5c07f3b1b5
This is merged from three cherry-picked patches, all needed in order to pass gate testing. Make neutron-grenade non-voting in gate because dropping it there would be complicated. Use packaged uwsgi on Fedora and Ubuntu Building uwsgi from source was a workaround that was introduced a long time ago, it doesn't seem like it is needed anymore and will actually fail for Ubuntu 20.04. Also it doesn't match what will happen for most real-world installations, so let's try to get back to using distro packages. We'll still use the source install for RHEL/Centos, it remains to be tested whether we can get back to using distro versions there, too. Use uwsgi binary from path All these uwsgi invocations assume that the uwsgi binary is in the same directory as their project binaries are installed into (probably /usr/bin). That may not be correct -- for example if using a packaged uwsgi on Fedora the binary will live in /usr/sbin/uwsgi (not /usr/bin where the project files from pip are). Switch invocations to just find it in the path. Related-Bug: 1883468 Change-Id: I82f539bfa533349293dd5a8ce309c9cc0ffb0393 (cherry picked from commit2d903568ed) (cherry picked from commit84737ebd96) (cherry picked from commit312517d510)
728 lines
26 KiB
Bash
728 lines
26 KiB
Bash
#!/bin/bash
|
|
#
|
|
# lib/neutron
|
|
# Install and start **Neutron** network services
|
|
|
|
# Dependencies:
|
|
#
|
|
# ``functions`` file
|
|
# ``DEST`` must be defined
|
|
|
|
# ``stack.sh`` calls the entry points in this order:
|
|
#
|
|
# - is_XXXX_enabled
|
|
# - install_XXXX
|
|
# - configure_XXXX
|
|
# - init_XXXX
|
|
# - start_XXXX
|
|
# - stop_XXXX
|
|
# - cleanup_XXXX
|
|
|
|
# Save trace setting
|
|
XTRACE=$(set +o | grep xtrace)
|
|
set +o xtrace
|
|
|
|
# Defaults
|
|
# --------
|
|
|
|
# Set up default directories
|
|
GITDIR["python-neutronclient"]=$DEST/python-neutronclient
|
|
|
|
# NEUTRON_DEPLOY_MOD_WSGI defines how neutron is deployed, allowed values:
|
|
# - False (default) : Run neutron under Eventlet
|
|
# - True : Run neutron under uwsgi
|
|
# TODO(annp): Switching to uwsgi in next cycle if things turn out to be stable
|
|
# enough
|
|
NEUTRON_DEPLOY_MOD_WSGI=$(trueorfalse False NEUTRON_DEPLOY_MOD_WSGI)
|
|
NEUTRON_AGENT=${NEUTRON_AGENT:-openvswitch}
|
|
NEUTRON_DIR=$DEST/neutron
|
|
NEUTRON_AUTH_CACHE_DIR=${NEUTRON_AUTH_CACHE_DIR:-/var/cache/neutron}
|
|
|
|
NEUTRON_DISTRIBUTED_ROUTING=$(trueorfalse False NEUTRON_DISTRIBUTED_ROUTING)
|
|
# Distributed Virtual Router (DVR) configuration
|
|
# Can be:
|
|
# - ``legacy`` - No DVR functionality
|
|
