Adding k8s-ha-contrail template
- Adding template that by default maps to k8s-ha-contrail model.
This is lightweight model without any integrations. Only k8s and
contrail will be installed here.
Change-Id: I9cba40fbbaa2224e2884aeebde050a381c61f038
User-Story: https://mirantis.jira.com/browse/PROD-15739
diff --git a/tcp_tests/templates/k8s-ha-contrail/common-services.yaml b/tcp_tests/templates/k8s-ha-contrail/common-services.yaml
new file mode 100644
index 0000000..e5eb9d7
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/common-services.yaml
@@ -0,0 +1,72 @@
+{% from 'k8s-ha-contrail/underlay.yaml' import HOSTNAME_CFG01 with context %}
+
+# Install support services
+- description: Create and distribute SSL certificates for services using salt state
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' state.sls salt
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: true
+
+- description: Install docker
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@docker:host' state.sls docker.host
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Check docker
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@docker:host' cmd.run 'docker ps'
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Install keepalived on primary controller
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@keepalived:cluster and *01*' state.sls keepalived
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 10}
+ skip_fail: true
+
+- description: Install keepalived
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@keepalived:cluster' state.sls keepalived
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 10}
+ skip_fail: true
+
+- description: Install RabbitMQ
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@rabbitmq:server' state.sls rabbitmq
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 2, delay: 10}
+ skip_fail: false
+
+- description: Check RabbitMQ
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@rabbitmq:server' cmd.run "rabbitmqctl cluster_status"
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 10}
+ skip_fail: false
+
+- description: Install haproxy
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@haproxy:proxy' state.sls haproxy
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Check haproxy service
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@haproxy:proxy' service.status haproxy
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Restart rsyslog
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@haproxy:proxy' service.restart rsyslog
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
diff --git a/tcp_tests/templates/k8s-ha-contrail/juniper.conf b/tcp_tests/templates/k8s-ha-contrail/juniper.conf
new file mode 100644
index 0000000..398a257
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/juniper.conf
@@ -0,0 +1,110 @@
+## Last commit: 2017-05-18 08:39:52 UTC by root
+version 12.1X46-D20.5;
+system {
+ host-name vsrx1;
+ root-authentication {
+ encrypted-password "$1$gpbfk/Jr$lF2foqHYBd/Sp56dlmkXH1"; ## SECRET-DATA
+ }
+ name-server {
+ 8.8.8.8;
+ 8.8.4.4;
+ }
+ services {
+ ssh;
+ web-management {
+ http {
+ interface ge-0/0/0.0;
+ }
+ }
+ }
+ syslog {
+ file messages {
+ any any;
+ }
+ }
+ license {
+ autoupdate {
+ url https://ae1.juniper.net/junos/key_retrieval;
+ }
+ }
+ ntp {
+ peer 46.243.48.4;
+ peer 147.251.48.140;
+ peer 46.243.48.88;
+ }
+}
+interfaces {
+ ge-0/0/0 {
+ unit 0 {
+ family inet {
+ address 172.16.10.90/24;
+ }
+ }
+ }
+ ge-0/0/1 {
+ unit 0 {
+ family inet {
+ address 192.168.10.90/24;
+ }
+ }
+ }
+ ge-0/0/2 {
+ unit 0 {
+ family inet {
+ address 10.70.0.91/24;
+ }
+ }
+ }
+}
+routing-options {
+ route-distinguisher-id 172.16.10.90;
+ autonomous-system 64512;
+ dynamic-tunnels {
+ dynamic_overlay_tunnels {
+ source-address 172.16.10.90;
+ gre;
+ destination-networks {
+ 172.16.10.0/24;
+ }
+ }
+ }
+}
+protocols {
+ mpls {
+ interface all;
+ }
+ bgp {
+ group Contrail_Controller {
+ type internal;
+ local-address 172.16.10.90;
+ keep all;
+ family inet-vpn {
+ unicast;
+ }
+ allow 172.16.10.0/24;
+ }
+ }
+}
+security {
+ forwarding-options {
+ family {
+ mpls {
+ mode packet-based;
+ }
+ }
+ }
+}
+routing-instances {
+ public {
