Merge "Fix virtual router type values"
diff --git a/.kitchen.yml b/.kitchen.yml
index 113ee81..e9ab514 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -72,10 +72,10 @@
# provisioner:
# pillars-from-files:
# opencontrail.sls: tests/pillar/cluster<%= ENV['OC_VERSION'] || '' %>.sls
- - name: tor<%= ENV['OC_VERSION'] || '' %>
- provisioner:
- pillars-from-files:
- opencontrail.sls: tests/pillar/tor<%= ENV['OC_VERSION'] || '' %>.sls
+ # - name: tor<%= ENV['OC_VERSION'] || '' %>
+ # provisioner:
+ # pillars-from-files:
+ # opencontrail.sls: tests/pillar/tor<%= ENV['OC_VERSION'] || '' %>.sls
- name: vrouter<%= ENV['OC_VERSION'] || '' %>
provisioner:
pillars-from-files:
diff --git a/README.rst b/README.rst
index da9d0b4..945aed3 100644
--- a/README.rst
+++ b/README.rst
@@ -590,6 +590,21 @@
gateway_mode: server
+Set up metadata secret for the Vrouter
+-------------------------------------
+
+In order to get cloud-init within the instance to properly fetch
+instance metadata, metadata_proxy_secret in the Vrouter agent config
+should match the value in nova.conf. The administrator should define
+it in the pillar:
+
+.. code-block:: yaml
+
+ opencontrail:
+ compute:
+ metadata:
+ secret: opencontrail
+
Keystone v3
-----------
diff --git a/metadata/service/compute/tor/cluster.yml b/metadata/service/compute/tor/cluster.yml
new file mode 100644
index 0000000..5115598
--- /dev/null
+++ b/metadata/service/compute/tor/cluster.yml
@@ -0,0 +1,16 @@
+applications:
+- opencontrail
+parameters:
+ opencontrail:
+ compute:
+ tor:
+ enabled: true
+ bind:
+ port: 8086
+ agent:
+ tor01:
+ id: 0
+ address: ${_param:single_address}
+ port: 6632
+ ssl:
+ enabled: True
diff --git a/metadata/service/compute/tor/single.yml b/metadata/service/compute/tor/single.yml
new file mode 100644
index 0000000..969b1ef
--- /dev/null
+++ b/metadata/service/compute/tor/single.yml
@@ -0,0 +1,15 @@
+applications:
+- opencontrail
+parameters:
+ opencontrail:
+ compute:
+ tor:
+ enabled: true
+ bind:
+ port: 8086
+ agent:
+ tor01:
+ id: 0
+ port: 6632
+ host: ${_param:tor_device01_address}
+ address: ${_param:single_address}
diff --git a/metadata/service/tor/single.yml b/metadata/service/tor/single.yml
deleted file mode 100644
index 7dc070c..0000000
--- a/metadata/service/tor/single.yml
+++ /dev/null
@@ -1,29 +0,0 @@
-applications:
-- opencontrail
-parameters:
- _param:
- opencontrail_version: 2.2
- opencontrail_tor_agents: 1
- opencontrail:
- common:
- version: ${_param:opencontrail_version}
- identity:
- engine: keystone
- host: 127.0.0.1
- port: 35357
- token: token
- password: password
- network:
- engine: neutron
- host: 127.0.0.1
- port: 9696
- tor:
- enabled: true
- version: ${_param:opencontrail_version}
- agents: ${_param:opencontrail_tor_agents}
- control:
- address: ${_param:single_address}
- interface:
- address: ${_param:single_address}
- device:
- host: ${_param:tor_device_address}
\ No newline at end of file
diff --git a/opencontrail/collector.sls b/opencontrail/collector.sls
index ca5333d..9a0dd28 100644
--- a/opencontrail/collector.sls
+++ b/opencontrail/collector.sls
@@ -65,7 +65,7 @@
- require:
- pkg: opencontrail_collector_packages
-{%- if collector.version >= 3.0 %}
+{%- if collector.version >= 3.0 and grains.get('init') != 'systemd' %}
/etc/contrail/supervisord_analytics_files/contrail-analytics-nodemgr.ini:
file.managed:
diff --git a/opencontrail/compute.sls b/opencontrail/compute.sls
index 7df9d2b..c410cd1 100644
--- a/opencontrail/compute.sls
+++ b/opencontrail/compute.sls
@@ -69,6 +69,8 @@
{%- if compute.version >= 3.0 %}
+{%- if compute.version <= 4.0 or grains.get('init') != 'systemd' %}
+
/etc/contrail/supervisord_vrouter_files/contrail-vrouter-nodemgr.ini:
file.managed:
- source: salt://opencontrail/files/{{ compute.version }}/contrail-vrouter-nodemgr.ini
@@ -77,6 +79,8 @@
- require_in:
- service: opencontrail_compute_services
+{%- endif %}
+
/etc/udev/rules.d/vhost-net.rules:
file.managed:
- contents: 'KERNEL=="vhost-net", GROUP="kvm", MODE="0660"'
@@ -101,6 +105,8 @@
- require_in:
- pkg: opencontrail_compute_packages
+{%- if compute.version <= 4.0 or grains.get('init') != 'systemd' %}
+
/etc/contrail/supervisord_vrouter_files/contrail-vrouter-dpdk.ini:
file.managed:
- source: salt://opencontrail/files/{{ compute.version }}/contrail-vrouter-dpdk.ini
@@ -111,6 +117,8 @@
- require_in:
- service: opencontrail_compute_services
+{%- endif %}
+
modules_dpdk:
file.append:
- name: /etc/modules
@@ -151,8 +159,37 @@
{%- endif %}
{%- endif %}
+{%- if compute.get('tor', {}).get('enabled', False) %}
+
+{% for agent_name, agent in compute.tor.agent.iteritems() %}
+
+/etc/contrail/contrail-tor-agent-{{ agent.id }}.conf:
