diff --git a/controllerconfig/centos/build_srpm.data b/controllerconfig/centos/build_srpm.data index d3d1785a98..8a80236ea8 100755 --- a/controllerconfig/centos/build_srpm.data +++ b/controllerconfig/centos/build_srpm.data @@ -1,2 +1,2 @@ SRC_DIR="controllerconfig" -TIS_PATCH_VER=149 +TIS_PATCH_VER=150 diff --git a/controllerconfig/controllerconfig/scripts/controller_config b/controllerconfig/controllerconfig/scripts/controller_config index 4b4e1670fb..33739c793b 100755 --- a/controllerconfig/controllerconfig/scripts/controller_config +++ b/controllerconfig/controllerconfig/scripts/controller_config @@ -1,6 +1,6 @@ #!/bin/bash # -# Copyright (c) 2013-2017 Wind River Systems, Inc. +# Copyright (c) 2013-2019 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # @@ -229,7 +229,7 @@ start() fi # Check whether our installed load matches the active controller - CONTROLLER_UUID=`curl -sf http://controller/feed/rel-${SW_VERSION}/install_uuid` + CONTROLLER_UUID=`curl -sf http://controller:${http_port}/feed/rel-${SW_VERSION}/install_uuid` if [ $? -ne 0 ] then fatal_error "Unable to retrieve installation uuid from active controller" diff --git a/puppet-manifests/src/modules/openstack/manifests/horizon.pp b/puppet-manifests/src/modules/openstack/manifests/horizon.pp index b66463b43f..2f9cb2b189 100755 --- a/puppet-manifests/src/modules/openstack/manifests/horizon.pp +++ b/puppet-manifests/src/modules/openstack/manifests/horizon.pp @@ -17,6 +17,9 @@ class openstack::horizon::params ( $tpm_object = undef, $tpm_engine = '/usr/lib64/openssl/engines/libtpm2.so', + + $http_port = 8080, + $https_port = 8443, ) { } @@ -198,9 +201,9 @@ class openstack::horizon::firewall # of HTTPS for external protocols. The horizon # server runs on port 8080 behind the proxy server. if $enable_https { - $firewall_port = 443 + $firewall_port = $https_port } else { - $firewall_port = 80 + $firewall_port = $http_port } platform::firewall::rule { 'dashboard': @@ -233,3 +236,15 @@ class openstack::horizon::runtime { stage => post } } + +class openstack::lighttpd::runtime + inherits ::openstack::horizon::params { + + Class[$name] -> Class['::platform::helm::runtime'] + + file {'/etc/lighttpd/lighttpd.conf': + ensure => present, + content => template('openstack/lighttpd.conf.erb') + } + -> platform::sm::restart {'lighttpd': } +} diff --git a/puppet-manifests/src/modules/openstack/manifests/swift.pp b/puppet-manifests/src/modules/openstack/manifests/swift.pp index eddd3ac11d..740ead17b7 100644 --- a/puppet-manifests/src/modules/openstack/manifests/swift.pp +++ b/puppet-manifests/src/modules/openstack/manifests/swift.pp @@ -11,9 +11,11 @@ class openstack::swift::params ( class openstack::swift::firewall inherits ::openstack::swift::params { - platform::firewall::rule { 'swift-api': - service_name => 'swift', - ports => $api_port, + if $service_enabled { + platform::firewall::rule { 'swift-api': + service_name => 'swift', + ports => $api_port, + } } } @@ -21,10 +23,12 @@ class openstack::swift::firewall class openstack::swift::haproxy inherits ::openstack::swift::params { - platform::haproxy::proxy { 'swift-restapi': - server_name => 's-swift', - public_port => $api_port, - private_port => $api_port, + if $service_enabled { + platform::haproxy::proxy { 'swift-restapi': + server_name => 's-swift', + public_port => $api_port, + private_port => $api_port, + } } } diff --git