[CORD-1588]
Set the name of the xos-core container for synchronizers using a mounted
global config file, cleanup of DNS and DHCP options for profiles
Change-Id: I79a744bb0c267a554513e03683d92f1fc285832e
diff --git a/profile_manifests/opencloud.yml b/profile_manifests/opencloud.yml
index 7b736af..0050838 100644
--- a/profile_manifests/opencloud.yml
+++ b/profile_manifests/opencloud.yml
@@ -10,7 +10,6 @@
# Feature toggles
use_maas: False
-use_apt_cache: True
# XOS config
xos_tosca_config_templates:
@@ -38,78 +37,6 @@
- name: vrouter
path: orchestration/xos_services/vrouter
-# SSL certificate generation
-ssl_cert_subj_prefix: "/C=US/ST=California/L=Menlo Park/O=ON.Lab/OU={{ site_humanname }} Deployment"
-
-server_certs:
- - cn: "keystone.{{ site_suffix }}"
- subj: "{{ ssl_cert_subj_prefix }}/CN=keystone.{{ site_suffix }}"
- altnames:
- - "DNS:keystone.{{ site_suffix }}"
- - "DNS:keystone"
- - cn: "xos-core.{{ site_suffix }}"
- subj: "{{ ssl_cert_subj_prefix }}/CN=xos-core.{{ site_suffix }}"
- altnames:
- - "DNS:xos-core.{{ site_suffix }}"
-
-# Network/DNS settings
-headnode: head1
-
-dns_search:
- - "{{ site_suffix }}"
-
-mgmt_ipv4_first_octets: "192.168.200"
-
-dns_servers:
- - "{{ mgmt_ipv4_first_octets }}.1"
-
-# DNS settings for NSD/Unbound
-nsd_zones:
- - name: "{{ site_suffix }}"
- ipv4_first_octets: "{{ mgmt_ipv4_first_octets }}"
- name_reverse_unbound: "168.192.in-addr.arpa"
- soa: ns1
- ns:
- - { name: ns1 }
- nodelists:
- - head_lxd_list
- - physical_node_list
- aliases:
- - { name: "apt-cache", dest: "{{ headnode }}" }
- - { name: "cordloghost", dest: "{{ headnode }}" }
- - { name: "docker", dest: "{{ headnode }}" }
- - { name: "ns", dest: "{{ headnode }}" }
- - { name: "ns1", dest: "{{ headnode }}" }
- - { name: "onos-cord", dest: "{{ headnode }}" }
- - { name: "xos", dest: "{{ headnode }}" }
- - { name: "xos-chameleon", dest: "{{ headnode }}" }
- - { name: "xos-rest-gw", dest: "{{ headnode }}" }
- - { name: "xos-gui", dest: "{{ headnode }}" }
-
-unbound_listen_all: True
-
-unbound_interfaces:
- - "{{ mgmt_ipv4_first_octets }}.1/24"
-
-dhcpd_subnets:
- - interface: mgmtbr
- cidr: "{{ mgmt_ipv4_first_octets }}.1/24"
- dhcp_first: 129
- dhcp_last: 254
- other_static:
- - physical_node_list
- - head_lxd_list
-
-physical_node_list:
- - name: head1
- ipv4_last_octet: 1
- aliases:
- - head
- - name: compute1
- ipv4_last_octet: 20
- - name: compute2
- ipv4_last_octet: 21
-
# External interface name on compute nodes
compute_external_interface: eth0
diff --git a/profile_manifests/rcord.yml b/profile_manifests/rcord.yml
index 7a3bf3f..36a62b7 100644
--- a/profile_manifests/rcord.yml
+++ b/profile_manifests/rcord.yml
@@ -12,7 +12,6 @@
# Feature toggles
use_fabric: True
use_maas: True
-use_apt_cache: True
# XOS config
xos_tosca_config_templates:
@@ -74,64 +73,6 @@
profile_library: "rcord"
-# SSL server certificate generation
-server_certs:
- - cn: "keystone.{{ site_suffix }}"
- subj: "/C=US/ST=California/L=Menlo Park/O=ON.Lab/OU=Test Deployment/CN=keystone.{{ site_suffix }}"
- altnames:
- - "DNS:keystone.{{ site_suffix }}"
- - "DNS:keystone"
- - cn: "xos-core.{{ site_suffix }}"
- subj: "/C=US/ST=California/L=Menlo Park/O=ON.Lab/OU=Test Deployment/CN=xos-core.{{ site_suffix }}"
- altnames:
- - "DNS:xos-core.{{ site_suffix }}"
-
-# Network/DNS settings
-headnode: prod
-
-dns_search:
- - "{{ site_suffix }}"
-
-mgmt_ipv4_first_octets: "192.168.200"
-
-dns_servers:
- - "{{ mgmt_ipv4_first_octets }}.1"
-