+ file.managed:
+ - source: salt://opencontrail/files/{{ compute.version }}/contrail-tor-agent.conf
+ - template: jinja
+ - defaults:
+ agent_name: {{ agent_name }}
+ - watch_in:
+ - service: opencontrail_compute_services
+
+{%- if compute.version <= 4.0 or grains.get('init') != 'systemd' %}
+
+/etc/contrail/supervisord_vrouter_files/contrail-tor-agent-{{ agent.id }}.ini:
+ file.managed:
+ - source: salt://opencontrail/files/{{ compute.version }}/tor/contrail-tor-agent.ini
+ - template: jinja
+ - defaults:
+ agent_name: {{ agent_name }}
+ - watch_in:
+ - service: opencontrail_compute_services
+
+{%- endif %}
+
+{%- endfor %}
+{%- endif %}
+
opencontrail_compute_services:
- service.enabled:
+ service.running:
- names: {{ compute.services }}
{%- if grains.get('noservices') %}
- onlyif: /bin/false
diff --git a/opencontrail/config.sls b/opencontrail/config.sls
index dc035e5..84998e7 100644
--- a/opencontrail/config.sls
+++ b/opencontrail/config.sls
@@ -44,6 +44,8 @@
- require:
- pkg: opencontrail_config_packages
+{%- if grains.get('init') != 'systemd' %}
+
/etc/contrail/supervisord_config_files/contrail-discovery.ini:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/config/contrail-discovery.ini
@@ -57,6 +59,8 @@
- require:
- pkg: opencontrail_config_packages
+{%- endif %}
+
/etc/contrail/contrail-discovery.conf:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/contrail-discovery.conf
@@ -66,6 +70,8 @@
{%- endif %}
+{%- if grains.get('init') != 'systemd' %}
+
/etc/contrail/supervisord_config_files/contrail-api.ini:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/config/contrail-api.ini
@@ -79,6 +85,8 @@
- require:
- pkg: opencontrail_config_packages
+{%- endif %}
+
/etc/contrail/contrail-api.conf:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/contrail-api.conf
@@ -143,7 +151,7 @@
- require:
- pkg: opencontrail_config_packages
-{%- if config.version >= 3.0 %}
+{%- if config.version >= 3.0 and grains.get('init') != 'systemd' %}
/etc/contrail/supervisord_config_files/contrail-config-nodemgr.ini:
file.managed:
diff --git a/opencontrail/control.sls b/opencontrail/control.sls
index e89e6f8..8de19e4 100644
--- a/opencontrail/control.sls
+++ b/opencontrail/control.sls
@@ -43,7 +43,7 @@
- require:
- pkg: opencontrail_control_packages
-{%- if control.version >= 3.0 %}
+{%- if control.version >= 3.0 and grains.get('init') != 'systemd' %}
/etc/contrail/supervisord_control_files/contrail-control-nodemgr.ini:
file.managed:
diff --git a/opencontrail/database.sls b/opencontrail/database.sls
index 036201a..7de47b5 100644
--- a/opencontrail/database.sls
+++ b/opencontrail/database.sls
@@ -113,6 +113,8 @@
- service: opencontrail_database_services
- service: opencontrail_zookeeper_service
+{%- if database.version <= 4.0 or grains.get('init') != 'systemd' %}
+
/etc/contrail/supervisord_database_files/contrail-database-nodemgr.ini:
file.managed:
- source: salt://opencontrail/files/{{ database.version }}/database/contrail-database-nodemgr.ini
@@ -123,6 +125,7 @@
- service: opencontrail_zookeeper_service
{%- endif %}
+{%- endif %}
{% if grains.os_family == "Debian" %}
#Stop cassandra started by init script - replaced by contrail-database
@@ -162,7 +165,7 @@
opencontrail_database_services:
service.running:
- enable: true
-{%- if common.vendor == "juniper" %}
+{%- if common.vendor == "juniper" or (database.version >= 4.0 and grains.get('init') == 'systemd') %}
- name: contrail-database
{%- else %}
- name: supervisor-database
diff --git a/opencontrail/files/2.2/contrail-vrouter-agent.conf b/opencontrail/files/2.2/contrail-vrouter-agent.conf
index 0e4f1fc..0aa2672 100644
--- a/opencontrail/files/2.2/contrail-vrouter-agent.conf
+++ b/opencontrail/files/2.2/contrail-vrouter-agent.conf
@@ -123,6 +123,9 @@
[METADATA]
# Shared secret for metadata proxy service (Optional)
# metadata_proxy_secret=contrail
+{%- if compute.metadata is defined %}
+metadata_proxy_secret={{ compute.metadata.secret }}
+{%- endif %}
[NETWORKS]
# control-channel IP address used by WEB-UI to connect to vnswad to fetch
diff --git a/opencontrail/files/3.0/config.global.js b/opencontrail/files/3.0/config.global.js
index 402cc35..e4397c3 100644
--- a/opencontrail/files/3.0/config.global.js
+++ b/opencontrail/files/3.0/config.global.js
@@ -276,7 +276,7 @@
* Default: false
*
******************************************************************************/
-config.getDomainProjectsFromApiServer = false;
+config.getDomainProjectsFromApiServer = {{ web.get('projects_from_api', 'false')|lower }};
/*****************************************************************************
* Boolean flag L2_enable indicates the default forwarding-mode of a network.
