Initial mega commit of Kayobe

.gitignore

@@ -13,3 +13,13 @@ ansible/*.retry
 # Others
 .DS_Store
 .vimrc
+
+# Ansible Galaxy roles
+ansible/roles/ahuffman.resolv/
+ansible/roles/jriguera.configdrive/
+ansible/roles/MichaelRigart.interfaces/
+ansible/roles/resmo.ntp/
+ansible/roles/yatesr.timezone/
+
+# Virtualenv
+ansible/kolla-venv

PROBLEMS

@@ -4,6 +4,8 @@ ansible PTY allocation request failed
 In /var/log/secure: Unable to open pty: No such file or directory
 none            /dev/pts        devpts        gid=5,mode=620    0 0
 
+Seems to be when using docker cp.
+
 Kolla patches
 =============
 
@@ -13,3 +15,38 @@ Ironic inspector
 ================
 
 Failed to start due to iptables error.
+See https://bugs.launchpad.net/kolla/+bug/1624457.
+
+Bare metal provisioning
+=======================
+
+- Neutron external network needs configuring and an IP.
+    - install bridge-utils
+    - create br-eth0 with ip, eth0 without IP
+    - create veth pair, set up
+    - plug one end into br-eth0
+    - set neutron_external_interface=patch-br-ex in globals.yml
+
+- Provisioning network different from API network.
+  Likely we can use the same network for this in future.
+    - added to /etc/kolla/ironic-conductor/ironic.conf:
+      [DEFAULT]
+      api_url=http://<provision_ip>:6385
+      [pxe]
+      tftp_server=<provision_ip>
+
+    - add to /etc/kolla/haproxy/haproxy.cfg:
+      listen ironic_pxe_api
+      bind 10.122.100.252:6385
+      server stg-alaska 10.121.100.252:6385 check inter 2000 rise 2 fall 5
+
+- iscsi_tcp modprobe required
+
+- ironic.conf: [agent]deploy_logs_local_path=/var/log/kolla/ironic/deploy
+
+Bifrost
+=======
+
+- Set log_dir=/var/log/kolla/ironic in ironic.conf
+- Create kolla_logs/ironic, chown ironic:ironic
+- os_ironic module will not access root_device property.

Vagrantfile

+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure("2") do |config|
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://atlas.hashicorp.com/search.
+  config.vm.box = "centos/7"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  # config.vm.network "private_network", ip: "192.168.33.10"
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  # config.vm.network "public_network"
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  # config.vm.synced_folder "../data", "/vagrant_data"
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+  config.vm.provider "virtualbox" do |vb|
+    # Display the VirtualBox GUI when booting the machine
+    #vb.gui = true
+  
+    # Customize the amount of memory on the VM:
+    vb.memory = "4096"
+  end
+  #
+  # View the documentation for the provider you are using for more
+  # information on available options.
+
+  # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+  # such as FTP and Heroku are also available. See the documentation at
+  # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+  # config.push.define "atlas" do |push|
+  #   push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+  # end
+
+  # Enable provisioning with a shell script. Additional provisioners such as
+  # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+  # documentation for more information about their specific syntax and use.
+  # config.vm.provision "shell", inline: <<-SHELL
+  #   apt-get update
+  #   apt-get install -y apache2
+  # SHELL
+end

ansible/bootstrap.yml

+---
+- name: Ensure configuration management host is bootstrapped
+  hosts: config-mgmt
+  roles:
+    - role: bootstrap

ansible/disable-selinux.yml

+---
+- name: Disable SELinux and reboot if required
+  hosts: controllers:seed
+  roles:
+    - role: disable-selinux

ansible/docker.yml

+---
+- name: Ensure docker is configured
+  hosts: docker
+  roles:
+    - role: docker

ansible/dump-config.yml

+---
+- hosts: all
+  gather_facts: "{{ gather_facts | default(False) }}"
+  vars:
+    dump_config_path: /tmp/kayobe-dump-config
+  tasks:
+    - name: Create configuration dump directory
+      file:
+        path: "{{ dump_config_path }}"
+        state: directory
+
+    - name: Write host config to file
+      local_action:
+        module: copy
+        content: "{{ hostvars[inventory_hostname] | to_nice_yaml }}"
+        dest: "{{ dump_config_path }}/{{ inventory_hostname }}.yml"
+
+    - name: Write merged config to file
+      local_action:
+        module: copy
+        content: "{{ hostvars | merge_config | to_nice_yaml }}"
+        dest: "{{ dump_config_path }}/merged.yml