+ instance-type vrf;
+ interface ge-0/0/1.0;
+ vrf-target target:64512:10000;
+ vrf-table-label;
+ routing-options {
+ static {
+ route 192.168.10.0/24 discard;
+ route 0.0.0.0/0 next-hop 192.168.10.1;
+ }
+ }
+ }
+}
diff --git a/tcp_tests/templates/k8s-ha-contrail/juniper.conf.template b/tcp_tests/templates/k8s-ha-contrail/juniper.conf.template
new file mode 100644
index 0000000..e7eed4a
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/juniper.conf.template
@@ -0,0 +1,110 @@
+## Last commit: 2017-05-18 08:39:52 UTC by root
+version 12.1X46-D20.5;
+system {
+ host-name vsrx1;
+ root-authentication {
+ encrypted-password "$1$gpbfk/Jr$lF2foqHYBd/Sp56dlmkXH1"; ## SECRET-DATA
+ }
+ name-server {
+ 8.8.8.8;
+ 8.8.4.4;
+ }
+ services {
+ ssh;
+ web-management {
+ http {
+ interface ge-0/0/0.0;
+ }
+ }
+ }
+ syslog {
+ file messages {
+ any any;
+ }
+ }
+ license {
+ autoupdate {
+ url https://ae1.juniper.net/junos/key_retrieval;
+ }
+ }
+ ntp {
+ peer 46.243.48.4;
+ peer 147.251.48.140;
+ peer 46.243.48.88;
+ }
+}
+interfaces {
+ ge-0/0/0 {
+ unit 0 {
+ family inet {
+ address {{ private_address }}/24;
+ }
+ }
+ }
+ ge-0/0/1 {
+ unit 0 {
+ family inet {
+ address {{ public_address }}/24;
+ }
+ }
+ }
+ ge-0/0/2 {
+ unit 0 {
+ family inet {
+ address {{ admin_address }};
+ }
+ }
+ }
+}
+routing-options {
+ route-distinguisher-id {{ private_address }};
+ autonomous-system 64512;
+ dynamic-tunnels {
+ dynamic_overlay_tunnels {
+ source-address {{ private_address }};
+ gre;
+ destination-networks {
+ {{ private_network }}/24;
+ }
+ }
+ }
+}
+protocols {
+ mpls {
+ interface all;
+ }
+ bgp {
+ group Contrail_Controller {
+ type internal;
+ local-address 172.16.10.90;
+ keep all;
+ family inet-vpn {
+ unicast;
+ }
+ allow {{ private_network }}/24;
+ }
+ }
+}
+security {
+ forwarding-options {
+ family {
+ mpls {
+ mode packet-based;
+ }
+ }
+ }
+}
+routing-instances {
+ public {
+ instance-type vrf;
+ interface ge-0/0/1.0;
+ vrf-target target:64512:10000;
+ vrf-table-label;
+ routing-options {
+ static {
+ route {{ public_network }} discard;
+ route 0.0.0.0/0 next-hop {{ public_network_gateway }};
+ }
+ }
+ }
+}
diff --git a/tcp_tests/templates/k8s-ha-contrail/k8s.yaml b/tcp_tests/templates/k8s-ha-contrail/k8s.yaml
new file mode 100644
index 0000000..d0f7f1b
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/k8s.yaml
@@ -0,0 +1,138 @@
+{% from 'k8s-ha-contrail/underlay.yaml' import HOSTNAME_CFG01 with context %}
+
+- description: Install etcd
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@etcd:server' state.sls etcd.server.service
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Check the etcd health
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@etcd:server' cmd.run '. /var/lib/etcd/configenv && etcdctl cluster-health'
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+ # Opencontrail Control Plane
+
+- description: Install Opencontrail db on ctl01
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:database and *01*' state.sls opencontrail.database
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 2, delay: 20}
+ skip_fail: false
+
+- description: Install Opencontrail db on all nodes
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:database' state.sls opencontrail.database
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 2, delay: 20}
+ skip_fail: false
+
+- description: Install Opencontrail control on ctl01
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:control and *01*' state.sls opencontrail exclude=opencontrail.client
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Install Opencontrail control on all nodes
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:control' state.sls opencontrail exclude=opencontrail.client
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Install Opencontrail on collector
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:collector' state.sls opencontrail exclude=opencontrail.client
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+# OpenContrail vrouters
+- description: Install Opencontrail client
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:database:id:1' state.sls opencontrail.client