* Allowed values : true / false
diff --git a/opencontrail/files/3.0/contrail-database-nodemgr.conf b/opencontrail/files/3.0/contrail-database-nodemgr.conf
index 117c751..3cd6e74 100644
--- a/opencontrail/files/3.0/contrail-database-nodemgr.conf
+++ b/opencontrail/files/3.0/contrail-database-nodemgr.conf
@@ -2,6 +2,11 @@
[DEFAULT]
hostip={{ database.bind.host }}
minimum_diskGB={{ database.minimum_disk }}
+{%- if pillar.opencontrail.control is defined %}
+contrail_databases=config
+{%- else %}
+contrail_databases=Analytics
+{%- endif %}
[DISCOVERY]
server={{ database.discovery.host }}
diff --git a/opencontrail/files/3.0/contrail-tor-agent.conf b/opencontrail/files/3.0/contrail-tor-agent.conf
index 598a6d5..bb19a6c 100644
--- a/opencontrail/files/3.0/contrail-tor-agent.conf
+++ b/opencontrail/files/3.0/contrail-tor-agent.conf
@@ -1,7 +1,7 @@
-{%- from "opencontrail/map.jinja" import tor with context %}
{%- from "opencontrail/map.jinja" import compute with context %}
-{%- set port = tor.bind.port + number %}
-#
+
+{%- set agent = salt['pillar.get']('opencontrail:compute:tor:agent:'+agent_name) %}
+{%- set port = compute.tor.bind.port + agent.id %}
# Vnswad configuration options
#
@@ -12,7 +12,7 @@
# server=10.0.0.1 10.0.0.2
[DEFAULT]
-agent_name={{ pillar.linux.system.name }}-{{ number }}
+agent_name={{ pillar.linux.system.name }}-{{ agent.id }}
# Everything in this section is optional
# IP address and port to be used to connect to collector. If these are not
@@ -34,7 +34,7 @@
# log_category=
# Local log file name
-log_file=/var/log/contrail/contrail-tor-agent-{{ number }}.log
+log_file=/var/log/contrail/contrail-tor-agent-{{ agent.id }}.log
# Log severity levels. Possible values are SYS_EMERG, SYS_ALERT, SYS_CRIT,
# SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO and SYS_DEBUG. Default is SYS_DEBUG
@@ -54,7 +54,7 @@
# headless_mode=
# Define agent mode. Only supported value is "tor"
- agent_mode=tor
+agent_mode=tor
# Http server port for inspecting vnswad state (useful for debugging)
@@ -81,24 +81,42 @@
[NETWORKS]
# control-channel IP address used by WEB-UI to connect to vnswad to fetch
# required information (Optional)
-control_network_ip={{ tor.control.address }}
+{%- if compute.bind is defined %}
+control_network_ip={{ compute.bind.address }}
+{%- else %}
+control_network_ip={{ compute.interface.address }}
+{%- endif %}
[TOR]
+{%- if agent.ssl is not defined %}
# IP address of the TOR to manage
-tor_ip={{ tor.device.host }}
+tor_ip={{ agent.host }}
+{%- endif %}
# Identifier for ToR. Agent will subscribe to ifmap-configuration by this name
-tor_id={{ number }}
+tor_id={{ agent.id }}
# ToR management scheme is based on this type. Only supported value is "ovs"
tor_type=ovs
# OVS server port number on the ToR
-tor_ovs_port=6632
+tor_ovs_port={{ agent.port }}
# IP-Transport protocol used to connect to tor. Only supported value is "tcp"
+{%- if agent.ssl is defined %}
+tor_ovs_protocol=pssl
+{%- else %}
tor_ovs_protocol=tcp
+{%- endif %}
-tsn_ip={{ tor.interface.address }}
+tsn_ip={{ compute.interface.address }}
+tor_keepalive_interval={{ agent.get('tor_keepalive_interval', 10000) }}
+{%- if agent.ssl is defined %}
+ssl_cert={{ agent.ssl.get('cert', '/etc/contrail/ssl/certs/tor.crt') }}
+
+ssl_privkey={{ agent.ssl.get('key', '/etc/contrail/ssl/certs/tor.key') }}
+
+ssl_cacert={{ agent.ssl.get('ca', '/etc/contrail/ssl/certs/ca.crt') }}
+{%- endif %}
\ No newline at end of file
diff --git a/opencontrail/files/3.0/contrail-vrouter-agent.conf b/opencontrail/files/3.0/contrail-vrouter-agent.conf
index c3f94d4..0a66be5 100644
--- a/opencontrail/files/3.0/contrail-vrouter-agent.conf
+++ b/opencontrail/files/3.0/contrail-vrouter-agent.conf
@@ -81,7 +81,7 @@
# DHCP relay mode (true or false) to determine if a DHCP request in fabric
# interface with an unconfigured IP should be relayed or not
# dhcp_relay_mode=
-{%- if pillar.opencontrail.tor is defined %}
+{%- if compute.get('tor', {}).get('enabled', False) %}
agent_mode = tsn
{%- endif %}
@@ -140,6 +140,9 @@
[METADATA]
# Shared secret for metadata proxy service (Optional)
# metadata_proxy_secret=contrail
+{%- if compute.metadata is defined %}
+metadata_proxy_secret={{ compute.metadata.secret }}
+{%- endif %}
[NETWORKS]