ansible/filter_plugins/networks.py

+from ansible import errors
+import jinja2
+import netaddr
+
+
+def _get_hostvar(context, var_name, inventory_hostname=None):
+    if inventory_hostname is None:
+        namespace = context
+    else:
+        if inventory_hostname not in context['hostvars']:
+            raise errors.AnsibleFilterError(
+                "Inventory hostname '%s' not in hostvars" % inventory_hostname)
+        namespace = context["hostvars"][inventory_hostname]
+    return namespace.get(var_name)
+
+
+@jinja2.contextfilter
+def net_attr(context, name, attr, inventory_hostname=None):
+    var_name = "%s_%s" % (name, attr)
+    return _get_hostvar(context, var_name, inventory_hostname)
+
+
+def _make_attr_filter(attr):
+    @jinja2.contextfilter
+    def func(context, name, inventory_hostname=None):
+        return net_attr(context, name, attr, inventory_hostname)
+    return func
+
+
+@jinja2.contextfilter
+def net_vip_address(context, name, inventory_hostname=None):
+    return net_attr(context, name, 'vip_address', inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_ip(context, name, inventory_hostname=None):
+    ips = net_attr(context, name, 'ips', inventory_hostname)
+    if ips:
+        if inventory_hostname is None:
+            inventory_hostname = _get_hostvar(context, "inventory_hostname")
+        return ips.get(inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_interface(context, name, inventory_hostname=None):
+    return net_attr(context, name, 'interface', inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_cidr(context, name, inventory_hostname=None):
+    return net_attr(context, name, 'cidr', inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_gateway(context, name, inventory_hostname=None):
+    return net_attr(context, name, 'gateway', inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_allocation_pool_start(context, name, inventory_hostname=None):
+    return net_attr(context, name, 'allocation_pool_start', inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_allocation_pool_end(context, name, inventory_hostname=None):
+    return net_attr(context, name, 'allocation_pool_end', inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_vlan(context, name, inventory_hostname=None):
+    return net_attr(context, name, 'vlan', inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_bridge_ports(context, name, inventory_hostname=None):
+    return net_attr(context, name, 'bridge_ports', inventory_hostname)
+
+
+@jinja2.contextfilter
+def net_interface_obj(context, name, inventory_hostname=None):
+    device = net_interface(context, name, inventory_hostname)
+    if not device:
+        raise errors.AnsibleFilterError(
+            "Network interface for network '%s' on host '%s' not found" %
+            (name, inventory_hostname))
+    ip = net_ip(context, name, inventory_hostname)
+    cidr = net_cidr(context, name, inventory_hostname)
+    netmask = str(netaddr.IPNetwork(cidr).netmask)
+    gateway = net_gateway(context, name, inventory_hostname)
+    vlan = net_vlan(context, name, inventory_hostname)
+    interface = {
+        'device': device,
+        'address': ip,
+        'netmask': netmask,
+        'gateway': gateway,
+        'vlan': vlan,
+        'bootproto': 'static',
+        'onboot': 'yes',
+    }
+    interface = {k: v for k, v in interface.items() if v is not None}
+    return interface
+
+
+@jinja2.contextfilter
+def net_bridge_obj(context, name, inventory_hostname=None):
+    device = net_interface(context, name, inventory_hostname)
+    if not device:
+        raise errors.AnsibleFilterError(
+            "Network interface for network '%s' on host '%s' not found" %
+            (name, inventory_hostname))
+    ip = net_ip(context, name, inventory_hostname)
+    cidr = net_cidr(context, name, inventory_hostname)
+    netmask = str(netaddr.IPNetwork(cidr).netmask)
+    gateway = net_gateway(context, name, inventory_hostname)
+    vlan = net_vlan(context, name, inventory_hostname)
+    ports = net_bridge_ports(context, name, inventory_hostname)
+    interface = {
+        'device': device,
+        'address': ip,
+        'netmask': netmask,
+        'gateway': gateway,
+        'vlan': vlan,
+        'ports': ports,
+        'bootproto': 'static',
+        'onboot': 'yes',
+    }
+    interface = {k: v for k, v in interface.items() if v is not None}
+    return interface
+
+
+@jinja2.contextfilter
+def net_is_ether(context, name, inventory_hostname=None):
+    return net_bridge_ports(context, name) is None
+
+
+@jinja2.contextfilter
+def net_is_bridge(context, name, inventory_hostname=None):
+    return net_bridge_ports(context, name) is not None
+
+
+@jinja2.contextfilter
+def net_select_ethers(context, names):
+    return [name for name in names if net_is_ether(context, name)]
+
+
+@jinja2.contextfilter
+def net_select_bridges(context, names):
+    return [name for name in names if net_is_bridge(context, name)]
+
+
+@jinja2.contextfilter
+def net_configdrive_network_device(context, name, inventory_hostname=None):
+    device = net_interface(context, name, inventory_hostname)
+    if not device:
+        raise errors.AnsibleFilterError(
+            "Network interface for network '%s' on host '%s' not found" %
+            (name, inventory_hostname))
+    ip = net_ip(context, name, inventory_hostname)
+    cidr = net_cidr(context, name, inventory_hostname)
+    netmask = str(netaddr.IPNetwork(cidr).netmask) if cidr is not None else None
+    gateway = net_gateway(context, name, inventory_hostname)
+    bootproto = 'static' if ip is not None else 'dhcp'
+    interface = {
+        'device': device,
+        'address': ip,
+        'netmask': netmask,
+        'gateway': gateway,
+        'bootproto': bootproto,
+    }
+    interface = {k: v for k, v in interface.items() if v is not None}
+    return interface
+
+
+class FilterModule(object):
+    """Networking filters."""
+
+    def filters(self):
+        return {
+            'net_attr': net_attr,
+            'net_vip_address': net_vip_address,
+            'net_fqdn': _make_attr_filter('fqdn'),
+            'net_ip': net_ip,
+            'net_interface': net_interface,
+            'net_cidr': net_cidr,
+            'net_gateway': net_gateway,
+            'net_allocation_pool_start': net_allocation_pool_start,
+            'net_allocation_pool_end': net_allocation_pool_end,
+            'net_vlan': net_vlan,
+            'net_interface_obj': net_interface_obj,
+            'net_bridge_obj': net_bridge_obj,
+            'net_is_ether': net_is_ether,
+            'net_is_bridge': net_is_bridge,
+            'net_select_ethers': net_select_ethers,
+            'net_select_bridges': net_select_bridges,
+            'net_configdrive_network_device': net_configdrive_network_device,
+        }