a/puppet-manifests/src/modules/openstack/templates/lighttpd.conf.erb b/puppet-manifests/src/modules/openstack/templates/lighttpd.conf.erb index 492a495fd7..67ff348eda 100755 --- a/puppet-manifests/src/modules/openstack/templates/lighttpd.conf.erb +++ b/puppet-manifests/src/modules/openstack/templates/lighttpd.conf.erb @@ -144,7 +144,7 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) ######### Options that are good to be but not neccesary to be changed ####### ## bind to port (default: 80) -#server.port = 81 +server.port = <%= @http_port %> ## bind to localhost (default: all interfaces) #server.bind = "grisu.home.kneschke.de" @@ -223,7 +223,7 @@ $HTTP["url"] !~ "^/(rel-[^/]*|feed|updates|static|helm_charts)/" { ( "localhost" => ( "host" => "127.0.0.1", - "port" => 8080 + "port" => 8008 ) ) ) @@ -247,11 +247,11 @@ $HTTP["url"] !~ "^/(rel-[^/]*|feed|updates|static|helm_charts)/" { # #### Listen to IPv6 -$SERVER["socket"] == "[::]:80" { } +$SERVER["socket"] == "[::]:<%= @http_port %>" { } <% if @enable_https %> #### SSL engine -$SERVER["socket"] == ":443" { +$SERVER["socket"] == ":<%= @https_port %>" { ssl.engine = "enable" ssl.pemfile = "/etc/ssl/private/server-cert.pem" ssl.use-sslv2 = "disable" @@ -259,7 +259,7 @@ $SERVER["socket"] == ":443" { ssl.cipher-list = "ALL:!aNULL:!eNULL:!EXPORT:!TLSv1:!DES:!MD5:!PSK:!RC4:!EDH-RSA-DES-CBC3-SHA:!EDH-DSS-DES-CBC3-SHA:!DHE-RSA-AES128-SHA:!DHE-RSA-AES256-SHA:!ECDHE-RSA-DES-CBC3-SHA:!ECDHE-RSA-AES128-SHA:!ECDHE-RSA-AES256-SHA:!DES-CBC3-SHA:!AES128-SHA:!AES256-SHA:!DHE-DSS-AES128-SHA:!DHE-DSS-AES256-SHA:!CAMELLIA128-SHA:!CAMELLIA256-SHA:!DHE-DSS-CAMELLIA128-SHA:!DHE-DSS-CAMELLIA256-SHA:!DHE-RSA-CAMELLIA128-SHA:!DHE-RSA-CAMELLIA256-SHA:!ECDHE-ECDSA-DES-CBC3-SHA:!ECDHE-ECDSA-AES128-SHA:!ECDHE-ECDSA-AES256-SHA" } -$SERVER["socket"] == "[::]:443" { +$SERVER["socket"] == "[::]:<%= @https_port %>" { ssl.engine = "enable" ssl.pemfile = "/etc/ssl/private/server-cert.pem" ssl.use-sslv2 = "disable" diff --git a/puppet-manifests/src/modules/platform/manifests/config.pp b/puppet-manifests/src/modules/platform/manifests/config.pp index ed82c8bc1c..323a55435b 100644 --- a/puppet-manifests/src/modules/platform/manifests/config.pp +++ b/puppet-manifests/src/modules/platform/manifests/config.pp @@ -36,6 +36,7 @@ class platform::config::file { include ::platform::network::oam::params include ::platform::network::cluster_host::params include ::platform::kubernetes::params + include ::openstack::horizon::params $kubernetes_enabled = $::platform::kubernetes::params::enabled # dependent template variables @@ -166,6 +167,12 @@ class platform::config::file { } } + file_line { "${platform_conf} http_port": + path => $platform_conf, + line => "http_port=${::openstack::horizon::params::http_port}", + match => '^http_port=', + } + } diff --git a/puppet-manifests/src/modules/platform/manifests/haproxy.pp b/puppet-manifests/src/modules/platform/manifests/haproxy.pp index 74724ec59e..0aad9425d5 100644 --- a/puppet-manifests/src/modules/platform/manifests/haproxy.pp +++ b/puppet-manifests/src/modules/platform/manifests/haproxy.pp @@ -143,7 +143,9 @@ class platform::haproxy::runtime { } include ::openstack::keystone::haproxy include ::openstack::neutron::haproxy - include ::openstack::nova::haproxy + if $::platform::kubernetes::params::enabled != true { + include ::openstack::nova::haproxy + } include ::openstack::glance::haproxy include ::openstack::cinder::haproxy include ::openstack::aodh::haproxy diff --git a/puppet-manifests/src/modules/platform/manifests/helm.pp b/puppet-manifests/src/modules/platform/manifests/helm.pp index 632cc2521f..47b5effe14 100644 --- a/puppet-manifests/src/modules/platform/manifests/helm.pp +++ b/puppet-manifests/src/modules/platform/manifests/helm.pp @@ -54,7 +54,7 @@ class platform::helm # TODO(jrichard): Upversion tiller image to v2.11.1 once released. -> exec { 'initialize helm': environment => [ 'KUBECONFIG=/etc/kubernetes/admin.conf', 'HOME=/home/wrsroot' ], - command => 'helm init --skip-refresh --service-account tiller --node-selectors "node-role.kubernetes.io/master"="" --tiller-image=gcr.io/kubernetes-helm/tiller@sha256:022ce9d4a99603be1d30a4ca96a7fa57a45e6f2ef11172f4333c18aaae407f5b', # lint:ignore:140chars + command => 'helm init --skip-refresh --service-account tiller --node-selectors "node-role.kubernetes.io/master"="" --tiller-image=gcr.io/kubernetes-helm/tiller:v2.12.1', # lint:ignore:140chars logoutput => true, user => 'wrsroot', group => 'wrs', @@ -65,6 +65,16 @@ class platform::helm command => "mount -o bind -t ext4 ${source_helm_repo_dir} ${target_helm_repo_dir}", require => Exec['add local starlingx helm repo'] } + # it needs to create the index file after the bind mount, otherwise + # helm repo could not be updated until application-upload adds index + -> exec { 'generate helm repo index on source': + command => "helm repo index ${source_helm_repo_dir}", + logoutput => true, + user => 'www', + group => 'www', + require => User['www'] + } + } else { exec { 'initialize helm': environment => [ 'KUBECONFIG=/etc/kubernetes/admin.conf', 'HOME=/home/wrsroot' ], @@ -76,6 +86,8 @@ class platform::helm } } + include ::openstack::horizon::params + $port = $::openstack::horizon::params::http_port exec { 'restart lighttpd for helm': require => [File['/etc/lighttpd/lighttpd.conf', $target_helm_repo_dir], Exec['initialize helm']], command => 'systemctl restart lighttpd.service', @@ -93,7 +105,7 @@ class platform::helm -> exec { 'add local starlingx helm repo': before => Exec['Stop lighttpd'], environment => [ 'KUBECONFIG=/etc/kubernetes/admin.conf' , 'HOME=/home/wrsroot'], - command => 'helm repo add starlingx http://127.0.0.1/helm_charts', + command => "helm repo add starlingx http://127.0.0.1:${port}/helm_charts", logoutput => true, user => 'wrsroot', group => 'wrs', @@ -102,3 +114,25 @@ class platform::helm } } } + +class platform::helm::runtime +{ + include ::platform::kubernetes::params + + if $::platform::kubernetes::params::enabled { + + include ::platform::users + + include ::openstack::horizon::params + $port = $::openstack::horizon::params::http_port + + exec { 'update local starlingx helm repo': + environment => [ 'KUBECONFIG=/etc/kubernetes/admin.conf' , 'HOME=/home/wrsroot'], + command => "helm repo add starlingx http://127.0.0.1:${port}/helm_charts", + logoutput => true, + user => 'wrsroot', + group => 'wrs', + require => User['wrsroot'] + } + } +} diff --git a/puppet-manifests/src/modules/platform/manifests/patching.pp b/puppet-manifests/src/modules/platform/manifests/patching.pp index 74a7bbe166..0089db087e 100644 --- a/puppet-manifests/src/modules/platform/manifests/patching.pp +++ b/puppet-manifests/src/modules/platform/manifests/patching.pp @@ -70,3 +70,18 @@ class platform::patching::api ( include ::platform::patching::firewall include ::platform::patching::haproxy } + +class