdn' %} flat-network-providers: physnet1 @@ -46,6 +46,14 @@ {% endif %} {% if os.network.l2_population %} l2-population: true +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_neutron_public + os-internal-hostname: *hostname_neutron_public + os-admin-hostname: *hostname_neutron_public {% endif %} to: {% for unit_id in to_select() %} diff --git a/ci/config_tpl/juju2/bundle_tpl/neutron-ovs.yaml b/ci/config_tpl/juju2/bundle_tpl/neutron-ovs.yaml index 7714456a..931a0060 100644 --- a/ci/config_tpl/juju2/bundle_tpl/neutron-ovs.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/neutron-ovs.yaml @@ -23,6 +23,7 @@ {% if os.network.controller == 'nosdn' %} bridge-mappings: physnet1:br-data data-port: *data-port + #enable-local-dhcp-and-metadata: true {% else %} ext-port: {{ opnfv.ext_port }} {% endif %} diff --git a/ci/config_tpl/juju2/bundle_tpl/nova-cloud-controller.yaml b/ci/config_tpl/juju2/bundle_tpl/nova-cloud-controller.yaml index bfb4c27d..a31db8a5 100644 --- a/ci/config_tpl/juju2/bundle_tpl/nova-cloud-controller.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/nova-cloud-controller.yaml @@ -25,7 +25,15 @@ prefer-ipv6: {{ os.network.ipv6 }} {% endif %} {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.nova }} + vip: *nova-cc-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_nova_public + os-internal-hostname: *hostname_nova_public + os-admin-hostname: *hostname_nova_public {% endif %} {% if opnfv.domain is defined %} #console-proxy-ip: {{ opnfv.domain }} diff --git a/ci/config_tpl/juju2/bundle_tpl/openstack-dashboard.yaml b/ci/config_tpl/juju2/bundle_tpl/openstack-dashboard.yaml index 87fe85e9..ce340f71 100644 --- a/ci/config_tpl/juju2/bundle_tpl/openstack-dashboard.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/openstack-dashboard.yaml @@ -22,7 +22,15 @@ prefer-ipv6: {{ os.network.ipv6 }} {% endif %} {% if os.ha.mode == 'ha' %} - vip: {{ opnfv.vip.dashboard }} + vip: *dashboard-vip +{% endif %} +{% if os.api.ssl %} + ssl_ca: *ssl_ca + ssl_cert: *ssl_cert + ssl_key: *ssl_key + os-public-hostname: *hostname_dashboard_public + os-internal-hostname: *hostname_dashboard_public + os-admin-hostname: *hostname_dashboard_public {% endif %} to: {% for unit_id in to_select() %} diff --git a/ci/config_tpl/juju2/bundle_tpl/relations.yaml b/ci/config_tpl/juju2/bundle_tpl/relations.yaml index e9827b9e..04ce15ef 100644 --- a/ci/config_tpl/juju2/bundle_tpl/relations.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/relations.yaml @@ -65,6 +65,11 @@ - [ 'aodh:amqp', 'rabbitmq-server:amqp' ] - [ 'aodh:shared-db', 'mysql:shared-db' ] - [ 'aodh:identity-service', 'keystone:identity-service' ] + - [ designate, mysql ] + - [ designate, designate-bind ] + - [ designate, keystone ] + - [ designate, rabbitmq-server ] + - [ designate, memcached ] {% if os.lxd %} - [ 'nova-compute:lxd', 'lxd:lxd' ] {% endif %} diff --git a/ci/config_tpl/juju2/bundle_tpl/spaces.yaml b/ci/config_tpl/juju2/bundle_tpl/spaces.yaml index 3023dfc0..5ac8018d 100644 --- a/ci/config_tpl/juju2/bundle_tpl/spaces.yaml +++ b/ci/config_tpl/juju2/bundle_tpl/spaces.yaml @@ -66,3 +66,40 @@ {% endif %} osd-journal: &osd-journal +{% if os.ha.mode == 'ha' %} + # Various VIPs + aodh-vip: &aodh-vip {{ opnfv.vip.aodh }} + ceilometer-vip: &ceilometer-vip {{ opnfv.vip.ceilometer }} + cinder-vip: &cinder-vip {{ opnfv.vip.cinder }} + dashboard-vip: &dashboard-vip {{ opnfv.vip.dashboard }} + designate-vip: &designate-vip {{ opnfv.vip.designate }} + glance-vip: &glance-vip {{ opnfv.vip.glance }} + gnocchi-vip: &gnocchi-vip {{ opnfv.vip.gnocchi }} + heat-vip: &heat-vip {{ opnfv.vip.heat }} + keystone-vip: &keystone-vip {{ opnfv.vip.keystone }} + mysql-vip: &mysql-vip {{ opnfv.vip.mysql }} + neutron-api-vip: &neutron-api-vip {{ opnfv.vip.neutron }} + nova-cc-vip: &nova-cc-vip {{ opnfv.vip.nova }} + rados-gateway-vip: &rados-gateway-vip {{ opnfv.vip.radosgw }} +{% endif %} + +{% if os.api.ssl %} + ssl_ca: &ssl_ca include-base64://ssl/ca.crt + ssl_cert: &ssl_cert include-base64://ssl/maas.crt + ssl_key: &ssl_key include-base64://ssl/maas.key + + hostname_aodh_public: &hostname_aodh_public aodh.maas + hostname_ceilometer_public: &hostname_ceilometer_public ceilometer.maas + hostname_cinder_public: &hostname_cinder_public cinder.maas + hostname_dashboard_public: &hostname_dashboard_public openstack-dashboard.maas + hostname_designate_public: &hostname_designate_public designate.maas + hostname_glance_public: &hostname_glance_public glance.maas + hostname_gnocchi_public: &hostname_gnocchi_public gnocchi.maas + hostname_heat_public: &hostname_heat_public heat.maas + hostname_keystone_public: &hostname_keystone_public keystone.maas + hostname_rabbitmq: &hostname_rabbitmq rabbitmq.maas + hostname_neutron_public: &hostname_neutron_public neutron-api.maas + hostname_nova_public: &hostname_nova_public nova-cloud-controller.maas + hostname_radosgw_public: &hostname_radosgw_public rados-gateway.maas +{% endif %} + diff --git a/ci/config_tpl/juju2/deployconfig.yaml b/ci/config_tpl/juju2/deployconfig.yaml index f94154cd..2d59b88a 100644 --- a/ci/config_tpl/juju2/deployconfig.yaml +++ b/ci/config_tpl/juju2/deployconfig.yaml @@ -46,25 +46,32 @@ opnfv: units: {{ lab.racks[0].nodes|count }} vip: {% if opnfv.spaces_dict.public is defined %} + aodh: {{ netpublic_prefix }}33 {{ net_prefix }}33 + ceilometer: {{ netpublic_prefix }}24 {{ net_prefix }}24 + cinder: {{ netpublic_prefix }}29 {{ net_prefix }}29 dashboard: {{ netpublic_prefix }}21 {{ net_prefix }}21 + designate: {{ netpublic_prefix }}32 {{ net_prefix }}32 glance: {{ netpublic_prefix }}22 {{ net_prefix }}22 + gnocchi: {{ netpublic_prefix }}31 {{ net_prefix }}31 + heat: {{ netpublic_prefix }}28 {{ net_prefix }}28 keystone: {{ netpublic_prefix }}23 {{ net_prefix }}23 - ceilometer: {{ netpublic_prefix }}24 {{ net_prefix }}24 mysql: {{ net_prefix }}25 - nova: {{ netpublic_prefix }}26 {{ net_prefix }}26 neutron: {{ netpublic_prefix }}27 {{ net_prefix }}27 - heat: {{ netpublic_prefix }}28 {{ net_prefix }}28 - cinder: {{ netpublic_prefix }}29 {{ net_prefix }}29 + nova: {{ netpublic_prefix }}26 {{ net_prefix }}26 radosgw: {{ netpublic_prefix }}30 {{ net_prefix }}30 {% else %} + aodh: {{ net_prefix }}33 + ceilometer: {{ net_prefix }}24 + cinder: {{ net_prefix }}29 dashboard: {{ net_prefix }}21 + designate: {{ net_prefix }}32 glance: {{ net_prefix }}22 + gnocchi: {{ net_prefix }}31 + heat: {{ net_prefix }}28 keystone: {{ net_prefix }}23 - ceilometer: {{ net_prefix }}24 mysql: {{ net_prefix }}25 - nova: {{ net_prefix }}26 neutron: {{ net_prefix }}27 - heat: {{ net_prefix }}28 - cinder: {{ net_prefix }}29 + nova: {{ net_prefix }}26 radosgw: {{ net_prefix }}30 {% endif %} + diff --git a/ci/default_deployment_config.yaml b/ci/default_deployment_config.yaml index 587c39a1..f4006128 100644 --- a/ci/default_deployment_config.yaml +++ b/ci/default_deployment_config.yaml @@ -1,10 +1,10 @@ ubuntu: release: xenial os: - release: pike + release: queens git_repo: origin_git: False - branch: pike + branch: queens hyperconverged: True ha: mode: ha @@ -14,6 +14,7 @@ os: api: worker_multiplier: 1.0 haproxy_timeout: 10000 + ssl: False admin: role: admin name: admin @@ -27,7 +28,6 @@ os: ipv6: False l2_population: False beta: - hacluster_ceph_radosgw: True huge_pages: False cpu_pin: False cpu_pin_set: all diff --git a/ci/deploy.sh b/ci/deploy.sh index 741ad207..30eda410 100755 --- a/ci/deploy.sh +++ b/ci/deploy.sh @@ -9,7 +9,7 @@ source common/tools.sh opnfvsdn=nosdn opnfvtype=noha -openstack=pike +openstack=queens opnfvlab=default opnfvlabfile= opnfvrel=e @@ -23,7 +23,7 @@ maasinstall=0 usage() { echo "Usage: $0 [-s|--sdn ] [-t|--type ] - [-o|--openstack ] + [-o|--openstack ] [-l|--lab ] [-f|--feature ] [-d|--distro ] diff --git a/ci/genBundle.py b/ci/genBundle.py index 2bd62db8..de0f879e 100644 --- a/ci/genBundle.py +++ b/ci/genBundle.py @@ -202,6 +202,8 @@ if 'hugepages' in extra: config['os']['beta']['cpu_pin'] = True if 'ocata' in extra: config['os']['release'] = 'ocata' +if 'pike' in extra: + config['os']['release'] = 'pike' if 'trusty' in extra: config['ubuntu']['release'] = 'trusty' if 'ocata' in extra: diff --git a/ci/nosdn/fetch-charms.sh b/ci/nosdn/fetch-charms.sh index a38518fe..c2dc48af 100755 --- a/ci/nosdn/fetch-charms.sh +++ b/ci/nosdn/fetch-charms.sh @@ -34,6 +34,8 @@ git clone -b stable/18.02 https://github.com/openstack/charm-heat.git $distro/he git clone -b stable/18.02 https://github.com/openstack/charm-lxd.git $distro/lxd git clone https://github.com/openbaton/juju-charm.git $distro/openbaton ++charm pull cs:designate $distro/designate ++charm pull cs:designate-bind $distro/designate-bind charm pull cs:memcached $distro/memcached charm pull cs:gnocchi $distro/gnocchi charm pull cs:$distro/aodh $distro/aodh diff --git a/ci/openstack.sh b/ci/openstack.sh index 3c8f9757..139a0dfc 100755 --- a/ci/openstack.sh +++ b/ci/openstack.sh @@ -62,7 +62,7 @@ keystoneIp() { if [ $(juju status keystone --format=short | grep " keystone"|wc -l) == 1 ];then unitAddress keystone 0 else - juju config keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)['settings']['vip']['value']" | cut -d " " -f 1 + juju config keystone vip | cut -d " " -f 1 fi } @@ -71,13 +71,26 @@ create_openrc() { echo_info "Creating the openrc (OpenStack client environment scripts)" mkdir -m 0700 -p cloud - keystoneIp=$(keystoneIp) - adminPasswd=$(juju config keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)['settings']['admin-password']['value']" | cut -d " " -f 1) + usessl=$(juju config keystone ssl_ca) + if [[ "$usessl" == "" ]]; then + usessl=no + else + usessl=yes + fi + keystoneIp=$(juju config keystone os-public-hostname | cut -d " " -f 1) + if [[ "$keystoneIp" == "" ]]; then + keystoneIp=$(keystoneIp) + fi + adminPasswd=$(juju config keystone admin-password | cut -d " " -f 1) - v3api=`juju config keystone preferred-api-version` + v3api=$(juju config keystone preferred-api-version) if [[ "$v3api" == "3" ]]; then - configOpenrc admin $adminPasswd admin http://$keystoneIp:5000/v3 RegionOne publicURL > ~/joid_config/admin-openrc + if [ "$usessl" == "yes" ]; then + configOpenrc admin $adminPasswd admin https://$keystoneIp:5000/v3 RegionOne publicURL > ~/joid_config/admin-openrc + else + configOpenrc admin $adminPasswd admin http://$keystoneIp:5000/v3 RegionOne publicURL > ~/joid_config/admin-openrc + fi chmod 0600 ~/joid_config/admin-openrc source ~/joid_config/admin-openrc projectid=`openstack project show admin -c id -f value` @@ -105,6 +118,7 @@ EOF } configOpenrc() { +if [ "$usessl" == "yes" ]; then cat <<-EOF #export OS_NO_CACHE='true' export OS_AUTH_URL=$4 @@ -117,11 +131,31 @@ export OS_PASSWORD=$2 export OS_IDENTITY_API_VERSION=3 export OS_REGION_NAME=$5 export OS_INTERFACE=public -#export OS_INSECURE=true -#export OS_CASSL=~/joid_config/ca.pem +export OS_CACERT=~/joid_config/keystone_juju_ca_cert.crt EOF +else +cat <<-EOF +#export OS_NO_CACHE='true' +export OS_AUTH_URL=$4 +export OS_USER_DOMAIN_NAME=admin_domain +export OS_PROJECT_DOMAIN_NAME=admin_domain +export OS_USERNAME=$1 +export OS_TENANT_NAME=$3 +export OS_PROJECT_NAME=$3 +export OS_PASSWORD=$2 +export OS_IDENTITY_API_VERSION=3 +export OS_REGION_NAME=$5 +export OS_INTERFACE=public +#export OS_CACERT=~/joid_config/bradm.etsi-ubuntu-jh.maas.pem +EOF +fi } + +if [ "$usessl" == "yes" ]; then + juju scp keystone/0:/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt ~/joid_config/ +fi + # Create an load openrc create_openrc diff --git a/juju/get-cloud-images b/juju/get-cloud-images index 9711b793..5e3d7606 100755 --- a/juju/get-cloud-images +++ b/juju/get-cloud-images @@ -16,16 +16,13 @@ fi if grep -q 'virt-type: lxd' bundles.yaml; then URLS=" \ - http://download.cirros-cloud.net/daily/20161201/cirros-dl161201-$NODE_ARCTYPE-lxc.tar.gz \ - http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-$NODE_ARCHES-root.tar.gz " - -else - URLS=" \ + http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-$NODE_ARCTYPE-lxc.tar.gz \ + http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-$NODE_ARCHES-root.tar.gz \ http://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-$NODE_ARCHES-uefi1.img \ http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-$NODE_ARCHES-uefi1.img \ http://mirror.catn.com/pub/catn/images/qcow2/centos6.4-x86_64-gold-master.img \ http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 \ - http://download.cirros-cloud.net/daily/20161201/cirros-dl161201-$NODE_ARCTYPE-disk.img " + http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-$NODE_ARCTYPE-disk.img \ fi for URL in $URLS