# - ``dvr_snat`` - Controller or single node DVR
|
|
# - ``dvr`` - Compute node in multi-node DVR
|
|
# - ``dvr_no_external`` - Compute node in multi-node DVR, no external network
|
|
#
|
|
# Default is 'dvr_snat' since it can handle both DVR and legacy routers
|
|
NEUTRON_DVR_MODE=${NEUTRON_DVR_MODE:-dvr_snat}
|
|
|
|
NEUTRON_BIN_DIR=$(get_python_exec_prefix)
|
|
NEUTRON_DHCP_BINARY="neutron-dhcp-agent"
|
|
|
|
NEUTRON_CONF_DIR=/etc/neutron
|
|
NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf
|
|
NEUTRON_META_CONF=$NEUTRON_CONF_DIR/metadata_agent.ini
|
|
|
|
NEUTRON_DHCP_CONF=$NEUTRON_CONF_DIR/dhcp_agent.ini
|
|
NEUTRON_L3_CONF=$NEUTRON_CONF_DIR/l3_agent.ini
|
|
NEUTRON_AGENT_CONF=$NEUTRON_CONF_DIR/
|
|
NEUTRON_CREATE_INITIAL_NETWORKS=${NEUTRON_CREATE_INITIAL_NETWORKS:-True}
|
|
|
|
NEUTRON_STATE_PATH=${NEUTRON_STATE_PATH:=$DATA_DIR/neutron}
|
|
NEUTRON_AUTH_CACHE_DIR=${NEUTRON_AUTH_CACHE_DIR:-/var/cache/neutron}
|
|
|
|
NEUTRON_UWSGI_CONF=$NEUTRON_CONF_DIR/neutron-api-uwsgi.ini
|
|
|
|
# By default, use the ML2 plugin
|
|
NEUTRON_CORE_PLUGIN=${NEUTRON_CORE_PLUGIN:-ml2}
|
|
NEUTRON_CORE_PLUGIN_CONF_FILENAME=${NEUTRON_CORE_PLUGIN_CONF_FILENAME:-ml2_conf.ini}
|
|
NEUTRON_CORE_PLUGIN_CONF_PATH=$NEUTRON_CONF_DIR/plugins/$NEUTRON_CORE_PLUGIN
|
|
NEUTRON_CORE_PLUGIN_CONF=$NEUTRON_CORE_PLUGIN_CONF_PATH/$NEUTRON_CORE_PLUGIN_CONF_FILENAME
|
|
|
|
NEUTRON_METERING_AGENT_CONF_FILENAME=${NEUTRON_METERING_AGENT_CONF_FILENAME:-metering_agent.ini}
|
|
NEUTRON_METERING_AGENT_CONF=$NEUTRON_CONF_DIR/$NEUTRON_METERING_AGENT_CONF_FILENAME
|
|
|
|
NEUTRON_AGENT_BINARY=${NEUTRON_AGENT_BINARY:-neutron-$NEUTRON_AGENT-agent}
|
|
NEUTRON_L3_BINARY=${NEUTRON_L3_BINARY:-neutron-l3-agent}
|
|
NEUTRON_META_BINARY=${NEUTRON_META_BINARY:-neutron-metadata-agent}
|
|
NEUTRON_METERING_BINARY=${NEUTRON_METERING_BINARY:-neutron-metering-agent}
|
|
|
|
# Public facing bits
|
|
if is_service_enabled tls-proxy; then
|
|
NEUTRON_SERVICE_PROTOCOL="https"
|
|
fi
|
|
NEUTRON_SERVICE_HOST=${NEUTRON_SERVICE_HOST:-$SERVICE_HOST}
|
|
NEUTRON_SERVICE_PORT=${NEUTRON_SERVICE_PORT:-9696}
|
|
NEUTRON_SERVICE_PORT_INT=${NEUTRON_SERVICE_PORT_INT:-19696}
|
|
NEUTRON_SERVICE_PROTOCOL=${NEUTRON_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
|
|
|
|
NEUTRON_AUTH_STRATEGY=${NEUTRON_AUTH_STRATEGY:-keystone}
|
|
NEUTRON_ROOTWRAP=$(get_rootwrap_location neutron)
|
|
NEUTRON_ROOTWRAP_CONF_FILE=$NEUTRON_CONF_DIR/rootwrap.conf
|
|
NEUTRON_ROOTWRAP_CMD="$NEUTRON_ROOTWRAP $NEUTRON_ROOTWRAP_CONF_FILE"
|
|
NEUTRON_ROOTWRAP_DAEMON_CMD="$NEUTRON_ROOTWRAP-daemon $NEUTRON_ROOTWRAP_CONF_FILE"
|
|
|
|