platform::patching::agent::reload { + + exec { 'restart sw-patch-agent': + command => '/usr/sbin/sw-patch-agent-restart', + logoutput => true, + } +} + +class platform::patching::runtime { + + class {'::platform::patching::agent::reload': + stage => post + } +} diff --git a/storageconfig/centos/build_srpm.data b/storageconfig/centos/build_srpm.data index e16aea6c83..58db4b514a 100644 --- a/storageconfig/centos/build_srpm.data +++ b/storageconfig/centos/build_srpm.data @@ -1,2 +1,2 @@ SRC_DIR="storageconfig" -TIS_PATCH_VER=5 +TIS_PATCH_VER=6 diff --git a/storageconfig/storageconfig/storage_config b/storageconfig/storageconfig/storage_config index d72acfa0fb..427039b976 100644 --- a/storageconfig/storageconfig/storage_config +++ b/storageconfig/storageconfig/storage_config @@ -1,6 +1,6 @@ #!/bin/bash # -# Copyright (c) 2013-2015 Wind River Systems, Inc. +# Copyright (c) 2013-2019 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # @@ -141,7 +141,7 @@ start() fi # Check whether our installed load matches the active controller - CONTROLLER_UUID=`curl -sf http://controller/feed/rel-${SW_VERSION}/install_uuid` + CONTROLLER_UUID=`curl -sf http://controller:${http_port}/feed/rel-${SW_VERSION}/install_uuid` if [ $? -ne 0 ] then fatal_error "Unable to retrieve installation uuid from active controller" diff --git a/sysinv/sysinv/sysinv/setup.cfg b/sysinv/sysinv/sysinv/setup.cfg index 4ce1245844..379260ad05 100644 --- a/sysinv/sysinv/sysinv/setup.cfg +++ b/sysinv/sysinv/sysinv/setup.cfg @@ -97,6 +97,7 @@ systemconfig.helm_plugins = panko = sysinv.helm.panko:PankoHelm rabbitmq = sysinv.helm.rabbitmq:RabbitmqHelm rbd-provisioner = sysinv.helm.rbd_provisioner:RbdProvisionerHelm + helm-toolkit = sysinv.helm.helm_toolkit:HelmToolkitHelm sysinv.agent.lldp.drivers = lldpd = sysinv.agent.lldp.drivers.lldpd.driver:SysinvLldpdAgentDriver diff --git a/sysinv/sysinv/sysinv/sysinv/api/controllers/v1/service_parameter.py b/sysinv/sysinv/sysinv/sysinv/api/controllers/v1/service_parameter.py index 3ce479a8da..b99b0a3971 100644 --- a/sysinv/sysinv/sysinv/sysinv/api/controllers/v1/service_parameter.py +++ b/sysinv/sysinv/sysinv/sysinv/api/controllers/v1/service_parameter.py @@ -10,6 +10,8 @@ import copy import netaddr import pecan +from fm_api import constants as fm_constants +from fm_api import fm_api from pecan import rest import six import wsme @@ -938,6 +940,36 @@ class ServiceParameterController(rest.RestController): )) raise wsme.exc.ClientSideError(msg) + @staticmethod + def _service_parameter_apply_semantic_check_http(): + """Semantic checks for the HTTP Service Type """ + + # check if a patching operation in progress + fm = fm_api.FaultAPIs() + + alarms = fm.get_faults_by_id(fm_constants. + FM_ALARM_ID_PATCH_IN_PROGRESS) + if alarms is not None: + msg = _("Unable to apply %s service parameters. " + "A patching operation is in progress." + % constants.SERVICE_TYPE_HTTP) + raise wsme.exc.ClientSideError(msg) + + # check if all hosts are unlocked/enabled + hosts = pecan.request.dbapi.ihost_get_list() + for host in hosts: + if (host['administrative'] == constants.ADMIN_UNLOCKED and + host['operational'] == constants.OPERATIONAL_ENABLED): + continue + else: + # the host name might be None for a newly discovered host + if not host['hostname']: + host_id = host['uuid'] + else: + host_id = host['hostname'] + raise wsme.exc.ClientSideError( + _("Host %s must be unlocked and