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Install Opencontrail on computes
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:compute' state.sls opencontrail exclude=opencontrail.client
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 2, delay: 5}
+ skip_fail: false
+
+- description: Wake up vhost0
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@nova:compute' cmd.run 'exec 0>&-; exec 1>&-; exec 2>&-;
+ nohup bash -c "ip link | grep vhost && echo no_reboot || sleep 5 && reboot & "'
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Install Opencontrail client on computes
+ cmd: sleep 300 && salt --timeout=60 --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:compute' state.sls 'opencontrail.client'
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Install Opencontrail on computes #2
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@opencontrail:compute' state.sls opencontrail
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 2, delay: 5}
+ skip_fail: false
+
+# Kubernetes
+- description: Install Kubernetes Addons
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@kubernetes:master' state.sls kubernetes.master.kube-addons
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: true
+
+- description: Install Kubernetes components
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@kubernetes:pool' state.sls kubernetes.pool
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 5, delay: 60}
+ skip_fail: false
+
+- description: Setup etcd server on primary controller
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@kubernetes:master and *01*' state.sls etcd.server.setup
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+- description: Run Kubernetes master without setup
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@kubernetes:master' state.sls kubernetes exclude=kubernetes.master.setup
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 3, delay: 5}
+ skip_fail: true
+
+- description: Run Kubernetes master setup
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@kubernetes:master and *01*' state.sls kubernetes.master.setup
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: true
+
+- description: Restart Kubelet
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@kubernetes:pool' service.restart 'kubelet'
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: true
+
+- description: Renew hosts file on a whole cluster
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '*' state.sls linux.network.host;
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
diff --git a/tcp_tests/templates/k8s-ha-contrail/salt.yaml b/tcp_tests/templates/k8s-ha-contrail/salt.yaml
new file mode 100644
index 0000000..5030063
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/salt.yaml
@@ -0,0 +1,26 @@
+{% from 'k8s-ha-contrail/underlay.yaml' import HOSTNAME_CFG01 with context %}
+{% from 'k8s-ha-contrail/underlay.yaml' import LAB_CONFIG_NAME with context %}
+{% from 'k8s-ha-contrail/underlay.yaml' import DOMAIN_NAME with context %}
+
+{% set SALT_MODELS_REPOSITORY = os_env('SALT_MODELS_REPOSITORY','https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab') %}
+# Other salt model repository parameters see in shared-salt.yaml
+
+{% import 'shared-salt.yaml' as SHARED with context %}
+
+{{ SHARED.MACRO_INSTALL_SALT_MASTER() }}
+
+{{ SHARED.MACRO_CLONE_RECLASS_MODELS(IS_CONTRAIL_LAB=true) }}
+
+{{ SHARED.MACRO_CONFIGURE_RECLASS(FORMULA_SERVICES='"linux" "reclass" "salt" "openssh" "ntp" "git" "nginx" "collectd" "sensu" "heka" "sphinx" "keystone" "mysql" "grafana" "haproxy" "rsyslog" "horizon" "prometheus" "telegraf" "elasticsearch"') }}
+
+{{ SHARED.MACRO_INSTALL_SALT_MINIONS() }}
+
+{{ SHARED.MACRO_RUN_SALT_MASTER_UNDERLAY_STATES() }}
+
+{{ SHARED.ADJUST_K8S_OPTS() }}
+
+{{ SHARED.REGISTER_COMPUTE_NODES() }}
+
+{{ SHARED.MACRO_GENERATE_INVENTORY() }}
+
+{{ SHARED.MACRO_BOOTSTRAP_ALL_MINIONS() }}
diff --git a/tcp_tests/templates/k8s-ha-contrail/underlay--meta-data.yaml b/tcp_tests/templates/k8s-ha-contrail/underlay--meta-data.yaml
new file mode 100644
index 0000000..3699401
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/underlay--meta-data.yaml
@@ -0,0 +1,4 @@