# This is needed because _neutron_ovs_base_configure_l3_agent uses it to create
|
|
# an external network bridge
|
|
PUBLIC_BRIDGE=${PUBLIC_BRIDGE:-br-ex}
|
|
PUBLIC_BRIDGE_MTU=${PUBLIC_BRIDGE_MTU:-1500}
|
|
|
|
# Additional neutron api config files
|
|
declare -a -g _NEUTRON_SERVER_EXTRA_CONF_FILES_ABS
|
|
|
|
# Functions
|
|
# ---------
|
|
|
|
# Test if any Neutron services are enabled
|
|
# is_neutron_enabled
|
|
function is_neutron_enabled {
|
|
[[ ,${DISABLED_SERVICES} =~ ,"neutron" ]] && return 1
|
|
[[ ,${ENABLED_SERVICES} =~ ,"neutron-" || ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0
|
|
return 1
|
|
}
|
|
|
|
# Test if any Neutron services are enabled
|
|
# is_neutron_enabled
|
|
function is_neutron_legacy_enabled {
|
|
[[ ,${DISABLED_SERVICES} =~ ,"neutron" ]] && return 1
|
|
[[ ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0
|
|
return 1
|
|
}
|
|
|
|
if is_neutron_legacy_enabled; then
|
|
source $TOP_DIR/lib/neutron-legacy
|
|
fi
|
|
|
|
# cleanup_neutron() - Remove residual data files, anything left over from previous
|
|
# runs that a clean run would need to clean up
|
|
function cleanup_neutron_new {
|
|
source $TOP_DIR/lib/neutron_plugins/${NEUTRON_AGENT}_agent
|
|
if is_neutron_ovs_base_plugin; then
|
|
neutron_ovs_base_cleanup
|
|
fi
|
|
|
|
if [[ $NEUTRON_AGENT == "linuxbridge" ]]; then
|
|
neutron_lb_cleanup
|
|
fi
|
|
# delete all namespaces created by neutron
|
|
for ns in $(sudo ip netns list | grep -o -E '(qdhcp|qrouter|qlbaas|fip|snat)-[0-9a-f-]*'); do
|
|
sudo ip netns delete ${ns}
|
|
done
|
|
}
|
|
|
|
# configure_root_helper_options() - Configure agent rootwrap helper options
|
|
function configure_root_helper_options {
|
|
local conffile=$1
|
|
iniset $conffile agent root_helper "sudo $NEUTRON_ROOTWRAP_CMD"
|
|
iniset $conffile agent root_helper_daemon "sudo $NEUTRON_ROOTWRAP_DAEMON_CMD"
|
|
}
|
|
|
|
# configure_neutron() - Set config files, create data dirs, etc
|
|
function configure_neutron_new {
|
|
sudo install -d -o $STACK_USER $NEUTRON_CONF_DIR
|
|
|
|
(cd $NEUTRON_DIR && exec ./tools/generate_config_file_samples.sh)
|
|
|
|
cp $NEUTRON_DIR/etc/neutron.conf.sample $NEUTRON_CONF
|
|
|
|
configure_neutron_rootwrap
|
|
|
|
mkdir -p $NEUTRON_CORE_PLUGIN_CONF_PATH
|
|
|
|
# NOTE(yamamoto): A decomposed plugin should prepare the config file in
|
|
# its devstack plugin.
|
|
if [ -f $NEUTRON_DIR/etc/neutron/plugins/$NEUTRON_CORE_PLUGIN/$NEUTRON_CORE_PLUGIN_CONF_FILENAME.sample ]; then
|
|
cp $NEUTRON_DIR/etc/neutron/plugins/$NEUTRON_CORE_PLUGIN/$NEUTRON_CORE_PLUGIN_CONF_FILENAME.sample $NEUTRON_CORE_PLUGIN_CONF