# control-channel IP address used by WEB-UI to connect to vnswad to fetch
diff --git a/opencontrail/files/3.0/tor/contrail-tor-agent.ini b/opencontrail/files/3.0/tor/contrail-tor-agent.ini
index 3443c3a..22a8918 100644
--- a/opencontrail/files/3.0/tor/contrail-tor-agent.ini
+++ b/opencontrail/files/3.0/tor/contrail-tor-agent.ini
@@ -1,14 +1,14 @@
-{%- from "opencontrail/map.jinja" import tor with context %}
-
-[program:contrail-tor-agent-{{ number }}]
-command=/usr/bin/contrail-tor-agent --config_file /etc/contrail/contrail-tor-agent-{{ number }}.conf
+{%- from "opencontrail/map.jinja" import compute with context %}
+{%- set agent = salt['pillar.get']('opencontrail:compute:tor:agent:'+agent_name) %}
+[program:contrail-tor-agent-{{ agent.id }}]
+command=/usr/bin/contrail-tor-agent --config_file /etc/contrail/contrail-tor-agent-{{ agent.id }}.conf
priority=420
autostart=true
killasgroup=true
stopsignal=KILL
stdout_capture_maxbytes=1MB
redirect_stderr=true
-stdout_logfile=/var/log/contrail/contrail-tor-agent-{{ number }}-stdout.log
+stdout_logfile=/var/log/contrail/contrail-tor-agent-{{ agent.id }}-stdout.log
stderr_logfile=/dev/null
startsecs=5
exitcodes=0 ; 'expected' exit codes for process (default 0,2)
\ No newline at end of file
diff --git a/opencontrail/files/4.0/config.global.js b/opencontrail/files/4.0/config.global.js
index 8e80e58..dcbd92f 100644
--- a/opencontrail/files/4.0/config.global.js
+++ b/opencontrail/files/4.0/config.global.js
@@ -344,7 +344,7 @@
* Default: false
*
******************************************************************************/
-config.getDomainProjectsFromApiServer = false;
+config.getDomainProjectsFromApiServer = {{ web.get('projects_from_api', 'false')|lower }};
/*****************************************************************************
* Boolean flag L2_enable indicates the default forwarding-mode of a network.
* Allowed values : true / false
diff --git a/opencontrail/files/4.0/contrail-database-nodemgr.conf b/opencontrail/files/4.0/contrail-database-nodemgr.conf
index 5ccad47..492fd8f 100644
--- a/opencontrail/files/4.0/contrail-database-nodemgr.conf
+++ b/opencontrail/files/4.0/contrail-database-nodemgr.conf
@@ -2,6 +2,11 @@
[DEFAULT]
hostip={{ database.bind.host }}
minimum_diskGB={{ database.minimum_disk }}
+{%- if pillar.opencontrail.control is defined %}
+contrail_databases=config
+{%- else %}
+contrail_databases=Analytics
+{%- endif %}
[COLLECTOR]
server_list={% for member in database.analytics.members %}{{ member.host }}:8086 {% endfor %}
diff --git a/opencontrail/files/4.0/contrail-tor-agent.conf b/opencontrail/files/4.0/contrail-tor-agent.conf
index b239bc7..cc8c05d 100644
--- a/opencontrail/files/4.0/contrail-tor-agent.conf
+++ b/opencontrail/files/4.0/contrail-tor-agent.conf
@@ -1,7 +1,7 @@
-{%- from "opencontrail/map.jinja" import tor with context %}
{%- from "opencontrail/map.jinja" import compute with context %}
-{%- set port = tor.bind.port + number %}
-#
+
+{%- set agent = salt['pillar.get']('opencontrail:compute:tor:agent:'+agent_name) %}
+{%- set port = compute.tor.bind.port + agent.id %}
# Vnswad configuration options
#
@@ -12,7 +12,7 @@
# server=10.0.0.1 10.0.0.2
[DEFAULT]
-agent_name={{ pillar.linux.system.name }}-{{ number }}
+agent_name={{ pillar.linux.system.name }}-{{ agent.id }}
# Everything in this section is optional
# IP address and port to be used to connect to collector. If these are not
@@ -34,7 +34,7 @@
# log_category=
# Local log file name
-log_file=/var/log/contrail/contrail-tor-agent-{{ number }}.log
+log_file=/var/log/contrail/contrail-tor-agent-{{ agent.id }}.log
# Log severity levels. Possible values are SYS_EMERG, SYS_ALERT, SYS_CRIT,
# SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO and SYS_DEBUG. Default is SYS_DEBUG
@@ -54,7 +54,7 @@
# headless_mode=
# Define agent mode. Only supported value is "tor"
- agent_mode=tor
+agent_mode=tor
# Http server port for inspecting vnswad state (useful for debugging)
@@ -70,24 +70,42 @@
[NETWORKS]
# control-channel IP address used by WEB-UI to connect to vnswad to fetch
# required information (Optional)
-control_network_ip={{ tor.control.address }}
+{%- if compute.bind is defined %}
+control_network_ip={{ compute.bind.address }}
+{%- else %}
+control_network_ip={{ compute.interface.address }}
+{%- endif %}
[TOR]