enabled." % host_id)) + def _service_parameter_apply_semantic_check(self, service): """Semantic checks for the service-parameter-apply command """ @@ -987,6 +1019,9 @@ class ServiceParameterController(rest.RestController): if service == constants.SERVICE_TYPE_PLATFORM: self._service_parameter_apply_semantic_check_mtce() + if service == constants.SERVICE_TYPE_HTTP: + self._service_parameter_apply_semantic_check_http() + def _get_service(self, body): service = body.get('service') or "" if not service: diff --git a/sysinv/sysinv/sysinv/sysinv/common/constants.py b/sysinv/sysinv/sysinv/sysinv/common/constants.py index b8c87e3652..165c65eb95 100644 --- a/sysinv/sysinv/sysinv/sysinv/common/constants.py +++ b/sysinv/sysinv/sysinv/sysinv/common/constants.py @@ -1,5 +1,5 @@ # -# Copyright (c) 2013-2018 Wind River Systems, Inc. +# Copyright (c) 2013-2019 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # @@ -902,6 +902,7 @@ SERVICE_TYPE_AODH = 'aodh' SERVICE_TYPE_GLANCE = 'glance' SERVICE_TYPE_BARBICAN = 'barbican' SERVICE_TYPE_DOCKER = 'docker' +SERVICE_TYPE_HTTP = 'http' SERVICE_PARAM_SECTION_MURANO_RABBITMQ = 'rabbitmq' SERVICE_PARAM_SECTION_MURANO_ENGINE = 'engine' @@ -1102,6 +1103,13 @@ SERVICE_PARAM_NAME_DOCKER_NO_PROXY = 'no_proxy' # default filesystem size to 25 MB SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT = 25 +# HTTP Service Parameters +SERVICE_PARAM_SECTION_HTTP_CONFIG = 'config' +SERVICE_PARAM_HTTP_PORT_HTTP = 'http_port' +SERVICE_PARAM_HTTP_PORT_HTTPS = 'https_port' +SERVICE_PARAM_HTTP_PORT_HTTP_DEFAULT = 8080 +SERVICE_PARAM_HTTP_PORT_HTTPS_DEFAULT = 8443 + # TIS part number, CPE = combined load, STD = standard load TIS_STD_BUILD = 'Standard' TIS_AIO_BUILD = 'All-in-one' @@ -1414,6 +1422,7 @@ HELM_CHART_OPENVSWITCH = 'openvswitch' HELM_CHART_PANKO = 'panko' HELM_CHART_RABBITMQ = 'rabbitmq' HELM_CHART_RBD_PROVISIONER = 'rbd-provisioner' +HELM_CHART_HELM_TOOLKIT = 'helm-toolkit' SUPPORTED_HELM_CHARTS = [ HELM_CHART_AODH, @@ -1439,6 +1448,7 @@ SUPPORTED_HELM_CHARTS = [ HELM_CHART_PANKO, HELM_CHART_RABBITMQ, HELM_CHART_RBD_PROVISIONER, + HELM_CHART_HELM_TOOLKIT, ] # Helm: Supported application (aka chart bundles) @@ -1469,7 +1479,8 @@ SUPPORTED_HELM_APP_CHARTS = { HELM_CHART_GNOCCHI, HELM_CHART_CEILOMETER, HELM_CHART_PANKO, - HELM_CHART_AODH + HELM_CHART_AODH, + HELM_CHART_HELM_TOOLKIT, ] } diff --git a/sysinv/sysinv/sysinv/sysinv/common/service_parameter.py b/sysinv/sysinv/sysinv/sysinv/common/service_parameter.py index caae7fd536..1dac250187 100644 --- a/sysinv/sysinv/sysinv/sysinv/common/service_parameter.py +++ b/sysinv/sysinv/sysinv/sysinv/common/service_parameter.py @@ -1,4 +1,4 @@ -# Copyright (c) 2017-2018 Wind River Systems, Inc. +# Copyright (c) 2017-2019 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # @@ -1516,6 +1516,23 @@ DOCKER_PROXY_PARAMETER_RESOURCE = { 'platform::docker::params::no_proxy', } +HTTPD_PORT_PARAMETER_OPTIONAL = [ + constants.SERVICE_PARAM_HTTP_PORT_HTTP, + constants.SERVICE_PARAM_HTTP_PORT_HTTPS, +] + +HTTPD_PORT_PARAMETER_VALIDATOR = { + constants.SERVICE_PARAM_HTTP_PORT_HTTP: _validate_integer, + constants.SERVICE_PARAM_HTTP_PORT_HTTPS: _validate_integer, +} + +HTTPD_PORT_PARAMETER_RESOURCE = { + constants.SERVICE_PARAM_HTTP_PORT_HTTP: + 'openstack::horizon::params::http_port', + constants.SERVICE_PARAM_HTTP_PORT_HTTPS: + 'openstack::horizon::params::https_port', +} + # Service Parameter Schema