-# DNS settings for NSD/Unbound
-nsd_zones:
- - name: "{{ site_suffix }}"
- ipv4_first_octets: "{{ mgmt_ipv4_first_octets }}"
- name_reverse_unbound: "168.192.in-addr.arpa"
- soa: ns1
- ns:
- - { name: ns1 }
- nodelists:
- - head_lxd_list
- - physical_node_list
- aliases:
- - { name: "apt-cache", dest: "{{ headnode }}" }
- - { name: "cordloghost", dest: "{{ headnode }}" }
- - { name: "docker", dest: "{{ headnode }}" }
- - { name: "ns", dest: "{{ headnode }}" }
- - { name: "ns1", dest: "{{ headnode }}" }
- - { name: "onos-cord", dest: "{{ headnode }}" }
- - { name: "xos", dest: "{{ headnode }}" }
- - { name: "xos-chameleon", dest: "{{ headnode }}" }
- - { name: "xos-rest-gw", dest: "{{ headnode }}" }
- - { name: "xos-gui", dest: "{{ headnode }}" }
-
-unbound_listen_all: True
-
-unbound_interfaces:
- - "{{ mgmt_ipv4_first_octets }}.1/24"
-
-physical_node_list:
- - name: prod
- ipv4_last_octet: 1
- aliases:
- - head1
- - head
-
# VTN network configuration
management_network_cidr: 172.27.0.0/24
management_network_ip: 172.27.0.1/24
@@ -154,7 +95,6 @@
percona-cluster: "cs:trusty/percona-cluster-31"
rabbitmq-server: "cs:trusty/rabbitmq-server-42"
-
head_lxd_list:
- name: "juju-1"
service: "juju"
diff --git a/roles/cord-profile/defaults/main.yml b/roles/cord-profile/defaults/main.yml
index 2b9b9f2..03be231 100644
--- a/roles/cord-profile/defaults/main.yml
+++ b/roles/cord-profile/defaults/main.yml
@@ -4,17 +4,14 @@
# where the cord_profile directory is on the config node
config_cord_profile_dir: "/opt/cord_profile"
-head_cord_dir: "/opt/cord"
-
pki_dir: "{{ playbook_dir }}/pki"
ssh_pki_dir: "{{ playbook_dir }}/ssh_pki"
credentials_dir: "{{ playbook_dir }}/credentials"
-head_credentials_dir: "/opt/credentials"
-
# where cord files are copied to on head node
-head_cord_profile_dir: "/opt/cord_profile"
head_cord_dir: "/opt/cord"
+head_cord_profile_dir: "/opt/cord_profile"
+head_credentials_dir: "/opt/credentials"
# For storing OpenStack images
image_dir: /opt/images
diff --git a/roles/cord-profile/tasks/main.yml b/roles/cord-profile/tasks/main.yml
index b9b5017..830462e 100644
--- a/roles/cord-profile/tasks/main.yml
+++ b/roles/cord-profile/tasks/main.yml
@@ -86,6 +86,7 @@
mode: 0644
with_items:
- xos_config.yaml
+ - xos_config_synchronizer.yaml
- deployment.yaml
- xos.yaml
- gateway-config.yml
diff --git a/roles/cord-profile/templates/docker-compose.yml.j2 b/roles/cord-profile/templates/docker-compose.yml.j2
index 74551a3..84994e1 100644
--- a/roles/cord-profile/templates/docker-compose.yml.j2
+++ b/roles/cord-profile/templates/docker-compose.yml.j2
@@ -320,6 +320,7 @@
- xos_redis:redis
{% endif %}
volumes:
+ - {{ head_cord_profile_dir }}/xos_config_synchronizer.yaml:/opt/xos/xos_config.yaml:ro
- {{ head_cord_profile_dir }}/node_key:/opt/cord_profile/node_key:ro
- {{ head_credentials_dir }}:/opt/xos/services/{{ svc.name }}/credentials:ro
- {{ head_cord_profile_dir }}/im_cert_chain.pem:/usr/local/share/ca-certificates/local_certs.crt:ro
diff --git a/roles/cord-profile/templates/xos_config_synchronizer.yaml.j2 b/roles/cord-profile/templates/xos_config_synchronizer.yaml.j2
new file mode 100644
index 0000000..bc12c2e
--- /dev/null
+++ b/roles/cord-profile/templates/xos_config_synchronizer.yaml.j2
@@ -0,0 +1,15 @@
+---
+# generated by cord-profile from xos_config_synchronizer.yaml.j2
+
+accessor:
+ endpoint: "xos-core.{{ site_suffix }}:50051"
+
+logging:
+ file: '/var/log/xos_synchronizer.log'