ansible/group_vars/all/bifrost

+---
+# Kayobe configuration for Bifrost.
+
+###############################################################################
+# Diskimage-builder configuration.
+
+# DIB base OS element.
+kolla_bifrost_dib_os_element: "centos7"
+
+# List of DIB elements.
+kolla_bifrost_dib_elements:
+  - "serial-console"
+  - "vm"
+
+# DIB init element.
+kolla_bifrost_dib_init_element: "cloud-init-datasources"
+
+# DIB environment variables.
+kolla_bifrost_dib_env_vars:
+  DIB_CLOUD_INIT_DATASOURCES: "ConfigDrive"
+
+# List of DIB packages to install.
+kolla_bifrost_dib_packages: []
+
+###############################################################################
+# Ironic configuration.
+
+# Whether to enable ipmitool-based drivers.
+kolla_bifrost_enable_ipmitool_drivers: true
+
+###############################################################################
+# Inventory configuration.
+
+# Server inventory for Bifrost.
+kolla_bifrost_servers: {}

ansible/group_vars/all/dns

+---
+###############################################################################
+# DNS.
+
+# List of DNS nameservers.
+resolv_nameservers:
+  - 8.8.8.8
+  - 8.8.4.4
+
+# DNS domain suffix.
+#resolv_domain:
+
+# List of DNS search suffixes.
+#resolv_search:
+
+# List of IP address and netmask pairs to sort addresses returned by
+# gethostbyname.
+#resolv_sortlist:
+
+# List of DNS options.
+#resolv_options:

ansible/group_vars/all/globals

+---
+# Kayobe global configuration.
+
+###############################################################################
+# Miscellaneous configuration.
+
+# Path to Kayobe configuration directory.
+kayobe_config_path: "{{ lookup('env', 'KAYOBE_CONFIG_PATH') | default('/etc/kayobe') }}"
+
+# Path in which to cache downloaded images.
+image_cache_path: "{{ ansible_user_dir ~ '/kayobe-image-cache' }}"