+| # All the data below will be stored as a string object
+ instance-id: iid-local1
+ hostname: {hostname}
+ local-hostname: {hostname}
diff --git a/tcp_tests/templates/k8s-ha-contrail/underlay--user-data-cfg01.yaml b/tcp_tests/templates/k8s-ha-contrail/underlay--user-data-cfg01.yaml
new file mode 100644
index 0000000..c0a031a
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/underlay--user-data-cfg01.yaml
@@ -0,0 +1,89 @@
+| # All the data below will be stored as a string object
+ #cloud-config, see http://cloudinit.readthedocs.io/en/latest/topics/examples.html
+
+ ssh_pwauth: True
+ users:
+ - name: root
+ sudo: ALL=(ALL) NOPASSWD:ALL
+ shell: /bin/bash
+ ssh_authorized_keys:
+ {% for key in config.underlay.ssh_keys %}
+ - ssh-rsa {{ key['public'] }}
+ {% endfor %}
+
+ disable_root: false
+ chpasswd:
+ list: |
+ root:r00tme
+ expire: False
+
+ bootcmd:
+ # Block access to SSH while node is preparing
+ - cloud-init-per once sudo iptables -A INPUT -p tcp --dport 22 -j DROP
+ # Enable root access
+ - sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin yes/' /etc/ssh/sshd_config
+ - service sshd restart
+ output:
+ all: '| tee -a /var/log/cloud-init-output.log /dev/tty0'
+
+ runcmd:
+ # Configure dhclient
+ - sudo echo "nameserver {gateway}" >> /etc/resolvconf/resolv.conf.d/base
+ - sudo resolvconf -u
+
+ # Prepare network connection
+ - sudo ifup ens3
+ #- sudo route add default gw {gateway} {interface_name}
+ - sudo ifup ens4
+ - sudo ifup ens5
+
+ # Create swap
+ - fallocate -l 4G /swapfile
+ - chmod 600 /swapfile
+ - mkswap /swapfile
+ - swapon /swapfile
+ - echo "/swapfile none swap defaults 0 0" >> /etc/fstab
+
+ ############## TCP Cloud cfg01 node ##################
+ #- sleep 120
+ - echo "Preparing base OS"
+
+ - echo "nameserver 172.18.208.44" >> /etc/resolv.conf;
+ - echo "nameserver 8.8.8.8" >> /etc/resolv.conf;
+ - which wget >/dev/null || (apt-get update; apt-get install -y wget);
+
+ - echo "deb [arch=amd64] http://apt.mirantis.com/xenial {{ REPOSITORY_SUITE }} salt extra" > /etc/apt/sources.list.d/mcp_salt.list;
+ - wget -O - http://apt.mirantis.com/public.gpg | apt-key add -;
+ - echo "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main" > /etc/apt/sources.list.d/saltstack.list;
+ - wget -O - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -;
+
+ - eatmydata apt-get clean && eatmydata apt-get update
+
+ # Install common packages
+ - eatmydata apt-get install -y python-pip git curl tmux byobu iputils-ping traceroute htop tree
+
+ ########################################################
+ # Node is ready, allow SSH access
+ - echo "Allow SSH access ..."
+ - sudo iptables -D INPUT -p tcp --dport 22 -j DROP
+ ########################################################
+
+ write_files:
+ - path: /etc/network/interfaces
+ content: |
+ auto ens3
+ iface ens3 inet dhcp
+ auto ens4
+ iface ens4 inet dhcp
+ auto ens5
+ iface ens5 inet dhcp
+
+ - path: /root/.ssh/config
+ owner: root:root
+ permissions: '0600'
+ content: |
+ Host *
+ ServerAliveInterval 300
+ ServerAliveCountMax 10
+ StrictHostKeyChecking no
+ UserKnownHostsFile /dev/null
diff --git a/tcp_tests/templates/k8s-ha-contrail/underlay--user-data1404.yaml b/tcp_tests/templates/k8s-ha-contrail/underlay--user-data1404.yaml
new file mode 100644
index 0000000..2fe252a
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/underlay--user-data1404.yaml
@@ -0,0 +1,81 @@
+| # All the data below will be stored as a string object
+ #cloud-config, see http://cloudinit.readthedocs.io/en/latest/topics/examples.html
+
+ ssh_pwauth: True
+ users:
+ - name: root
+ sudo: ALL=(ALL) NOPASSWD:ALL
+ shell: /bin/bash
+ ssh_authorized_keys:
+ {% for key in config.underlay.ssh_keys %}
+ - ssh-rsa {{ key['public'] }}
+ {% endfor %}
+
+ disable_root: false
+ chpasswd:
+ list: |
+ root:r00tme
+ expire: False
+
+ bootcmd:
+ # Block access to SSH while node is preparing
+ - cloud-init-per once sudo iptables -A INPUT -p tcp --dport 22 -j DROP
+ # Enable root access
+ - sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin yes/' /etc/ssh/sshd_config
+ - service sshd restart
+ output:
+ all: '| tee -a /var/log/cloud-init-output.log /dev/tty0'
+
+ runcmd:
+ # Configure dhclient