+ logstash_hostport: 'cordloghost.{{ site_suffix }}:5617'
+ level: {{ xos_logging_level }}
+ channels:
+{% for channel in xos_logging_channels %}
+ - {{ channel }}
+{% endfor %}
+
diff --git a/roles/dhcpd/defaults/main.yml b/roles/dhcpd/defaults/main.yml
index b1fd226..b2e3b42 100644
--- a/roles/dhcpd/defaults/main.yml
+++ b/roles/dhcpd/defaults/main.yml
@@ -1,13 +1,33 @@
---
# dhcpd/defaults/main.yml
-dns_search: []
-dns_servers: []
-
# http://serverfault.com/questions/40712/what-range-of-mac-addresses-can-i-safely-use-for-my-virtual-machines
hwaddr_prefix: "c2a4"
-dhcpd_subnets: []
+site_name: placeholder-sitename
+site_suffix: "{{ site_name }}.test"
+
+# Management IP range from DHCP settings
+mgmt_ipv4_first_octets: "192.168.200"
+
+# node lists
+head_lxd_list: []
+physical_node_list: []
+
+dns_search:
+ - "{{ site_suffix }}"
+
+dns_servers:
+ - "{{ mgmt_ipv4_first_octets }}.1"
+
+dhcpd_subnets:
+ - interface: mgmtbr
+ cidr: "{{ mgmt_ipv4_first_octets }}.1/24"
+ dhcp_first: 129
+ dhcp_last: 254
+ other_static:
+ - physical_node_list
+ - head_lxd_list
# example dhcpd_subnets:
#
@@ -24,4 +44,3 @@
# other_static:
# - head_lxd_list
-
diff --git a/roles/dns-nsd/defaults/main.yml b/roles/dns-nsd/defaults/main.yml
index c5ff6e7..685d96f 100644
--- a/roles/dns-nsd/defaults/main.yml
+++ b/roles/dns-nsd/defaults/main.yml
@@ -1,12 +1,57 @@
---
+# dns-nsd/defaults/main.yml
nsd_ip: 127.0.0.1
nsd_conf: "/var/nsd/etc/nsd.conf"
nsd_zonesdir: "/var/nsd/zones"
nsd_group: "nsd"
-nsd_zones: []
-
# default DNS TTL
dns_ttl: 3600
+# NOTE - many of the below settings are shared with the dns-nsd role, and you
+# may need to update them in the defaults of both.
+
+headnode: head1
+
+site_name: placeholder-sitename
+site_suffix: "{{ site_name }}.test"
+
+# Management IP range from DHCP settings
+mgmt_ipv4_first_octets: "192.168.200"
+mgmt_name_reverse_unbound: "168.192.in-addr.arpa"
+
+dns_servers:
+ - "{{ mgmt_ipv4_first_octets }}.1"
+
+# node lists
+head_lxd_list: []
+physical_node_list: []
+
+# DNS settings for NSD/Unbound
+nsd_zones:
+ - name: "{{ site_suffix }}"
+ ipv4_first_octets: "{{ mgmt_ipv4_first_octets }}"
+ name_reverse_unbound: "{{ mgmt_name_reverse_unbound }}"
+ soa: ns1
+ ns:
+ - { name: ns1 }
+ nodelists:
+ - head_lxd_list
+ - physical_node_list
+ aliases:
+ - { name: "apt-cache", dest: "{{ headnode }}" }
+ - { name: "cordloghost", dest: "{{ headnode }}" }
+ - { name: "consul", dest: "{{ headnode }}" }
+ - { name: "docker", dest: "{{ headnode }}" }
+ - { name: "mavenrepo", dest: "{{ headnode }}" }
+ - { name: "ns", dest: "{{ headnode }}" }
+ - { name: "ns1", dest: "{{ headnode }}" }
+ - { name: "onos-cord", dest: "{{ headnode }}" }
+ - { name: "xos", dest: "{{ headnode }}" }
+ - { name: "xos-chameleon", dest: "{{ headnode }}" }
+ - { name: "xos-consul", dest: "{{ headnode }}" }
+ - { name: "xos-core", dest: "{{ headnode }}" }
+ - { name: "xos-gui", dest: "{{ headnode }}" }
+ - { name: "xos-tosca", dest: "{{ headnode }}" }
+ - { name: "xos-ws", dest: "{{ headnode }}" }
diff --git a/roles/dns-unbound/defaults/main.yml b/roles/dns-unbound/defaults/main.yml
index c462ba0..a9afcc1 100644
--- a/roles/dns-unbound/defaults/main.yml
+++ b/roles/dns-unbound/defaults/main.yml
@@ -6,6 +6,52 @@
unbound_listen_on_default: False
-unbound_listen_all: False
+unbound_listen_all: True
-unbound_interfaces: []
+# NOTE - many of the below settings are shared with the dns-nsd role, and you
+# may need to update them in the defaults of both.