+{%- if agent.ssl is not defined %}
# IP address of the TOR to manage
-tor_ip={{ tor.device.host }}
+tor_ip={{ agent.host }}
+{%- endif %}
# Identifier for ToR. Agent will subscribe to ifmap-configuration by this name
-tor_id={{ number }}
+tor_id={{ agent.id }}
# ToR management scheme is based on this type. Only supported value is "ovs"
tor_type=ovs
# OVS server port number on the ToR
-tor_ovs_port=6632
+tor_ovs_port={{ agent.get('port', 6632) }}
# IP-Transport protocol used to connect to tor. Only supported value is "tcp"
+{%- if agent.ssl is defined %}
+tor_ovs_protocol=pssl
+{%- else %}
tor_ovs_protocol=tcp
+{%- endif %}
-tsn_ip={{ tor.interface.address }}
+tsn_ip={{ compute.interface.address }}
+tor_keepalive_interval={{ agent.get('tor_keepalive_interval', 10000) }}
+{%- if agent.ssl is defined %}
+ssl_cert={{ agent.ssl.get('cert', '/etc/contrail/ssl/certs/tor.crt') }}
+
+ssl_privkey={{ agent.ssl.get('key', '/etc/contrail/ssl/certs/tor.key') }}
+
+ssl_cacert={{ agent.ssl.get('ca', '/etc/contrail/ssl/certs/ca.crt') }}
+{%- endif %}
\ No newline at end of file
diff --git a/opencontrail/files/4.0/contrail-vrouter-agent.conf b/opencontrail/files/4.0/contrail-vrouter-agent.conf
index 94d170d..f8c6933 100644
--- a/opencontrail/files/4.0/contrail-vrouter-agent.conf
+++ b/opencontrail/files/4.0/contrail-vrouter-agent.conf
@@ -17,7 +17,7 @@
# Agent mode : can be vrouter / tsn / tor (default is vrouter)
# agent_mode=
-{%- if pillar.opencontrail.tor is defined %}
+{%- if compute.get('tor', {}).get('enabled', False) %}
agent_mode = tsn
{%- endif %}
@@ -196,6 +196,9 @@
[METADATA]
# Shared secret for metadata proxy service (Optional)
# metadata_proxy_secret=contrail
+{%- if compute.metadata is defined %}
+metadata_proxy_secret={{ compute.metadata.secret }}
+{%- endif %}
# Metadata proxy port on which agent listens (Optional)
# metadata_proxy_port=
diff --git a/opencontrail/files/4.0/tor/contrail-tor-agent.ini b/opencontrail/files/4.0/tor/contrail-tor-agent.ini
index 3443c3a..22a8918 100644
--- a/opencontrail/files/4.0/tor/contrail-tor-agent.ini
+++ b/opencontrail/files/4.0/tor/contrail-tor-agent.ini
@@ -1,14 +1,14 @@
-{%- from "opencontrail/map.jinja" import tor with context %}
-
-[program:contrail-tor-agent-{{ number }}]
-command=/usr/bin/contrail-tor-agent --config_file /etc/contrail/contrail-tor-agent-{{ number }}.conf
+{%- from "opencontrail/map.jinja" import compute with context %}
+{%- set agent = salt['pillar.get']('opencontrail:compute:tor:agent:'+agent_name) %}
+[program:contrail-tor-agent-{{ agent.id }}]
+command=/usr/bin/contrail-tor-agent --config_file /etc/contrail/contrail-tor-agent-{{ agent.id }}.conf
priority=420
autostart=true
killasgroup=true
stopsignal=KILL
stdout_capture_maxbytes=1MB
redirect_stderr=true
-stdout_logfile=/var/log/contrail/contrail-tor-agent-{{ number }}-stdout.log
+stdout_logfile=/var/log/contrail/contrail-tor-agent-{{ agent.id }}-stdout.log
stderr_logfile=/dev/null
startsecs=5
exitcodes=0 ; 'expected' exit codes for process (default 0,2)
\ No newline at end of file
diff --git a/opencontrail/files/telegraf.conf b/opencontrail/files/telegraf.conf
new file mode 100644
index 0000000..a1faefa
--- /dev/null
+++ b/opencontrail/files/telegraf.conf
@@ -0,0 +1,19 @@
+[[inputs.contrail]]
+{%- if values.interval is defined %}
+ interval = "{{ values.interval }}"
+{%- endif %}
+ ifmap_count = {{ values.ifmap_count|default("false")|lower }}
+{%- for tag_name, tag_value in values.get('checks', {}).iteritems() %}
+ {%- if tag_value.url is defined and tag_value.xml_element is defined %}
+ [[inputs.contrail.checks]]
+ url = "{{ tag_value.url }}"
+ xml_element = "{{ tag_value.xml_element }}"
+ name = "{{ tag_name }}"
+ {%- if tag_value.result_type is defined %}
+ result_type = "{{ tag_value.result_type }}"
+ {%- endif %}
+ {%- if tag_value.state is defined %}
+ state = "{{ tag_value.state }}"
+ {%- endif %}
+ {%- endif %}
+{%- endfor %}
diff --git a/opencontrail/init.sls b/opencontrail/init.sls
index 863a72d..ee862a7 100644
--- a/opencontrail/init.sls
+++ b/opencontrail/init.sls
@@ -18,9 +18,6 @@
{% if pillar.opencontrail.web is defined %}
- opencontrail.web
{% endif %}
-{% if pillar.opencontrail.tor is defined %}
-- opencontrail.tor
-{% endif %}
{%- if pillar.opencontrail.client is defined %}
