From 4f406285e4e84474bc09339629977aba94f20c39 Mon Sep 17 00:00:00 2001 From: SidneyAn Date: Tue, 14 May 2019 14:39:08 +0800 Subject: [PATCH] update nfv-vim puppet runtime manifests and config files nfvi would raise openstack alarms/logs to the fm in pods, when it is availiable. following configure changes are required: 1. add "fault_mgmt_plugin_disabled" para in vim config file. Set it "True" when openstack application is not implement, and "False" when it is. 2. add "fault_mgmt_endpoint_disabled" para in alarm and event_log config file. rules are the same with "fault_mgmt_plugin_disabled" 3. add "openstack" and "fm" info to alarms and event_logs config file Story: 2004008 Task: 30954 Depends-On: https://review.opendev.org/#/c/661548/ Change-Id: Iee2a4515336f4ce9b6373d56d4f7a5779664233d Signed-off-by: SidneyAn --- .../src/modules/platform/manifests/nfv.pp | 2 + .../puppet-nfv/src/nfv/manifests/alarm.pp | 30 ++ .../puppet-nfv/src/nfv/manifests/event_log.pp | 30 ++ .../puppet-nfv/src/nfv/manifests/vim.pp | 2 + sysinv/sysinv/sysinv/sysinv/puppet/nfv.py | 291 +++++++++--------- 5 files changed, 201 insertions(+), 154 deletions(-) diff --git a/puppet-manifests/src/modules/platform/manifests/nfv.pp b/puppet-manifests/src/modules/platform/manifests/nfv.pp index 3ddcc7dc0d..10241e6c9e 100644 --- a/puppet-manifests/src/modules/platform/manifests/nfv.pp +++ b/puppet-manifests/src/modules/platform/manifests/nfv.pp @@ -35,6 +35,8 @@ class platform::nfv { include ::nfv include ::nfv::vim include ::nfv::nfvi + include ::nfv::alarm + include ::nfv::event_log } diff --git a/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/alarm.pp b/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/alarm.pp index 9619aeff11..6273aed1cb 100644 --- a/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/alarm.pp +++ b/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/alarm.pp @@ -7,6 +7,19 @@ class nfv::alarm ( $enabled = false, $storage_file = '/var/log/nfv-vim-alarms.log', + $openstack_username = 'admin', + $openstack_tenant = 'admin', + $openstack_user_domain = 'Default', + $openstack_project_domain = 'Default', + $openstack_auth_protocol = 'http', + $openstack_auth_host = '127.0.0.1', + $openstack_auth_port = 5000, + $openstack_keyring_service = undef, + $fault_mgmt_region_name = 'RegionOne', + $fault_mgmt_service_name = 'fm', + $fault_mgmt_service_type = 'faultmanagement', + $fault_mgmt_endpoint_type = 'admin', + $fault_mgmt_endpoint_disabled = false, ) { include nfv::params @@ -14,6 +27,23 @@ class nfv::alarm ( nfv_plugin_alarm_config { # File-Storage Information 'File-Storage/file': value => $storage_file; + + # OpenStack Authentication Information + 'openstack/username': value => $openstack_username; + 'openstack/tenant': value => $openstack_tenant; + 'openstack/user_domain_name': value => $openstack_user_domain; + 'openstack/project_domain_name': value => $openstack_project_domain; + 'openstack/authorization_protocol': value => $openstack_auth_protocol; + 'openstack/authorization_ip': value => $openstack_auth_host; + 'openstack/authorization_port': value => $openstack_auth_port; + 'openstack/keyring_service': value => $openstack_keyring_service; + + # Fault Management Information + 'fm/region_name': value => $fault_mgmt_region_name; + 'fm/service_name': value => $fault_mgmt_service_name; + 'fm/service_type': value => $fault_mgmt_service_type; + 'fm/endpoint_type': value => $fault_mgmt_endpoint_type; + 'fm/endpoint_disabled': value => $fault_mgmt_endpoint_disabled; } if $enabled { diff --git a/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/event_log.pp b/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/event_log.pp index a081abbf89..9c15a4d948 100644 --- a/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/event_log.pp +++ b/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/event_log.pp @@ -7,6 +7,19 @@ class nfv::event_log ( $enabled = false, $storage_file = '/var/log/nfv-vim-events.log', + $openstack_username = 'admin', + $openstack_tenant = 'admin', + $openstack_user_domain = 'Default', + $openstack_project_domain = 'Default', + $openstack_auth_protocol = 'http', + $openstack_auth_host = '127.0.0.1', + $openstack_auth_port = 5000, + $openstack_keyring_service = undef, + $fault_mgmt_region_name = 'RegionOne', + $fault_mgmt_service_name = 'fm', + $fault_mgmt_service_type = 'faultmanagement', + $fault_mgmt_endpoint_type = 'admin', + $fault_mgmt_endpoint_disabled = false, ) { include nfv::params @@ -14,6 +27,23 @@ class nfv::event_log ( nfv_plugin_event_log_config { # File-Storage Information 'File-Storage/file': value => $storage_file; + + # OpenStack Authentication Information + 'openstack/username': value => $openstack_username; + 'openstack/tenant': value => $openstack_tenant; + 'openstack/user_domain_name': value => $openstack_user_domain; + 'openstack/project_domain_name': value => $openstack_project_domain; + 'openstack/authorization_protocol': value => $openstack_auth_protocol; + 'openstack/authorization_ip': value => $openstack_auth_host; + 'openstack/authorization_port': value => $openstack_auth_port; + 'openstack/keyring_service': value => $openstack_keyring_service; + + # Fault Management Information + 'fm/region_name': value => $fault_mgmt_region_name; + 'fm/service_name': value => $fault_mgmt_service_name; + 'fm/service_type': value => $fault_mgmt_service_type; + 'fm/endpoint_type': value => $fault_mgmt_endpoint_type; + 'fm/endpoint_disabled': value => $fault_mgmt_endpoint_disabled; } if $enabled { diff --git a/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/vim.pp b/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/vim.pp index 916d2258eb..ae0211bc0a 100644 --- a/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/vim.pp +++ b/puppet-modules-wrs/puppet-nfv/src/nfv/manifests/vim.pp @@ -25,6 +25,7 @@ class nfv::vim ( $compute_plugin_disabled = false, $network_plugin_disabled = false, $guest_plugin_disabled = false, + $fault_mgmt_plugin_disabled = false, $vim_rpc_ip = '127.0.0.1', $vim_rpc_port = 4343, $vim_api_ip = '0.0.0.0', @@ -70,6 +71,7 @@ class nfv::vim ( 'nfvi/compute_plugin_disabled': value => $compute_plugin_disabled; 'nfvi/network_plugin_disabled': value => $network_plugin_disabled; 'nfvi/guest_plugin_disabled': value => $guest_plugin_disabled; + 'nfvi/fault_mgmt_plugin_disabled': value => $fault_mgmt_plugin_disabled; # INSTANCE CONFIGURATION 'instance-configuration/max_live_migrate_wait_in_secs': value => $instance_max_live_migrate_wait_in_secs; diff --git a/sysinv/sysinv/sysinv/sysinv/puppet/nfv.py b/sysinv/sysinv/sysinv/sysinv/puppet/nfv.py index 5cb4cf9dda..723c3ba2df 100644 --- a/sysinv/sysinv/sysinv/sysinv/puppet/nfv.py +++ b/sysinv/sysinv/sysinv/sysinv/puppet/nfv.py @@ -83,145 +83,140 @@ class NfvPuppet(openstack.OpenstackBasePuppet): self._to_create_services(), } - if self._kubernetes_enabled(): - if utils.is_openstack_applied(self.dbapi): - helm_data = helm.HelmOperatorData(self.dbapi) + if utils.is_openstack_applied(self.dbapi): + helm_data = helm.HelmOperatorData(self.dbapi) - # The openstack services are authenticated with pod based - # keystone. - keystone_auth_data = helm_data.get_keystone_auth_data() - openstack_auth_config = { - 'nfv::nfvi::openstack_username': - keystone_auth_data['admin_user_name'], - 'nfv::nfvi::openstack_tenant': - keystone_auth_data['admin_project_name'], - 'nfv::nfvi::openstack_auth_host': - keystone_auth_data['auth_host'], - 'nfv::nfvi::openstack_user_domain': - keystone_auth_data['admin_user_domain'], - 'nfv::nfvi::openstack_project_domain': - keystone_auth_data['admin_project_domain'], - 'nfv::nfvi::openstack_keyring_service': - self.PLATFORM_KEYRING_SERVICE, - } - config.update(openstack_auth_config) + # The openstack services are authenticated with pod based + # keystone. + keystone_auth_data = helm_data.get_keystone_auth_data() + openstack_auth_config = { + 'nfv::nfvi::openstack_username': + keystone_auth_data['admin_user_name'], + 'nfv::nfvi::openstack_tenant': + keystone_auth_data['admin_project_name'], + 'nfv::nfvi::openstack_auth_host': + keystone_auth_data['auth_host'], + 'nfv::nfvi::openstack_user_domain': + keystone_auth_data['admin_user_domain'], + 'nfv::nfvi::openstack_project_domain': + keystone_auth_data['admin_project_domain'], + 'nfv::nfvi::openstack_keyring_service': + self.PLATFORM_KEYRING_SERVICE, - # Nova is running in a pod - nova_endpoint_data = helm_data.get_nova_endpoint_data() - nova_config = { - 'nfv::nfvi::nova_endpoint_override': - nova_endpoint_data['endpoint_override'], - 'nfv::nfvi::nova_region_name': - nova_endpoint_data['region_name'], - } - config.update(nova_config) + 'nfv::alarm::openstack_username': + keystone_auth_data['admin_user_name'], + 'nfv::alarm::openstack_tenant': + keystone_auth_data['admin_project_name'], + 'nfv::alarm::openstack_auth_host': + keystone_auth_data['auth_host'], + 'nfv::alarm::openstack_user_domain': + keystone_auth_data['admin_user_domain'], + 'nfv::alarm::openstack_project_domain': + keystone_auth_data['admin_project_domain'], + 'nfv::alarm::openstack_keyring_service': + self.PLATFORM_KEYRING_SERVICE, - # Cinder is running in a pod - cinder_endpoint_data = helm_data.get_cinder_endpoint_data() - cinder_config = { - 'nfv::nfvi::cinder_region_name': - cinder_endpoint_data['region_name'], - 'nfv::nfvi::cinder_service_name': - cinder_endpoint_data['service_name'], - 'nfv::nfvi::cinder_service_type': - cinder_endpoint_data['service_type'], - } - config.update(cinder_config) + 'nfv::event_log::openstack_username': + keystone_auth_data['admin_user_name'], + 'nfv::event_log::openstack_tenant': + keystone_auth_data['admin_project_name'], + 'nfv::event_log::openstack_auth_host': + keystone_auth_data['auth_host'], + 'nfv::event_log::openstack_user_domain': + keystone_auth_data['admin_user_domain'], + 'nfv::event_log::openstack_project_domain': + keystone_auth_data['admin_project_domain'], + 'nfv::event_log::openstack_keyring_service': + self.PLATFORM_KEYRING_SERVICE, + } + config.update(openstack_auth_config) - # Glance is running in a pod - glance_endpoint_data = helm_data.get_glance_endpoint_data() - glance_config = { - 'nfv::nfvi::glance_region_name': - glance_endpoint_data['region_name'], - 'nfv::nfvi::glance_service_name': - glance_endpoint_data['service_name'], - 'nfv::nfvi::glance_service_type': - glance_endpoint_data['service_type'], - } - config.update(glance_config) + # Nova is running in a pod + nova_endpoint_data = helm_data.get_nova_endpoint_data() + nova_config = { + 