SERVICE_PARAM_MANDATORY = 'mandatory' SERVICE_PARAM_OPTIONAL = 'optional' @@ -1699,6 +1716,13 @@ SERVICE_PARAMETER_SCHEMA = { SERVICE_PARAM_RESOURCE: DOCKER_PROXY_PARAMETER_RESOURCE, }, }, + constants.SERVICE_TYPE_HTTP: { + constants.SERVICE_PARAM_SECTION_HTTP_CONFIG: { + SERVICE_PARAM_OPTIONAL: HTTPD_PORT_PARAMETER_OPTIONAL, + SERVICE_PARAM_VALIDATOR: HTTPD_PORT_PARAMETER_VALIDATOR, + SERVICE_PARAM_RESOURCE: HTTPD_PORT_PARAMETER_RESOURCE, + }, + }, } SERVICE_PARAMETER_MAX_LENGTH = 255 diff --git a/sysinv/sysinv/sysinv/sysinv/common/utils.py b/sysinv/sysinv/sysinv/sysinv/common/utils.py index c167a7b77b..a87ebc65d4 100644 --- a/sysinv/sysinv/sysinv/sysinv/common/utils.py +++ b/sysinv/sysinv/sysinv/sysinv/common/utils.py @@ -18,7 +18,7 @@ # License for the specific language governing permissions and limitations # under the License. # -# Copyright (c) 2013-2018 Wind River Systems, Inc. +# Copyright (c) 2013-2019 Wind River Systems, Inc. # @@ -1883,3 +1883,18 @@ def find_manifest_file(path): return None return mfiles + + +def get_http_port(dbapi): + http_port = constants.SERVICE_PARAM_HTTP_PORT_HTTP_DEFAULT + try: + http_port = int(dbapi.service_parameter_get_one( + constants.SERVICE_TYPE_HTTP, + constants.SERVICE_PARAM_SECTION_HTTP_CONFIG, + constants.SERVICE_PARAM_HTTP_PORT_HTTP).value) + except exception.NotFound: + LOG.error("Failed to find service parameter for %s,%s,%s" % ( + constants.SERVICE_TYPE_HTTP, + constants.SERVICE_PARAM_SECTION_HTTP_CONFIG, + constants.SERVICE_PARAM_HTTP_PORT_HTTP)) + return http_port diff --git a/sysinv/sysinv/sysinv/sysinv/conductor/kube_app.py b/sysinv/sysinv/sysinv/sysinv/conductor/kube_app.py index 35ba29444b..01867ea4a3 100644 --- a/sysinv/sysinv/sysinv/sysinv/conductor/kube_app.py +++ b/sysinv/sysinv/sysinv/sysinv/conductor/kube_app.py @@ -673,13 +673,9 @@ class AppOperator(object): missing_overrides = [] available_overrides = [] - excluded = ['helm-toolkit'] for chart in charts: overrides = chart.namespace + '-' + chart.name + '.yaml' - if chart.name in excluded: - LOG.debug("Skipping overrides %s " % overrides) - continue overrides_file = os.path.join(common.HELM_OVERRIDES_PATH, overrides) if not os.path.exists(overrides_file): diff --git a/sysinv/sysinv/sysinv/sysinv/conductor/manager.py b/sysinv/sysinv/sysinv/sysinv/conductor/manager.py index f738bfd8af..84a35b2f59 100644 --- a/sysinv/sysinv/sysinv/sysinv/conductor/manager.py +++ b/sysinv/sysinv/sysinv/sysinv/conductor/manager.py @@ -16,7 +16,7 @@ # License for the specific language governing permissions and limitations # under the License. # -# Copyright (c) 2013-2018 Wind River Systems, Inc. +# Copyright (c) 2013-2019 Wind River Systems, Inc. # """Conduct all activity related system inventory. @@ -517,6 +517,16 @@ class ConductorManager(service.PeriodicService): 'section': constants.SERVICE_PARAM_SECTION_SWIFT_CONFIG, 'name': constants.SERVICE_PARAM_NAME_SWIFT_FS_SIZE_MB, 'value': constants.SERVICE_PARAM_SWIFT_FS_SIZE_MB_DEFAULT}, + {'service': constants.SERVICE_TYPE_HTTP, + 'section': constants.SERVICE_PARAM_SECTION_HTTP_CONFIG, + 'name': constants.SERVICE_PARAM_HTTP_PORT_HTTP, + 'value': constants.SERVICE_PARAM_HTTP_PORT_HTTP_DEFAULT + }, + {'service': constants.SERVICE_TYPE_HTTP, + 'section': constants.SERVICE_PARAM_SECTION_HTTP_CONFIG, + 'name': constants.SERVICE_PARAM_HTTP_PORT_HTTPS, + 'value': constants.SERVICE_PARAM_HTTP_PORT_HTTPS_DEFAULT + }, ] for i in