- opencontrail.client
{%- endif %}
diff --git a/opencontrail/map.jinja b/opencontrail/map.jinja
index e98c2f4..cbfae68 100644
--- a/opencontrail/map.jinja
+++ b/opencontrail/map.jinja
@@ -1,4 +1,5 @@
{%- set vendor = salt['pillar.get']('opencontrail:common:vendor', 'opencontrail') %}
+{%- set version = salt['pillar.get']('opencontrail:common:version') %}
{%- load_yaml as base_defaults %}
{%- if vendor in ['opencontrail'] %}
@@ -19,26 +20,42 @@
['contrail-analytics', 'python-cassandra']
redis_config: '/etc/redis/redis.conf'
services:
+ {%- if grains.get('init') != 'systemd' %}
['supervisor-analytics', 'redis-server']
+ {%- else %}
+ ['contrail-collector', 'contrail-analytics-api', 'contrail-query-engine', 'contrail-alarm-gen', 'contrail-snmp-collector', 'contrail-topology', 'contrail-analytics-nodemgr', 'redis-server']
+ {%- endif %}
RedHat:
pkgs:
['contrail-analytics']
redis_config: '/etc/redis.conf'
services:
+ {%- if grains.get('init') != 'systemd' %}
['supervisor-analytics', 'redis']
+ {%- else %}
+ ['contrail-collector', 'contrail-analytics-api', 'contrail-query-engine', 'contrail-alarm-gen', 'contrail-snmp-collector', 'contrail-topology', 'contrail-analytics-nodemgr', 'redis']
+ {%- endif %}
compute:
Debian:
pkgs:
['contrail-utils', 'iproute2', 'haproxy']
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-vrouter']
+ {%- else %}
+ ['contrail-vrouter-agent', 'contrail-vrouter-nodemgr']
+ {%- endif %}
dpdk:
enabled: False
RedHat:
pkgs:
['contrail-openstack-vrouter', 'contrail-utils', 'haproxy', 'contrail-vrouter-source']
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-vrouter']
+ {%- else %}
+ ['contrail-vrouter-agent', 'contrail-vrouter-nodemgr']
+ {%- endif %}
dpdk:
enabled: False
config:
@@ -46,43 +63,70 @@
pkgs:
['contrail-config-openstack', 'ifmap-server']
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-config']
+ {%- else %}
+ ['contrail-api', 'contrail-schema', 'contrail-svc-monitor', 'contrail-device-manager', 'contrail-config-nodemgr']
+ {%- endif %}
RedHat:
pkgs:
['contrail-openstack-config']
services:
+ {%- if grains.get('init') != 'systemd' %}
['supervisor-config']
+ {%- else %}
+ ['contrail-api', 'contrail-schema', 'contrail-svc-monitor', 'contrail-device-manager', 'contrail-config-nodemgr']
+ {%- endif %}
control:
Debian:
pkgs:
['contrail-control', 'contrail-dns']
services:
+ {%- if grains.get('init') != 'systemd' %}
['contrail-control', 'supervisor-control']
+ {%- else %}
+ ['contrail-control', 'contrail-named', 'contrail-dns', 'contrail-control-nodemgr']
+ {%- endif %}
RedHat:
pkgs:
['contrail-openstack-control']
services:
- ['contrail-control', 'supervisor-control']
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
+ ['contrail-control', 'supervisor-control']
+ {%- else %}
+ ['contrail-control', 'contrail-named', 'contrail-dns', 'contrail-control-nodemgr']
+ {%- endif %}
database:
Debian:
{%- if grains.get('oscodename') == 'trusty' %}
pkgs:
['cassandra', 'zookeeper', 'supervisor', 'openjdk-7-jre-headless', 'contrail-database']
- {%- else %}
+ {%- elif version < 4.0 %}
pkgs:
['cassandra', 'zookeeper', 'supervisor', 'openjdk-8-jre-headless', 'contrail-database']
+ {%- else %}
+ pkgs:
+ ['cassandra', 'zookeeper', 'openjdk-8-jre-headless', 'contrail-database']
{%- endif %}
cassandra_config: '/etc/cassandra/'
compaction_throughput_mb_per_sec: 16
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisord-contrail-database', 'zookeeper']
+ {%- else %}
+ ['contrail-database', 'contrail-database-nodemgr', 'zookeeper']
+ {%- endif %}
RedHat:
pkgs:
['contrail-openstack-database', 'zookeeper', 'supervisor', 'java-1.7.0-openjdk-headless']
cassandra_config: '/etc/cassandra/conf/'
compaction_throughput_mb_per_sec: 16
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisord-contrail-database', 'zookeeper']
+ {%- else %}
+ ['contrail-database', 'contrail-database-nodemgr', 'zookeeper']
+ {%- endif %}
web:
Debian:
pkgs:
@@ -107,11 +151,6 @@
RedHat:
pkgs:
[]
-tor:
- Debian:
- agents: 1
- bind:
- port: 8086
{%- elif vendor == 'juniper' -%}
@@ -132,26 +171,42 @@
['contrail-analytics', 'python-cassandra-driver']
redis_config: '/etc/redis/redis.conf'
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-analytics', 'redis-server']
+ {%- else %}
