From f131505576f18418e04c366a9f0d26d1a2f163bc Mon Sep 17 00:00:00 2001 From: Dmitrii Shcherbakov Date: Wed, 17 Jan 2018 10:05:01 +0000 Subject: [PATCH] add segments service_plugin to neutron-api * adds a service_plugin called segments to enable routed provider networks * adds a nova placement api section and inclusion of that section to neutron.conf * routed provider networks can be used for setups with and without charm-neutron-gateway - in both cases there should be a dhcp agent per segment which can be achieved via charm-neutron-openvswitch configuration option enable-local-dhcp-and-metadata in case of a setup without charm-neutron-gateway Change-Id: I78222b567c72c03ab2d861836172032d4d9a0b3f Closes-Bug: 1743743 --- hooks/neutron_api_context.py | 4 +- templates/ocata/neutron.conf | 125 +++++++++++++++++++++++++ templates/parts/section-placement | 21 +++++ templates/pike/neutron.conf | 2 + unit_tests/test_neutron_api_context.py | 7 +- 5 files changed, 155 insertions(+), 4 deletions(-) create mode 100644 templates/ocata/neutron.conf create mode 100644 templates/parts/section-placement diff --git a/hooks/neutron_api_context.py b/hooks/neutron_api_context.py index 4b7ae3fe..57e6ed72 100644 --- a/hooks/neutron_api_context.py +++ b/hooks/neutron_api_context.py @@ -470,10 +470,10 @@ class NeutronCCContext(context.NeutronContext): 'LoadBalancerPluginv2')], 'ocata': ['router', 'firewall', 'vpnaas', 'metering', ('neutron_lbaas.services.loadbalancer.plugin.' - 'LoadBalancerPluginv2')], + 'LoadBalancerPluginv2'), 'segments'], 'pike': ['router', 'firewall', 'metering', ('neutron_lbaas.services.loadbalancer.plugin.' - 'LoadBalancerPluginv2')], + 'LoadBalancerPluginv2'), 'segments'], } ctxt['service_plugins'] = service_plugins.get( release, service_plugins['pike']) diff --git a/templates/ocata/neutron.conf b/templates/ocata/neutron.conf new file mode 100644 index 00000000..4c645ed1 --- /dev/null +++ b/templates/ocata/neutron.conf @@ -0,0 +1,125 @@ +# newton +############################################################################### +# [ WARNING ] +# Configuration file maintained by Juju. Local changes may be overwritten. +# Restart trigger {{ restart_trigger }} +############################################################################### +[DEFAULT] +verbose = {{ verbose }} +debug = {{ debug }} +use_syslog = {{ use_syslog }} +state_path = /var/lib/neutron +bind_host = {{ bind_host }} +auth_strategy = keystone +api_workers = {{ workers }} +rpc_workers = {{ workers }} + +router_distributed = {{ enable_dvr }} + +{% if dns_domain -%} +dns_domain = {{ dns_domain }} +{% endif -%} + +l3_ha = {{ l3_ha }} +{% if l3_ha -%} +max_l3_agents_per_router = {{ max_l3_agents_per_router }} +min_l3_agents_per_router = {{ min_l3_agents_per_router }} +{% endif -%} + +{% if neutron_bind_port -%} +bind_port = {{ neutron_bind_port }} +{% else -%} +bind_port = 9696 +{% endif -%} + +{% if core_plugin -%} +core_plugin = {{ core_plugin }} +{% if service_plugins -%} +service_plugins = {{ service_plugins }} +{% endif -%} +{% endif -%} + +{% if neutron_security_groups -%} +allow_overlapping_ips = True +{% if neutron_plugin == 'Calico' -%} +neutron_firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver +{% else -%} +neutron_firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver +{% endif -%} +{% endif -%} + +dhcp_agents_per_network = {{ dhcp_agents_per_network }} + +notify_nova_on_port_status_changes = True +notify_nova_on_port_data_changes = True + +{% if sections and 'DEFAULT' in sections -%} +{% for key, value in sections['DEFAULT'] -%} +{{ key }} = {{ value }} +{% endfor -%} +{% endif %} + +{% if user_config_flags -%} +{% for key, value in user_config_flags.items() -%} +{{ key }} = {{ value }} +{% endfor -%} +{% endif -%} + +{% if global_physnet_mtu -%} +global_physnet_mtu = {{ global_physnet_mtu }} +{% endif -%} + +{% if enable_designate -%} +external_dns_driver = designate +{% endif -%} + +{% include "parts/section-placement" %} + +{% include "section-zeromq" %} + +[quotas] +{% if quota_driver -%} +quota_driver = {{ quota_driver }} +{% else -%} +quota_driver = neutron.db.quota_db.DbQuotaDriver +{% endif -%} +{% if neutron_security_groups -%} +quota_items = network,subnet,port,security_group,security_group_rule +quota_security_group = {{ quota_security_group }} +quota_security_group_rule = {{ quota_security_group_rule }} +{% else -%} +quota_items = network,subnet,port +{% endif -%} +quota_network = {{ quota_network }} +quota_subnet = {{ quota_subnet }} +quota_port = {{ quota_port }} +quota_vip = {{ quota_vip }} +quota_pool = {{ quota_pool }} +quota_member = {{ quota_member }} +quota_health_monitors = {{ quota_health_monitors }} +quota_router = {{ quota_router }} +quota_floatingip = {{ quota_floatingip }} + +[agent] +root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf + +{% include "section-keystone-authtoken-mitaka" %} + +{% include "parts/section-database" %} + +{% include "section-rabbitmq-oslo" %} + +{% include "section-oslo-notifications" %} + +[oslo_concurrency] +lock_path = $state_path/lock + +{% include "parts/section-nova" %} + +{% if enable_designate -%} +{% include "parts/section-designate" %} +{% endif -%} + +[service_providers] +service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default +service_provider = VPN:strongswan:neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default diff --git a/templates/parts/section-placement b/templates/parts/section-placement new file mode 100644 index 00000000..344c49e9 --- /dev/null +++ b/templates/parts/section-placement @@ -0,0 +1,21 @@ +[placement] +{% if auth_host -%} +auth_url = {{ auth_protocol }}://{{ auth_host }}:{{ auth_port }} +auth_type = password +{% if api_version == "3" -%} +project_domain_name = {{ admin_domain_name }} +user_domain_name = {{ admin_domain_name }} +{% else -%} +project_domain_name = default +user_domain_name = default +{% endif -%} +project_name = {{ admin_tenant_name }} +username = {{ admin_user }} +password = {{ admin_password }} +{% endif -%} +{% if region -%} +os_region_name = {{ region }} +{% endif -%} +{% if use_internal_endpoints -%} +os_interface = internal +{% endif -%} diff --git a/templates/pike/neutron.conf b/templates/pike/neutron.conf index b3d5ed05..a6385347 100644 --- a/templates/pike/neutron.conf +++ b/templates/pike/neutron.conf @@ -118,5 +118,7 @@ lock_path = $state_path/lock {% include "parts/section-designate" %} {% endif -%} +{% include "parts/section-placement" %} + [service_providers] service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default diff --git a/unit_tests/test_neutron_api_context.py b/unit_tests/test_neutron_api_context.py index 8fa56fb2..f8588897 100644 --- a/unit_tests/test_neutron_api_context.py +++ b/unit_tests/test_neutron_api_context.py @@ -797,14 +797,17 @@ class NeutronCCContextTest(CharmTestCase): self.os_release.return_value = 'ocata' service_plugins = ( 'router,firewall,vpnaas,metering,' - 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2') + 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2,' + 'segments' + ) self.assertEqual(context.NeutronCCContext()()['service_plugins'], service_plugins) # pike self.os_release.return_value = 'pike' service_plugins = ( 'router,firewall,metering,' - 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2') + 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2,' + 'segments') self.assertEqual(context.NeutronCCContext()()['service_plugins'], service_plugins)