'nfv::nfvi::nova_endpoint_override': + nova_endpoint_data['endpoint_override'], + 'nfv::nfvi::nova_region_name': + nova_endpoint_data['region_name'], + } + config.update(nova_config) - # Neutron is running in a pod - neutron_endpoint_data = helm_data.get_neutron_endpoint_data() - neutron_config = { - 'nfv::nfvi::neutron_region_name': - neutron_endpoint_data['region_name'], - } - config.update(neutron_config) + # Cinder is running in a pod + cinder_endpoint_data = helm_data.get_cinder_endpoint_data() + cinder_config = { + 'nfv::nfvi::cinder_region_name': + cinder_endpoint_data['region_name'], + 'nfv::nfvi::cinder_service_name': + cinder_endpoint_data['service_name'], + 'nfv::nfvi::cinder_service_type': + cinder_endpoint_data['service_type'], + } + config.update(cinder_config) - # Heat is running in a pod - heat_endpoint_data = helm_data.get_heat_endpoint_data() - heat_config = { - 'nfv::nfvi::heat_region_name': - heat_endpoint_data['region_name'], - } - config.update(heat_config) + # Glance is running in a pod + glance_endpoint_data = helm_data.get_glance_endpoint_data() + glance_config = { + 'nfv::nfvi::glance_region_name': + glance_endpoint_data['region_name'], + 'nfv::nfvi::glance_service_name': + glance_endpoint_data['service_name'], + 'nfv::nfvi::glance_service_type': + glance_endpoint_data['service_type'], + } + config.update(glance_config) - # Ceilometer is running in a pod - ceilometer_endpoint_data = \ - helm_data.get_ceilometer_endpoint_data() - ceilometer_config = { - 'nfv::nfvi::ceilometer_region_name': - ceilometer_endpoint_data['region_name'], - } - config.update(ceilometer_config) + # Neutron is running in a pod + neutron_endpoint_data = helm_data.get_neutron_endpoint_data() + neutron_config = { + 'nfv::nfvi::neutron_region_name': + neutron_endpoint_data['region_name'], + } + config.update(neutron_config) - # The openstack rabbitmq is running in a pod - nova_oslo_messaging_data = \ - helm_data.get_nova_oslo_messaging_data() - rabbit_config = { - 'nfv::nfvi::rabbit_host': - nova_oslo_messaging_data['host'], - 'nfv::nfvi::rabbit_port': - nova_oslo_messaging_data['port'], - 'nfv::nfvi::rabbit_virtual_host': - nova_oslo_messaging_data['virt_host'], - 'nfv::nfvi::rabbit_userid': - nova_oslo_messaging_data['username'], - 'nfv::nfvi::rabbit_password': - nova_oslo_messaging_data['password'], - } - config.update(rabbit_config) + # Heat is running in a pod + heat_endpoint_data = helm_data.get_heat_endpoint_data() + heat_config = { + 'nfv::nfvi::heat_region_name': + heat_endpoint_data['region_name'], + } + config.update(heat_config) - # Listen to nova api proxy on management address - nova_api_proxy_config = { - 'nfv::nfvi::compute_rest_api_host': - self._get_management_address(), - } - config.update(nova_api_proxy_config) - else: - # The openstack auth info is still required as the VIM will - # audit some keystone entities (e.g. tenants). Point it to - # the platform keystone. - openstack_auth_config = { - 'nfv::nfvi::openstack_username': - self._operator.keystone.get_admin_user_name(), - 'nfv::nfvi::openstack_tenant': - self._operator.keystone.get_admin_project_name(), - 'nfv::nfvi::openstack_auth_host': - self._keystone_auth_address(), - 'nfv::nfvi::openstack_user_domain': - self._operator.keystone.get_admin_user_domain(), - 'nfv::nfvi::openstack_project_domain': - self._operator.keystone.get_admin_project_domain(), - 'nfv::nfvi::openstack_keyring_service': - self.PLATFORM_KEYRING_SERVICE, - } - config.update(openstack_auth_config) + # Ceilometer is running in a