+ ['contrail-collector', 'contrail-analytics-api', 'contrail-query-engine', 'contrail-alarm-gen', 'contrail-snmp-collector', 'contrail-topology', 'contrail-analytics-nodemgr', 'redis-server']
+ {%- endif %}
RedHat:
pkgs:
['contrail-analytics', 'python-cassandra-driver']
redis_config: '/etc/redis.conf'
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-analytics', 'redis']
+ {%- else %}
+ ['contrail-collector', 'contrail-analytics-api', 'contrail-query-engine', 'contrail-alarm-gen', 'contrail-snmp-collector', 'contrail-topology', 'contrail-analytics-nodemgr', 'redis']
+ {%- endif %}
compute:
Debian:
pkgs:
['contrail-utils', 'iproute2', 'haproxy']
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-vrouter']
+ {%- else %}
+ ['contrail-vrouter-agent', 'contrail-vrouter-nodemgr']
+ {%- endif %}
dpdk:
enabled: False
RedHat:
pkgs:
['contrail-openstack-vrouter', 'contrail-utils', 'haproxy', 'contrail-vrouter-source']
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-vrouter']
+ {%- else %}
+ ['contrail-vrouter-agent', 'contrail-vrouter-nodemgr']
+ {%- endif %}
dpdk:
enabled: False
config:
@@ -159,23 +214,39 @@
pkgs:
['contrail-config-openstack', 'ifmap-server']
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-config']
+ {%- else %}
+ ['contrail-api', 'contrail-schema', 'contrail-svc-monitor', 'contrail-device-manager', 'contrail-config-nodemgr']
+ {%- endif %}
RedHat:
pkgs:
['contrail-openstack-config']
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisor-config']
+ {%- else %}
+ ['contrail-api', 'contrail-schema', 'contrail-svc-monitor', 'contrail-device-manager', 'contrail-config-nodemgr']
+ {%- endif %}
control:
Debian:
pkgs:
['contrail-control', 'contrail-dns']
services:
- ['contrail-control', 'supervisor-control']
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
+ ['contrail-control', 'supervisor-control']
+ {%- else %}
+ ['contrail-control', 'contrail-named', 'contrail-dns', 'contrail-control-nodemgr']
+ {%- endif %}
RedHat:
pkgs:
['contrail-openstack-control']
services:
- ['contrail-control', 'supervisor-control']
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
+ ['contrail-control', 'supervisor-control']
+ {%- else %}
+ ['contrail-control', 'contrail-named', 'contrail-dns', 'contrail-control-nodemgr']
+ {%- endif %}
database:
Debian:
{%- if grains.get('oscodename') == 'trusty' %}
@@ -188,14 +259,22 @@
cassandra_config: '/etc/cassandra/'
compaction_throughput_mb_per_sec: 16
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisord-contrail-database', 'zookeeper']
+ {%- else %}
+ ['contrail-database', 'contrail-database-nodemgr', 'zookeeper']
+ {%- endif %}
RedHat:
pkgs:
['contrail-openstack-database', 'zookeeper', 'supervisor', 'java-1.7.0-openjdk-headless']
cassandra_config: '/etc/cassandra/conf/'
compaction_throughput_mb_per_sec: 16
services:
+ {%- if grains.get('init') != 'systemd' or version < 4.0 %}
['supervisord-contrail-database', 'zookeeper']
+ {%- else %}
+ ['contrail-database', 'contrail-database-nodemgr', 'zookeeper']
+ {%- endif %}
web:
Debian:
pkgs:
@@ -220,11 +299,6 @@
RedHat:
pkgs:
[]
-tor:
- Debian:
- agents: 1
- bind:
- port: 8086
{%- endif %}
{%- endload %}
@@ -237,7 +311,6 @@
{% set database = salt['grains.filter_by'](base_defaults['database'], merge=salt['pillar.get']('opencontrail:database', {}), base='database') %}
{% set web = salt['grains.filter_by'](base_defaults['web'], merge=salt['pillar.get']('opencontrail:web', {}), base='web') %}
{% set client = salt['grains.filter_by'](base_defaults['client'], merge=salt['pillar.get']('opencontrail:client', {}), base='client') %}
-{% set tor = salt['grains.filter_by'](base_defaults['tor'], merge=salt['pillar.get']('opencontrail:tor', {}), base='tor') %}
{% set monitoring = salt['grains.filter_by']({
'default': {
diff --git a/opencontrail/meta/telegraf.yml b/opencontrail/meta/telegraf.yml
index e43dc93..51f7a40 100644
--- a/opencontrail/meta/telegraf.yml
+++ b/opencontrail/meta/telegraf.yml
@@ -111,8 +111,11 @@
{%- endif %}
{%- if control.get('enabled', False) or compute.get('enabled', False) %}
contrail:
+ template: opencontrail/files/telegraf.conf
{%- if control.get('enabled', False) %}
- ifmap_count: "true"
+ # ifmap_count is always disabled because it puts too much load on the IF-MAP server
+ # and the metric is pretty much useless.