ansible/group_vars/all/kolla

+---
+###############################################################################
+# Kolla configuration.
+
+# Path to Kolla configuration directory.
+kolla_config_path: "{{ lookup('env', 'KOLLA_CONFIG_PATH') | default('/etc/kolla') }}"
+
+# Path to Kolla node custom configuration directory.
+kolla_node_custom_config_path: "{{ kolla_config_path }}/config"
+
+# Kolla base container image distribution.
+kolla_base_distro: "centos"
+
+# Kolla installation type: binary or source.
+kolla_install_type: "binary"
+
+# Kolla OpenStack release version. This should be a Docker image tag.
+kolla_openstack_release: "3.0.2"
+
+# Whether TLS is enabled for the external API endpoints.
+kolla_enable_tls_external: "no"
+
+# Path to external API certificate.
+kolla_external_fqdn_cert:
+
+# Whether debug logging is enabled.
+kolla_openstack_logging_debug: "False"
+
+###############################################################################
+# Kolla feature flag configuration.
+
+kolla_enable_glance: "yes"
+kolla_enable_ironic: "yes"
+kolla_enable_swift: "yes"

ansible/group_vars/all/network

+---
+###############################################################################
+# Network roles.
+
+# Network role to network name mappings.
+provision_oc_net_name: 'provision_oc_net'
+provision_wl_net_name: 'provision_wl_net'
+external_net_name: 'external_net'
+storage_net_name: 'storage_net'
+storage_mgmt_net_name: 'storage_mgmt_net'

ansible/group_vars/all/ntp

+---
+# Kayobe NTP configuration.
+
+###############################################################################
+# Timezone.
+
+# Name of the local timezone.
+timezone: "{{ ansible_date_time.tz }}"
+
+###############################################################################
+# Network Time Protocol (NTP).
+
+# List of names of NTP servers.
+#ntp_config_server:
+
+# List of NTP restrictions to add to ntp.conf.
+#ntp_config_restrict:
+
+# List of addresses for NTP daemon to listen on.
+#ntp_config_listen:
+
+# Other NTP configuration options.
+#ntp_config_filegen:
+#ntp_config_statistics:
+#ntp_config_crypto:
+#ntp_config_includefile:
+#ntp_config_keys:
+#ntp_config_trustedkey:
+#ntp_config_requestkey:
+#ntp_config_controlkey:
+#ntp_config_broadcast:
+#ntp_config_broadcastclient:
+#ntp_config_multicastclient:
+#ntp_config_tinker_panic_enabled:

ansible/group_vars/controllers/network

+---
+###############################################################################
+# Network interface attachments.
+
+# List of networks to which these nodes are attached.
+network_interfaces: >
+  {{ (controller_default_network_interfaces +
+      controller_extra_network_interfaces) | unique | list }}
+
+# List of default networks to which controller nodes are attached.
+controller_default_network_interfaces: >
+  {{ [provision_oc_net_name,
+      provision_wl_net_name,
+      internal_net_name,
+      external_net_name,
+      storage_net_name,
+      storage_mgmt_net_name] | unique | list }}
+
+# List of extra networks to which controller nodes are attached.
+controller_extra_network_interfaces: []
+
+###############################################################################
+# Kolla networking.
+
+# Name of the Neutron OVS bridge for the provisioning network.
+neutron_bridge_name: "br-ex"
+
+# External network interface for Neutron.
+neutron_external_interface: "{{ 'patch-' ~ neutron_bridge_name }}"

ansible/group_vars/controllers/swift

+---
+###############################################################################
+# OpenStack Swift configuration.
+
+# Base-2 logarithm of the number of partitions.
+# i.e. num_partitions=2^<swift_part_power>.
+swift_part_power: 10
+
+# Object replication count.
+swift_replication_count: "{{ [groups['controllers'] | length, 3] | min }}"
+
+# Minimum time in hours between moving a given partition.
+swift_min_part_hours: 1
+
+# Number of Swift Zones.
+swift_num_zones: 5

ansible/group_vars/seed/network

+---
+###############################################################################
+# Network interface attachments.
+
+# List of networks to which these nodes are attached.
+network_interfaces: >
+  {{ (seed_default_network_interfaces +
+      seed_extra_network_interfaces) | unique | list }}
+
+# List of default networks to which seed nodes are attached.
+seed_default_network_interfaces: >
+  {{ [provision_oc_net_name] | unique | list }}
+
+# List of extra networks to which seed nodes are attached.
+seed_extra_network_interfaces: []
+
+###############################################################################
+# Network interface definitions.
+
+# Overcloud provisioning network IP information.
+# provision_oc_net_interface:
+# provision_oc_net_bridge_ports:
+
+# Workload provisioning network IP information.
+# provision_wl_net_interface:
+# provision_wl_net_bridge_ports:
+
+# Internal network IP information.
+# internal_net_interface:
+# internal_net_bridge_ports:
+
+# External network IP information.
+# external_net_interface:
+# external_net_bridge_ports:
+
+# Storage network IP information.
+# storage_net_interface:
+# storage_net_bridge_ports:
+
+# Storage management network IP information.
+# storage_mgmt_net_interface:
+# storage_mgmt_net_bridge_ports:

ansible/group_vars/seed/vm

+---
+###############################################################################
+# Seed node VM configuration.
+
+# Name of the seed VM.
+seed_vm_name: "{{ inventory_hostname }}"
+
+# Memory in MB.
+seed_vm_memory_mb: "{{ 16 * 1024 }}"
+
+# Number of vCPUs.
+seed_vm_vcpus: 4
+
+# List of volumes.
+seed_vm_volumes:
+  - "{{ seed_vm_root_volume }}"
+  - "{{ seed_vm_data_volume }}"
+
+# Root volume.
+seed_vm_root_volume:
+  name: "{{ seed_vm_name }}-root"
+  pool: "{{ seed_vm_pool }}"
+  capacity: "{{ seed_vm_root_capacity }}"
+  format: "{{ seed_vm_root_format }}"
+  image: "{{ seed_vm_root_image }}"
+
+# Data volume.
+seed_vm_data_volume:
+  name: "{{ seed_vm_name }}-data"
+  pool: "{{ seed_vm_pool }}"
+  capacity: "{{ seed_vm_data_capacity }}"
+  format: "{{ seed_vm_data_format }}"
+
+# List of network interfaces.
+seed_vm_interfaces:
+  - network: default
+
+# Name of the storage pool for the seed VM volumes.
+seed_vm_pool: default
+
+# Capacity of the seed VM root volume.
+seed_vm_root_capacity: 50G
+
+# Format of the seed VM root volume.
+seed_vm_root_format: qcow2
+
+# Base image for the seed VM root volume.
+seed_vm_root_image:
+
+# Capacity of the seed VM data volume.
+seed_vm_data_capacity: 100G
+
+# Format of the seed VM data volume.
+seed_vm_data_format: qcow2

ansible/ip-allocation.yml

+---
+- name: Ensure IP addresses are allocated
+  hosts: controllers
+  gather_facts: no
+  pre_tasks:
+    - set_fact:
+        ip_allocations: "{{ ip_allocations|default([]) + [{'net_name': item, 'cidr': item|net_cidr}] }}"
+      with_items: "{{ network_interfaces }}"
+  roles:
+    - role: ip-allocation
+      ip_allocation_filename: "{{ kayobe_config_path }}/network-allocation.yml"
+      ip_allocation_hostname: "{{ inventory_hostname }}"

ansible/kolla-bifrost.yml

+---
+- name: Ensure Kolla Bifrost is configured
+  hosts: config-mgmt
+  vars:
+    kolla_bifrost_extra_globals_path: "{{ kayobe_config_path ~ '/kolla/config/bifrost/bifrost.yml' }}"
+    kolla_bifrost_driver_map:
+      - { name: agent_ipmitool, enabled: "{{ kolla_bifrost_enable_ipmitool_drivers | bool }}" }
+
+  pre_tasks:
+    - name: Check whether a Kolla Bifrost extra globals configuration file exists
+      stat:
+        path: "{{ kolla_bifrost_extra_globals_path }}"
+      register: globals_stat
+
+    - name: Read the Kolla Bifrost extra globals configuration file
+      set_fact:
+        kolla_bifrost_extra_globals: "{{ lookup('template', kolla_bifrost_extra_globals_path) | from_yaml }}"
+      when: globals_stat.stat.exists
+
+  roles:
+    - role: kolla-bifrost
+
+      # Generate a list of enabled drivers from the map.
+      kolla_bifrost_enabled_drivers: >
+        {{ kolla_bifrost_driver_map | selectattr('enabled') | map(attribute='name') | list }}
+      kolla_bifrost_enable_pxe_drivers: false
+
+      # Network configuration.
+      kolla_bifrost_dhcp_pool_start: "{{ provision_oc_net_name | net_allocation_pool_start }}"
+      kolla_bifrost_dhcp_pool_end: "{{ provision_oc_net_name | net_allocation_pool_end }}"
+      kolla_bifrost_dnsmasq_router: "{{ provision_oc_net_name | net_gateway }}"
+      kolla_bifrost_dnsmasq_dns_servers: "{{ resolv_nameservers | default([]) }}"
+      kolla_bifrost_domain: "{{ resolv_domain | default }}"