+ - sudo echo "nameserver {gateway}" >> /etc/resolvconf/resolv.conf.d/base
+ - sudo resolvconf -u
+
+ # Prepare network connection
+ - sudo ifup eth0
+ #- sudo route add default gw {gateway} {interface_name}
+ - sudo ifup eth1
+ - sudo ifup eth2
+
+ # Create swap
+ - fallocate -l 4G /swapfile
+ - chmod 600 /swapfile
+ - mkswap /swapfile
+ - swapon /swapfile
+ - echo "/swapfile none swap defaults 0 0" >> /etc/fstab
+
+ ############## tcp cloud cfg01 node ##################
+ #- sleep 120
+ - echo "Preparing base OS"
+ - which wget >/dev/null || (apt-get update; apt-get install -y wget)
+ - sudo add-apt-repository universe
+ - echo "deb [arch=amd64] http://apt.mirantis.com/trusty {{ REPOSITORY_SUITE }} salt extra" > /etc/apt/sources.list.d/mcp_salt.list
+ - wget -O - http://apt.mirantis.com/public.gpg | apt-key add -
+ - echo "deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3 trusty main" > /etc/apt/sources.list.d/saltstack.list
+ - wget -O - https://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -
+
+ - eatmydata apt-get clean
+ - eatmydata apt-get update && eatmydata apt-get -y upgrade
+
+ # install common packages
+ - eatmydata apt-get install -y python-pip git curl tmux byobu iputils-ping traceroute htop tree mc
+
+ # Workaround for bug https://mirantis.jira.com/browse/PROD-8214
+ - eatmydata apt-get -y install --install-recommends linux-generic-lts-xenial
+ - reboot
+
+ ########################################################
+ # Node is ready, allow SSH access
+ #- echo "Allow SSH access ..."
+ #- sudo iptables -D INPUT -p tcp --dport 22 -j DROP
+ ########################################################
+
+ write_files:
+ - path: /etc/network/interfaces
+ content: |
+ auto eth0
+ iface eth0 inet dhcp
+ auto eth1
+ iface eth1 inet dhcp
+ auto eth2
+ iface eth2 inet dhcp
diff --git a/tcp_tests/templates/k8s-ha-contrail/underlay--user-data1604.yaml b/tcp_tests/templates/k8s-ha-contrail/underlay--user-data1604.yaml
new file mode 100644
index 0000000..008266c
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/underlay--user-data1604.yaml
@@ -0,0 +1,75 @@
+| # All the data below will be stored as a string object
+ #cloud-config, see http://cloudinit.readthedocs.io/en/latest/topics/examples.html
+
+ ssh_pwauth: True
+ users:
+ - name: root
+ sudo: ALL=(ALL) NOPASSWD:ALL
+ shell: /bin/bash
+ ssh_authorized_keys:
+ {% for key in config.underlay.ssh_keys %}
+ - ssh-rsa {{ key['public'] }}
+ {% endfor %}
+
+ disable_root: false
+ chpasswd:
+ list: |
+ root:r00tme
+ expire: False
+
+ bootcmd:
+ # Block access to SSH while node is preparing
+ - cloud-init-per once sudo iptables -A INPUT -p tcp --dport 22 -j DROP
+ # Enable root access
+ - sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin yes/' /etc/ssh/sshd_config
+ - service sshd restart
+ output:
+ all: '| tee -a /var/log/cloud-init-output.log /dev/tty0'
+
+ runcmd:
+ - export TERM=linux
+ - export LANG=C
+ # Configure dhclient
+ - sudo echo "nameserver {gateway}" >> /etc/resolvconf/resolv.conf.d/base
+ - sudo resolvconf -u
+
+ # Prepare network connection
+ - sudo ifup ens3
+ #- sudo route add default gw {gateway} {interface_name}
+ - sudo ifup ens4
+ - sudo ifup ens5
+
+ # Create swap disabled due k8s >1.8.x allows use swap only with
+ # flag `--fail-swap-on=false` in kubelet args
+
+ ############## TCP Cloud cfg01 node ##################
+ #- sleep 120
+ - echo "Preparing base OS"
+ - which wget >/dev/null || (apt-get update; apt-get install -y wget)
+
+ - echo "deb [arch=amd64] http://apt.mirantis.com/xenial {{ REPOSITORY_SUITE }} salt extra" > /etc/apt/sources.list.d/mcp_salt.list;
+ - wget -O - http://apt.mirantis.com/public.gpg | apt-key add -;
+ - echo "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main" > /etc/apt/sources.list.d/saltstack.list;
+ - wget -O - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -;
+
+ - apt-get clean
+ - eatmydata apt-get update && apt-get -y upgrade
+
+ # install common packages
+ - eatmydata apt-get install -y python-pip git curl tmux byobu iputils-ping traceroute htop tree mc
+
+ ########################################################
+ # Node is ready, allow SSH access
+ - echo "Allow SSH access ..."