+
+site_name: placeholder-sitename
+site_suffix: "{{ site_name }}.test"
+
+headnode: head1
+
+# Management IP range from DHCP settings
+mgmt_ipv4_first_octets: "192.168.200"
+mgmt_name_reverse_unbound: "168.192.in-addr.arpa"
+
+unbound_interfaces:
+ - "{{ mgmt_ipv4_first_octets }}.1/24"
+
+# node lists
+head_lxd_list: []
+physical_node_list: []
+
+# DNS settings for NSD/Unbound
+nsd_zones:
+ - name: "{{ site_suffix }}"
+ ipv4_first_octets: "{{ mgmt_ipv4_first_octets }}"
+ name_reverse_unbound: "{{ mgmt_name_reverse_unbound }}"
+ soa: ns1
+ ns:
+ - { name: ns1 }
+ nodelists:
+ - head_lxd_list
+ - physical_node_list
+ aliases:
+ - { name: "apt-cache", dest: "{{ headnode }}" }
+ - { name: "cordloghost", dest: "{{ headnode }}" }
+ - { name: "consul", dest: "{{ headnode }}" }
+ - { name: "docker", dest: "{{ headnode }}" }
+ - { name: "mavenrepo", dest: "{{ headnode }}" }
+ - { name: "ns", dest: "{{ headnode }}" }
+ - { name: "ns1", dest: "{{ headnode }}" }
+ - { name: "onos-cord", dest: "{{ headnode }}" }
+ - { name: "xos", dest: "{{ headnode }}" }
+ - { name: "xos-chameleon", dest: "{{ headnode }}" }
+ - { name: "xos-consul", dest: "{{ headnode }}" }
+ - { name: "xos-core", dest: "{{ headnode }}" }
+ - { name: "xos-gui", dest: "{{ headnode }}" }
+ - { name: "xos-tosca", dest: "{{ headnode }}" }
+ - { name: "xos-ws", dest: "{{ headnode }}" }
+
diff --git a/roles/elasticstack/files/30-elasticsearch-output.conf b/roles/elasticstack/files/30-elasticsearch-output.conf
index ab51625..11c7bfc 100644
--- a/roles/elasticstack/files/30-elasticsearch-output.conf
+++ b/roles/elasticstack/files/30-elasticsearch-output.conf
@@ -1,4 +1,3 @@
output {
elasticsearch { hosts => ["localhost:9200"] }
- stdout { codec => rubydebug }
}
diff --git a/roles/pki-cert/defaults/main.yml b/roles/pki-cert/defaults/main.yml
index 6c3de79..b693610 100644
--- a/roles/pki-cert/defaults/main.yml
+++ b/roles/pki-cert/defaults/main.yml
@@ -8,7 +8,26 @@
cert_digest: "sha256"
cert_days: 365
+# site names
+site_name: placeholder-sitename
+site_humanname: "Placeholder Site HumanName"
+site_suffix: "{{ site_name }}.test"
+
+# Default subject prefix
+ssl_cert_subj_prefix: "/C=US/ST=California/L=Menlo Park/O=ON.Lab/OU={{ site_humanname }} Deployment"
+
# lists of certificates to create
-server_certs: []
+server_certs:
+ - cn: "keystone.{{ site_suffix }}"
+ subj: "{{ ssl_cert_subj_prefix }}/CN=keystone.{{ site_suffix }}"
+ altnames:
+ - "DNS:keystone.{{ site_suffix }}"
+ - "DNS:keystone"
+ - cn: "xos-core.{{ site_suffix }}"
+ subj: "{{ ssl_cert_subj_prefix }}/CN=xos-core.{{ site_suffix }}"
+ altnames:
+ - "DNS:xos-core.{{ site_suffix }}"
+ - "DNS:xos-core"
+
client_certs: []