From 58818a6af147e457d56a1faf77b02d37bb538826 Mon Sep 17 00:00:00 2001
From: Sanjeev Rampal <srampal@cisco.com>
Date: Thu, 23 Feb 2017 12:25:34 -0800
Subject: Combined (squashed) commit for all changes related to adding Contiv
 support into Openshift Ansible. This is the first (beta) release of Contiv
 with Openshift and is only supported for Openshift Origin + Bare metal
 deployments at the time of this commit. Please refer to the Openshift and
 Contiv official documentation for details of the level of support for
 different features and modes of operation.

---
 roles/contiv/templates/aci-gw.service    | 10 +++++++++
 roles/contiv/templates/aci_gw.j2         | 35 ++++++++++++++++++++++++++++++++
 roles/contiv/templates/contiv.cfg.j2     |  6 ++++++
 roles/contiv/templates/netmaster.env.j2  |  2 ++
 roles/contiv/templates/netmaster.service |  8 ++++++++
 roles/contiv/templates/netplugin.j2      |  9 ++++++++
 roles/contiv/templates/netplugin.service |  8 ++++++++
 7 files changed, 78 insertions(+)
 create mode 100644 roles/contiv/templates/aci-gw.service
 create mode 100644 roles/contiv/templates/aci_gw.j2
 create mode 100644 roles/contiv/templates/contiv.cfg.j2
 create mode 100644 roles/contiv/templates/netmaster.env.j2
 create mode 100644 roles/contiv/templates/netmaster.service
 create mode 100644 roles/contiv/templates/netplugin.j2
 create mode 100644 roles/contiv/templates/netplugin.service

(limited to 'roles/contiv/templates')

diff --git a/roles/contiv/templates/aci-gw.service b/roles/contiv/templates/aci-gw.service
new file mode 100644
index 000000000..8e4b66fbe
--- /dev/null
+++ b/roles/contiv/templates/aci-gw.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Contiv ACI gw
+After=auditd.service systemd-user-sessions.service time-sync.target docker.service
+
+[Service]
+ExecStart={{ bin_dir }}/aci_gw.sh start
+ExecStop={{ bin_dir }}/aci_gw.sh stop
+KillMode=control-group
+Restart=on-failure
+RestartSec=10
diff --git a/roles/contiv/templates/aci_gw.j2 b/roles/contiv/templates/aci_gw.j2
new file mode 100644
index 000000000..ab4ad46a6
--- /dev/null
+++ b/roles/contiv/templates/aci_gw.j2
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+usage="$0 start"
+if [ $# -ne 1 ]; then
+    echo USAGE: $usage
+    exit 1
+fi
+
+case $1 in
+start)
+    set -e
+
+    docker run --net=host \
+    -e "APIC_URL={{ apic_url }}" \
+    -e "APIC_USERNAME={{ apic_username }}" \
+    -e "APIC_PASSWORD={{ apic_password }}" \
+    -e "APIC_LEAF_NODE={{ apic_leaf_nodes }}" \
+    -e "APIC_PHYS_DOMAIN={{ apic_phys_dom }}" \
+    -e "APIC_EPG_BRIDGE_DOMAIN={{ apic_epg_bridge_domain }}" \
+    -e "APIC_CONTRACTS_UNRESTRICTED_MODE={{ apic_contracts_unrestricted_mode }}" \
+    --name=contiv-aci-gw \
+    contiv/aci-gw
+    ;;
+
+stop)
+    # don't stop on error
+    docker stop contiv-aci-gw
+    docker rm contiv-aci-gw
+    ;;
+
+*)
+    echo USAGE: $usage
+    exit 1
+    ;;
+esac
diff --git a/roles/contiv/templates/contiv.cfg.j2 b/roles/contiv/templates/contiv.cfg.j2
new file mode 100644
index 000000000..2c9a666a9
--- /dev/null
+++ b/roles/contiv/templates/contiv.cfg.j2
@@ -0,0 +1,6 @@
+{
+  "K8S_API_SERVER": "https://{{ hostvars[groups['masters'][0]]['ansible_' + netmaster_interface].ipv4.address }}:{{ kube_master_api_port }}",
+  "K8S_CA": "{{ openshift.common.config_base }}/node/ca.crt",
+  "K8S_KEY": "{{ openshift.common.config_base }}/node/system:node:{{ openshift.common.hostname }}.key",
+  "K8S_CERT": "{{ openshift.common.config_base }}/node/system:node:{{ openshift.common.hostname }}.crt"
+}
diff --git a/roles/contiv/templates/netmaster.env.j2 b/roles/contiv/templates/netmaster.env.j2
new file mode 100644
index 000000000..5b5c84a2e
--- /dev/null
+++ b/roles/contiv/templates/netmaster.env.j2
@@ -0,0 +1,2 @@
+NETMASTER_ARGS='--cluster-store etcd://{{ etcd_url }}  --cluster-mode=kubernetes'
+
diff --git a/roles/contiv/templates/netmaster.service b/roles/contiv/templates/netmaster.service
new file mode 100644
index 000000000..21c0380be
--- /dev/null
+++ b/roles/contiv/templates/netmaster.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Netmaster
+After=auditd.service systemd-user-sessions.service contiv-etcd.service
+
+[Service]
+EnvironmentFile=/etc/default/netmaster
+ExecStart={{ bin_dir }}/netmaster $NETMASTER_ARGS
+KillMode=control-group
diff --git a/roles/contiv/templates/netplugin.j2 b/roles/contiv/templates/netplugin.j2
new file mode 100644
index 000000000..f3d26c037
--- /dev/null
+++ b/roles/contiv/templates/netplugin.j2
@@ -0,0 +1,9 @@
+{% if contiv_encap_mode == "vlan" %}
+NETPLUGIN_ARGS='-vlan-if {{ netplugin_interface }} -ctrl-ip {{ netplugin_ctrl_ip }} -plugin-mode kubernetes -cluster-store etcd://{{ etcd_url }}'
+{% endif %}
+{#   Note: Commenting out vxlan encap mode support until it is fully supported
+{% if contiv_encap_mode == "vxlan" %}
+NETPLUGIN_ARGS='-vtep-ip {{ netplugin_ctrl_ip }} -e {{contiv_encap_mode}} -ctrl-ip {{ netplugin_ctrl_ip }} -plugin-mode kubernetes -cluster-store etcd://{{ etcd_url }}'
+{% endif %}
+#}
+
diff --git a/roles/contiv/templates/netplugin.service b/roles/contiv/templates/netplugin.service
new file mode 100644
index 000000000..dc7b95bb5
--- /dev/null
+++ b/roles/contiv/templates/netplugin.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Netplugin
+After=auditd.service systemd-user-sessions.service contiv-etcd.service
+
+[Service]
+EnvironmentFile=/etc/default/netplugin
+ExecStart={{ bin_dir }}/netplugin $NETPLUGIN_ARGS
+KillMode=control-group
-- 
cgit v1.2.3