+ - sudo iptables -D INPUT -p tcp --dport 22 -j DROP
+ ########################################################
+
+ write_files:
+ - path: /etc/network/interfaces
+ content: |
+ auto ens3
+ iface ens3 inet dhcp
+ auto ens4
+ iface ens4 inet dhcp
+ auto ens5
+ iface ens5 inet dhcp
diff --git a/tcp_tests/templates/k8s-ha-contrail/underlay.yaml b/tcp_tests/templates/k8s-ha-contrail/underlay.yaml
new file mode 100644
index 0000000..44132d0
--- /dev/null
+++ b/tcp_tests/templates/k8s-ha-contrail/underlay.yaml
@@ -0,0 +1,451 @@
+# This environment requires 50.5 GB of RAM and 270GB of Storage. Run with caution.
+{% set REPOSITORY_SUITE = os_env('REPOSITORY_SUITE', 'testing') %}
+
+{% import 'k8s-ha-contrail/underlay--meta-data.yaml' as CLOUDINIT_META_DATA with context %}
+{% import 'k8s-ha-contrail/underlay--user-data-cfg01.yaml' as CLOUDINIT_USER_DATA_CFG01 with context %}
+{% import 'k8s-ha-contrail/underlay--user-data1604.yaml' as CLOUDINIT_USER_DATA_1604 with context %}
+{% import 'k8s-ha-contrail/underlay--user-data1404.yaml' as CLOUDINIT_USER_DATA_1404 with context %}
+
+---
+aliases:
+ - &interface_model {{ os_env('INTERFACE_MODEL', 'virtio') }}
+ - &cloudinit_meta_data {{ CLOUDINIT_META_DATA }}
+ - &cloudinit_user_data_cfg01 {{ CLOUDINIT_USER_DATA_CFG01 }}
+ - &cloudinit_user_data_1604 {{ CLOUDINIT_USER_DATA_1604 }}
+ - &cloudinit_user_data_1404 {{ CLOUDINIT_USER_DATA_1404 }}
+
+{% set LAB_CONFIG_NAME = os_env('LAB_CONFIG_NAME', 'k8s-ha-contrail') %}
+{% set DOMAIN_NAME = os_env('DOMAIN_NAME', LAB_CONFIG_NAME) + '.local' %}
+{% set HOSTNAME_CFG01 = os_env('HOSTNAME_CFG01', 'cfg01.' + DOMAIN_NAME) %}
+{% set HOSTNAME_CTL01 = os_env('HOSTNAME_CTL01', 'ctl01.' + DOMAIN_NAME) %}
+{% set HOSTNAME_CTL02 = os_env('HOSTNAME_CTL02', 'ctl02.' + DOMAIN_NAME) %}
+{% set HOSTNAME_CTL03 = os_env('HOSTNAME_CTL03', 'ctl03.' + DOMAIN_NAME) %}
+{% set HOSTNAME_CMP01 = os_env('HOSTNAME_CMP01', 'cmp0.' + DOMAIN_NAME) %}
+{% set HOSTNAME_CMP02 = os_env('HOSTNAME_CMP02', 'cmp1.' + DOMAIN_NAME) %}
+{% set HOSTNAME_NTW01 = os_env('HOSTNAME_NTW01', 'ntw01.' + DOMAIN_NAME) %}
+{% set HOSTNAME_NTW02 = os_env('HOSTNAME_NTW02', 'ntw02.' + DOMAIN_NAME) %}
+{% set HOSTNAME_NTW03 = os_env('HOSTNAME_NTW03', 'ntw03.' + DOMAIN_NAME) %}
+{% set HOSTNAME_VSRX01 = os_env('HOSTNAME_VSRX01', 'vsrx01.' + DOMAIN_NAME) %}
+
+template:
+ devops_settings:
+ env_name: {{ os_env('ENV_NAME', 'k8s-ha-contrail_' + REPOSITORY_SUITE + "_" + os_env('BUILD_NUMBER', '')) }}