+ ifmap_count: "false"
{%- endif %}
checks:
{%- if control.get('enabled', False) %}
diff --git a/opencontrail/tor.sls b/opencontrail/tor.sls
deleted file mode 100644
index f425087..0000000
--- a/opencontrail/tor.sls
+++ /dev/null
@@ -1,24 +0,0 @@
-{%- from "opencontrail/map.jinja" import tor with context %}
-{%- if tor.enabled %}
-
-include:
-- opencontrail.common
-
-{% for number in range(tor.agents) %}
-
-/etc/contrail/contrail-tor-agent-{{ number }}.conf:
- file.managed:
- - source: salt://opencontrail/files/{{ tor.version }}/contrail-tor-agent.conf
- - template: jinja
- - defaults:
- number: {{ number }}
-
-/etc/contrail/supervisord_vrouter_files/contrail-tor-agent-{{ number }}.ini:
- file.managed:
- - source: salt://opencontrail/files/{{ tor.version }}/tor/contrail-tor-agent.ini
- - template: jinja
- - defaults:
- number: {{ number }}
-
-{%- endfor %}
-{%- endif %}
\ No newline at end of file
diff --git a/tests/pillar/tor.sls b/tests/pillar/tor.sls
deleted file mode 100644
index 04ecba0..0000000
--- a/tests/pillar/tor.sls
+++ /dev/null
@@ -1,35 +0,0 @@
-opencontrail:
- common:
- version: 3.0
- identity:
- engine: keystone
- host: 127.0.0.1
- port: 35357
- token: token
- password: password
- network:
- engine: neutron
- host: 127.0.0.1
- port: 9696
- tor:
- enabled: true
- version: 3.0
- agents: 1
- control:
- address: 127.0.0.1
- interface:
- address: 127.0.0.1
- device:
- host: 127.0.0.1
- compute:
- enabled: true
- version: 3.0
- discovery:
- host: 127.0.0.1
- interface:
- address: 127.0.0.1
- dev: eth0
- gateway: 127.0.0.1
- mask: /24
- dns: 127.0.0.1
- mtu: 9000
diff --git a/tests/pillar/tor4_0.sls b/tests/pillar/tor4_0.sls
deleted file mode 100644
index 16b59fc..0000000
--- a/tests/pillar/tor4_0.sls
+++ /dev/null
@@ -1,43 +0,0 @@
-opencontrail:
- common:
- version: 4.0
- identity:
- engine: keystone
- host: 127.0.0.1
- port: 35357
- token: token
- password: password
- network:
- engine: neutron
- host: 127.0.0.1
- port: 9696
- tor:
- enabled: true
- version: 4.0
- agents: 1
- control:
- address: 127.0.0.1
- interface:
- address: 127.0.0.1
- device:
- host: 127.0.0.1
- compute:
- enabled: true
- version: 4.0
- collector:
- members:
- - host: 127.0.0.1
- - host: 127.0.0.1
- - host: 127.0.0.1
- control:
- members:
- - host: 127.0.0.1
- - host: 127.0.0.1
- - host: 127.0.0.1
- interface:
- address: 127.0.0.1
- dev: eth0
- gateway: 127.0.0.1
- mask: /24
- dns: 127.0.0.1
- mtu: 9000
diff --git a/tests/pillar/vrouter.sls b/tests/pillar/vrouter.sls
index 45418a0..13e05e5 100644
--- a/tests/pillar/vrouter.sls
+++ b/tests/pillar/vrouter.sls
@@ -25,3 +25,14 @@
mask: /24
dns: 127.0.0.1
mtu: 9000
+ tor:
+ enabled: true
+ bind:
+ port: 8086
+ agent:
+ tor01:
+ id: 0
+ address: 127.0.0.1
+ port: 6632
+ ssl:
+ enabled: True
\ No newline at end of file
diff --git a/tests/pillar/vrouter4_0.sls b/tests/pillar/vrouter4_0.sls
index c875642..f19ce4e 100644
--- a/tests/pillar/vrouter4_0.sls
+++ b/tests/pillar/vrouter4_0.sls
@@ -33,3 +33,14 @@
mask: /24
dns: 127.0.0.1
mtu: 9000
+ tor:
+ enabled: true
+ bind:
+ port: 8086
+ agent:
+ tor01:
+ id: 0
+ address: 127.0.0.1
+ port: 6632
+ ssl:
+ enabled: True