range(2, constants.SERVICE_PARAM_MAX_HPE3PAR + 1): @@ -1054,6 +1064,9 @@ class ConductorManager(service.PeriodicService): sw_version != tsc.SW_VERSION_1803: install_opts += ['-k', system.security_feature] + base_url = "http://pxecontroller:%d" % cutils.get_http_port(self.dbapi) + install_opts += ['-l', base_url] + if host['mgmt_mac']: dashed_mac = host["mgmt_mac"].replace(":", "-") pxeboot_update = "/usr/sbin/pxeboot-update-%s.sh" % sw_version @@ -1068,7 +1081,6 @@ class ConductorManager(service.PeriodicService): os.remove("/pxeboot/pxelinux.cfg/efi-01-" + dashed_mac) except OSError: pass - with open(os.devnull, "w") as fnull: try: subprocess.check_call( @@ -7086,6 +7098,12 @@ class ConductorManager(service.PeriodicService): config_uuid = self._config_update_hosts(context, [constants.CONTROLLER, constants.WORKER]) + elif service == constants.SERVICE_TYPE_HTTP: + config_uuid = self._config_update_hosts(context, + [constants.CONTROLLER, + constants.WORKER, + constants.STORAGE]) + else: # All other services personalities = [constants.CONTROLLER] @@ -7199,6 +7217,28 @@ class ConductorManager(service.PeriodicService): } self._config_apply_runtime_manifest(context, config_uuid, config_dict) + elif service == constants.SERVICE_TYPE_HTTP: + # the platform::config class will be applied that will + # configure the http port + personalities = [constants.WORKER, constants.STORAGE] + config_dict = { + "personalities": personalities, + "classes": ['platform::patching::runtime']} + self._config_apply_runtime_manifest(context, config_uuid, + config_dict) + + # the runtime classes on controllers will be applied + personalities = [constants.CONTROLLER] + config_dict = { + "personalities": personalities, + "classes": ['openstack::lighttpd::runtime', + 'platform::helm::runtime', + 'platform::firewall::runtime', + 'platform::patching::runtime'] + } + self._config_apply_runtime_manifest(context, config_uuid, + config_dict) + def update_security_feature_config(self, context): """Update the kernel options configuration""" personalities = constants.PERSONALITIES diff --git a/sysinv/sysinv/sysinv/sysinv/helm/base.py b/sysinv/sysinv/sysinv/sysinv/helm/base.py index b9b08c1b02..33d2af0ce4 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/base.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/base.py @@ -64,6 +64,10 @@ class BaseHelm(object): def quoted_str(value): return quoted_str(value) + def get_chart_location(self, chart_name): + return 'http://controller:%s/helm_charts/%s-0.1.0.tgz' % ( + utils.get_http_port(self.dbapi), chart_name) + @staticmethod def _generate_random_password(length=16): suffix = "Ti0*" diff --git a/sysinv/sysinv/sysinv/sysinv/helm/common.py b/sysinv/sysinv/sysinv/sysinv/helm/common.py index 144dee753c..798ace1269 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/common.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/common.py @@ -23,6 +23,7 @@ HELM_NS_DEFAULT = 'default' HELM_NS_KUBE_SYSTEM = 'kube-system' HELM_NS_NFS = 'nfs' HELM_NS_OPENSTACK = 'openstack' +HELM_NS_HELM_TOOLKIT = 'helm-toolkit' # Services # Matches configassistant.py value => Should change to STARLINGX diff --git a/sysinv/sysinv/sysinv/sysinv/helm/helm.py b/sysinv/sysinv/sysinv/sysinv/helm/helm.py index e890d4788e..30d3ef6827 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/helm.