+
+ address_pools:
+
+ private-pool01:
+ net: {{ os_env('PRIVATE_ADDRESS_POOL01', '172.16.10.0/24:24') }}
+ params:
+ ip_reserved:
+ gateway: +1
+ l2_network_device: +1
+ default_{{ HOSTNAME_CFG01 }}: +100
+ default_{{ HOSTNAME_CTL01 }}: +101
+ default_{{ HOSTNAME_CTL02 }}: +102
+ default_{{ HOSTNAME_CTL03 }}: +103
+ default_{{ HOSTNAME_CMP01 }}: +105
+ default_{{ HOSTNAME_CMP02 }}: +106
+ default_{{ HOSTNAME_NTW01 }}: +110
+ default_{{ HOSTNAME_NTW02 }}: +111
+ default_{{ HOSTNAME_NTW03 }}: +112
+ default_{{ HOSTNAME_VSRX01 }}: +90
+ ip_ranges:
+ dhcp: [+90, -10]
+
+ public-pool01:
+ net: {{ os_env('PUBLIC_ADDRESS_POOL01', '192.168.10.0/24:24') }}
+ params:
+ ip_reserved:
+ gateway: +1
+ l2_network_device: +1
+ default_{{ HOSTNAME_CFG01 }}: +100
+ default_{{ HOSTNAME_CTL01 }}: +101
+ default_{{ HOSTNAME_CTL02 }}: +102
+ default_{{ HOSTNAME_CTL03 }}: +103
+ default_{{ HOSTNAME_CMP01 }}: +105
+ default_{{ HOSTNAME_CMP02 }}: +106
+ default_{{ HOSTNAME_NTW01 }}: +110
+ default_{{ HOSTNAME_NTW02 }}: +111
+ default_{{ HOSTNAME_NTW03 }}: +112
+ default_{{ HOSTNAME_VSRX01 }}: +90
+ ip_ranges:
+ dhcp: [+90, -10]
+
+ admin-pool01:
+ net: {{ os_env('ADMIN_ADDRESS_POOL01', '10.70.0.0/24:24') }}
+ params:
+ ip_reserved:
+ gateway: +1
+ l2_network_device: +1
+ default_{{ HOSTNAME_CFG01 }}: +15
+ default_{{ HOSTNAME_CTL01 }}: +101
+ default_{{ HOSTNAME_CTL02 }}: +102
+ default_{{ HOSTNAME_CTL03 }}: +103
+ default_{{ HOSTNAME_CMP01 }}: +105
+ default_{{ HOSTNAME_CMP02 }}: +106
+ default_{{ HOSTNAME_NTW01 }}: +110
+ default_{{ HOSTNAME_NTW02 }}: +111
+ default_{{ HOSTNAME_NTW03 }}: +112
+ default_{{ HOSTNAME_VSRX01 }}: +90
+ ip_ranges:
+ dhcp: [+10, -10]
+
+ groups:
+ - name: default
+ driver:
+ name: devops.driver.libvirt
+ params:
+ connection_string: !os_env CONNECTION_STRING, qemu:///system
+ storage_pool_name: !os_env STORAGE_POOL_NAME, default
+ stp: True
+ hpet: False
+ enable_acpi: true
+ use_host_cpu: !os_env DRIVER_USE_HOST_CPU, true
+ use_hugepages: !os_env DRIVER_USE_HUGEPAGES, false
+
+ network_pools:
+ private: private-pool01
+ public: public-pool01
+ admin: admin-pool01
+
+ l2_network_devices:
+ private:
+ address_pool: private-pool01
+ dhcp: true
+
+ public:
+ address_pool: public-pool01
+ dhcp: true
+ forward:
+ mode: nat
+
+ admin:
+ address_pool: admin-pool01
+ dhcp: true
+
+ group_volumes:
+ - name: cloudimage1604 # This name is used for 'backing_store' option for node volumes.