pod + ceilometer_endpoint_data = \ + helm_data.get_ceilometer_endpoint_data() + ceilometer_config = { + 'nfv::nfvi::ceilometer_region_name': + ceilometer_endpoint_data['region_name'], + } + config.update(ceilometer_config) - vim_disabled = { - # Disable VIM plugins for resources not yet active. - 'nfv::vim::block_storage_plugin_disabled': True, - 'nfv::vim::compute_plugin_disabled': True, - 'nfv::vim::network_plugin_disabled': True, - 'nfv::vim::image_plugin_disabled': True, - 'nfv::vim::guest_plugin_disabled': True, - 'nfv::nfvi::nova_endpoint_disabled': True, - 'nfv::nfvi::neutron_endpoint_disabled': True, - 'nfv::nfvi::cinder_endpoint_disabled': True, - } - config.update(vim_disabled) + # The openstack rabbitmq is running in a pod + nova_oslo_messaging_data = \ + helm_data.get_nova_oslo_messaging_data() + rabbit_config = { + 'nfv::nfvi::rabbit_host': + nova_oslo_messaging_data['host'], + 'nfv::nfvi::rabbit_port': + nova_oslo_messaging_data['port'], + 'nfv::nfvi::rabbit_virtual_host': + nova_oslo_messaging_data['virt_host'], + 'nfv::nfvi::rabbit_userid': + nova_oslo_messaging_data['username'], + 'nfv::nfvi::rabbit_password': + nova_oslo_messaging_data['password'], + } + config.update(rabbit_config) + + # Listen to nova api proxy on management address + nova_api_proxy_config = { + 'nfv::nfvi::compute_rest_api_host': + self._get_management_address(), + } + config.update(nova_api_proxy_config) else: - # The openstack services are authenticated with platform keystone. + # The openstack auth info is still required as the VIM will + # audit some keystone entities (e.g. tenants). Point it to + # the platform keystone. openstack_auth_config = { 'nfv::nfvi::openstack_username': self._operator.keystone.get_admin_user_name(), @@ -238,33 +233,21 @@ class NfvPuppet(openstack.OpenstackBasePuppet): } config.update(openstack_auth_config) - openstack_config = { - 'nfv::nfvi::nova_endpoint_override': - self._get_nova_endpoint_url(), - 'nfv::nfvi::nova_region_name': - self._operator.nova.get_region_name(), - 'nfv::nfvi::cinder_region_name': - self._operator.cinder.get_region_name(), - 'nfv::nfvi::cinder_service_name': - self._operator.cinder.get_service_name_v2(), - 'nfv::nfvi::cinder_service_type': - self._operator.cinder.get_service_type_v2(), - 'nfv::nfvi::cinder_endpoint_disabled': - not self._operator.cinder.is_service_enabled(), - 'nfv::nfvi::glance_region_name': - self._operator.glance.get_region_name(), - 'nfv::nfvi::glance_service_name': - self._operator.glance.get_service_name(), - 'nfv::nfvi::glance_service_type': - self._operator.glance.get_service_type(), - 'nfv::nfvi::neutron_region_name': - self._operator.neutron.get_region_name(), - 'nfv::nfvi::heat_region_name': - self._operator.heat.get_region_name(), - 'nfv::nfvi::ceilometer_region_name': - self._operator.ceilometer.get_region_name(), + vim_disabled = { + # Disable VIM plugins for resources not yet active. + 'nfv::vim::block_storage_plugin_disabled': True, + 'nfv::vim::compute_plugin_disabled': True, + 'nfv::vim::network_plugin_disabled': True, + 'nfv::vim::image_plugin_disabled': True, + 'nfv::vim::guest_plugin_disabled': True, + 'nfv::vim::fault_mgmt_plugin_disabled': True, + 'nfv::nfvi::nova_endpoint_disabled': True, + 'nfv::nfvi::neutron_endpoint_disabled': True, + 'nfv::nfvi::cinder_endpoint_disabled': True, + 'nfv::alarm::fault_mgmt_endpoint_disabled': True, + 'nfv::event_log::fault_mgmt_endpoint_disabled': True, } - config.update(openstack_config) + config.update(vim_disabled) return config