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/helm.py @@ -231,18 +231,42 @@ class HelmOperator(object): LOG.info(e) return overrides - @staticmethod - def _add_armada_override_header(chart_name, namespace, overrides): + def _get_helm_chart_location(self, chart_name): + """Get supported chart location. + + This method returns the download location for a given chart. + + :param chart_name: name of the chart + :returns: a URL as location or None if the chart is not supported + """ + if chart_name in self.implemented_charts: + return self.chart_operators[chart_name].get_chart_location( + chart_name) + return None + + def _add_armada_override_header(self, chart_name, namespace, overrides): + use_chart_name_only = [common.HELM_NS_HELM_TOOLKIT] + if namespace in use_chart_name_only: + name = chart_name + else: + name = namespace + '-' + chart_name new_overrides = { 'schema': 'armada/Chart/v1', 'metadata': { 'schema': 'metadata/Document/v1', - 'name': namespace + '-' + chart_name + 'name': name }, 'data': { 'values': overrides } } + location = self._get_helm_chart_location(chart_name) + if location: + new_overrides['data'].update({ + 'source': { + 'location': location + } + }) return new_overrides def merge_overrides(self, file_overrides=[], set_overrides=[]): diff --git a/sysinv/sysinv/sysinv/sysinv/helm/helm_toolkit.py b/sysinv/sysinv/sysinv/sysinv/helm/helm_toolkit.py new file mode 100644 index 0000000000..9e57d09cc4 --- /dev/null +++ b/sysinv/sysinv/sysinv/sysinv/helm/helm_toolkit.py @@ -0,0 +1,38 @@ +# +# Copyright (c) 2019 Wind River Systems, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# + +from sysinv.common import constants +from sysinv.common import exception +from sysinv.openstack.common import log as logging +from sysinv.helm import common +from sysinv.helm import base + +LOG = logging.getLogger(__name__) + + +class HelmToolkitHelm(base.BaseHelm): + """Class to encapsulate helm operations for the helm toolkit""" + + CHART = constants.HELM_CHART_HELM_TOOLKIT + SUPPORTED_NAMESPACES = [ + common.HELM_NS_HELM_TOOLKIT, + ] + + def get_namespaces(self): + return self.SUPPORTED_NAMESPACES + + def get_overrides(self, namespace=None): + overrides = { + common.HELM_NS_HELM_TOOLKIT: {} + } + + if namespace in self.SUPPORTED_NAMESPACES: + return overrides[namespace] + elif namespace: + raise exception.InvalidHelmNamespace(chart=self.CHART, + namespace=namespace) + else: + return overrides diff --git a/workerconfig/centos/build_srpm.data b/workerconfig/centos/build_srpm.data index 5367b32dd1..15dba9a1c7 100644 --- a/workerconfig/centos/build_srpm.data +++ b/workerconfig/centos/build_srpm.data @@ -1,2 +1,2 @@ SRC_DIR="workerconfig" -TIS_PATCH_VER=11 +TIS_PATCH_VER=12 diff --git a/workerconfig/workerconfig/worker_config b/workerconfig/workerconfig/worker_config index cdcaaa1186..9814cc5ec1 100644 --- a/workerconfig/workerconfig/worker_config +++ b/workerconfig/workerconfig/worker_config @@ -1,6 +1,6 @@ #!/bin/bash # -# Copyright (c) 2013-2016 Wind River Systems, Inc. +# Copyright (c) 2013-2019 Wind River Systems, Inc. # # SPDX-License-Identifier: Apache-2.0 # @@ -239,7 +239,7 @@ start() if [ "$nodetype" = "worker" ] then # Check whether our installed load matches the active controller - CONTROLLER_UUID=`curl -sf http://controller/feed/rel-${SW_VERSION}/install_uuid` + CONTROLLER_UUID=`curl -sf http://controller:${http_port}/feed/rel-${SW_VERSION}/install_uuid` if [ $? -ne 0 ] then fatal_error "Unable to retrieve installation uuid from active controller"