+ source_image: !os_env IMAGE_PATH1604 # https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img or
+ format: qcow2
+
+ - name: cloudimage1404
+ source_image: !os_env IMAGE_PATH1404
+ format: qcow2
+
+ - name: vsrx_image
+ source_image: !os_env IMAGE_VSRX
+ format: qcow2
+
+ nodes:
+ - name: {{ HOSTNAME_CFG01 }}
+ role: salt_master
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 4096
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1604
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_cfg01
+
+ interfaces:
+ - label: ens3
+ l2_network_device: public
+ interface_model: *interface_model
+ - label: ens4
+ l2_network_device: private
+ interface_model: *interface_model
+ - label: ens5
+ l2_network_device: admin
+ interface_model: *interface_model
+
+ network_config:
+ ens3:
+ networks:
+ - public
+ ens4:
+ networks:
+ - private
+ ens5:
+ networks:
+ - admin
+
+ - name: {{ HOSTNAME_CTL01 }}
+ role: k8s_controller
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 4096
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1604
+ format: qcow2
+ - name: cinder
+ capacity: 50
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_1604
+
+ interfaces: &interfaces
+ - label: ens3
+ l2_network_device: public
+ interface_model: *interface_model
+ - label: ens4
+ l2_network_device: private
+ interface_model: *interface_model
+ - label: ens5
+ l2_network_device: admin
+ interface_model: *interface_model
+ network_config: &network_config
+ ens3:
+ networks:
+ - public
+ ens4:
+ networks:
+ - private
+ ens5:
+ networks:
+ - admin
+
+ - name: {{ HOSTNAME_CTL02 }}
+ role: salt_minion
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 4096
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1604
+ format: qcow2
+ - name: cinder
+ capacity: 50
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_1604
+
+ interfaces: *interfaces
+ network_config: *network_config
+
+ - name: {{ HOSTNAME_CTL03 }}
+ role: salt_minion
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 4096
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1604
+ format: qcow2
+ - name: cinder
+ capacity: 50
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_1604
+
+ interfaces: *interfaces
+ network_config: *network_config
+
+ - name: {{ HOSTNAME_CMP01 }}
+ role: salt_minion
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 4096
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1604
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_1604
+
+ interfaces: *interfaces
+ network_config: *network_config
+
+ - name: {{ HOSTNAME_CMP02 }}
+ role: salt_minion
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 4096
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1604
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_1604
+
+ interfaces: *interfaces
+ network_config: *network_config
+
+ - name: {{ HOSTNAME_NTW01 }}
+ role: salt_minion
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 8192
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1404
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_1404
+
+ interfaces: *interfaces
+ network_config: *network_config
+
+ - name: {{ HOSTNAME_NTW02 }}
+ role: salt_minion
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 8192
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1404
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_1404
+
+ interfaces: *interfaces
+ network_config: *network_config
+
+ - name: {{ HOSTNAME_NTW03 }}
+ role: salt_minion
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 8192
+ boot:
+ - hd
+ cloud_init_volume_name: iso
+ cloud_init_iface_up: ens3
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 20
+ backing_store: cloudimage1404
+ format: qcow2
+ - name: iso # Volume with name 'iso' will be used
+ # for store image with cloud-init metadata.
+ capacity: 1
+ format: raw
+ device: cdrom
+ bus: ide
+ cloudinit_meta_data: *cloudinit_meta_data
+ cloudinit_user_data: *cloudinit_user_data_1404
+
+ interfaces: *interfaces
+ network_config: *network_config
+
+ - name: {{ HOSTNAME_VSRX01 }}
+ role: vsrx
+ params:
+ vcpu: !os_env SLAVE_NODE_CPU, 2
+ memory: !os_env SLAVE_NODE_MEMORY, 512
+ boot:
+ - hd
+ volumes:
+ - name: system
+ capacity: !os_env NODE_VOLUME_SIZE, 10
+ backing_store: vsrx_image
+ format: qcow2
+ #- name: iso
+ #- capacity: 1
+ #- format: raw
+ #- device: cdrom
+ #- bus: ide
+ #- cloudinit_user_data: !include juniper.conf
+
+ interfaces:
+ - label: ge-0/0/0
+ l2_network_device: private
+ interface_model: *interface_model
+ mac_address: 52:54:00:4e:b4:36
+ - label: ge-0/0/1
+ l2_network_device: public
+ interface_model: *interface_model
+ mac_address: 52:54:00:e1:44:9d
+ - label: ge-0/0/2
+ l2_network_device: admin
+ interface_model: *interface_model
+ mac_address: 52:54:00:72:08:77