|
|
fi
|
|
|
|
iniset $NEUTRON_CONF database connection `database_connection_url neutron`
|
|
iniset $NEUTRON_CONF DEFAULT state_path $NEUTRON_STATE_PATH
|
|
iniset $NEUTRON_CONF oslo_concurrency lock_path $NEUTRON_STATE_PATH/lock
|
|
iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG
|
|
|
|
iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
|
|
|
|
iniset_rpc_backend neutron $NEUTRON_CONF
|
|
|
|
# Neutron API server & Neutron plugin
|
|
if is_service_enabled neutron-api; then
|
|
local policy_file=$NEUTRON_CONF_DIR/policy.json
|
|
# Allow neutron user to administer neutron to match neutron account
|
|
# NOTE(amotoki): This is required for nova works correctly with neutron.
|
|
if [ -f $NEUTRON_DIR/etc/policy.json ]; then
|
|
cp $NEUTRON_DIR/etc/policy.json $policy_file
|
|
sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $policy_file
|
|
else
|
|
echo '{"context_is_admin": "role:admin or user_name:neutron"}' > $policy_file
|
|
fi
|
|
|
|
cp $NEUTRON_DIR/etc/api-paste.ini $NEUTRON_CONF_DIR/api-paste.ini
|
|
|
|
iniset $NEUTRON_CONF DEFAULT core_plugin $NEUTRON_CORE_PLUGIN
|
|
|
|
iniset $NEUTRON_CONF DEFAULT policy_file $policy_file
|
|
iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips True
|
|
iniset $NEUTRON_CONF DEFAULT router_distributed $NEUTRON_DISTRIBUTED_ROUTING
|
|
|
|
iniset $NEUTRON_CONF DEFAULT auth_strategy $NEUTRON_AUTH_STRATEGY
|
|
configure_auth_token_middleware $NEUTRON_CONF neutron $NEUTRON_AUTH_CACHE_DIR keystone_authtoken
|
|
configure_auth_token_middleware $NEUTRON_CONF nova $NEUTRON_AUTH_CACHE_DIR nova
|
|
|
|
# Configure VXLAN
|
|
# TODO(sc68cal) not hardcode?
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF ml2 tenant_network_types vxlan
|
|
|
|
local mech_drivers="openvswitch"
|
|
if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then
|
|
mech_drivers+=",l2population"
|
|
else
|
|
mech_drivers+=",linuxbridge"
|
|
fi
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF ml2 mechanism_drivers $mech_drivers
|
|
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF ml2_type_vxlan vni_ranges 1001:2000
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF ml2_type_flat flat_networks public
|
|
if [[ "$NEUTRON_PORT_SECURITY" = "True" ]]; then
|
|
neutron_ml2_extension_driver_add port_security
|
|
fi
|
|
fi
|
|
|
|
# Neutron OVS or LB agent
|
|
if is_service_enabled neutron-agent; then
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF agent tunnel_types vxlan
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
|
|
configure_root_helper_options $NEUTRON_CORE_PLUGIN_CONF
|
|
|
|
# Configure the neutron agent
|
|
if [[ $NEUTRON_AGENT == "linuxbridge" ]]; then
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF securitygroup firewall_driver iptables
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF vxlan local_ip $HOST_IP
|
|
elif [[ $NEUTRON_AGENT == "openvswitch" ]]; then
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF securitygroup firewall_driver openvswitch
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF ovs local_ip $HOST_IP
|
|
|
|
if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF agent l2_population True
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF agent enable_distributed_routing True
|
|
fi
|
|
fi
|
|
|
|
if ! running_in_container; then
|
|
enable_kernel_bridge_firewall
|
|
fi
|
|
fi
|
|
|
|
# DHCP Agent
|
|
if is_service_enabled neutron-dhcp; then
|
|
cp $NEUTRON_DIR/etc/dhcp_agent.ini.sample $NEUTRON_DHCP_CONF
|
|
|
|
iniset $NEUTRON_DHCP_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
|
|
# make it so we have working DNS from guests
|
|
iniset $NEUTRON_DHCP_CONF DEFAULT dnsmasq_local_resolv True
|
|
|
|
configure_root_helper_options $NEUTRON_DHCP_CONF
|
|
iniset $NEUTRON_DHCP_CONF DEFAULT interface_driver $NEUTRON_AGENT
|
|
neutron_plugin_configure_dhcp_agent $NEUTRON_DHCP_CONF
|
|
fi
|
|
|
|
if is_service_enabled neutron-l3; then
|
|
cp $NEUTRON_DIR/etc/l3_agent.ini.sample $NEUTRON_L3_CONF
|
|
iniset $NEUTRON_L3_CONF DEFAULT interface_driver $NEUTRON_AGENT
|
|
neutron_service_plugin_class_add router
|
|
configure_root_helper_options $NEUTRON_L3_CONF
|
|
iniset $NEUTRON_L3_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
|
|
neutron_plugin_configure_l3_agent $NEUTRON_L3_CONF
|
|
|
|
# Configure the neutron agent to serve external network ports
|
|
if [[ $NEUTRON_AGENT == "linuxbridge" ]]; then
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF linux_bridge bridge_mappings "$PUBLIC_NETWORK_NAME:$PUBLIC_BRIDGE"
|
|
else
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF ovs bridge_mappings "$PUBLIC_NETWORK_NAME:$PUBLIC_BRIDGE"
|
|
fi
|
|
|
|
if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then
|
|
iniset $NEUTRON_L3_CONF DEFAULT agent_mode $NEUTRON_DVR_MODE
|
|
fi
|
|
fi
|
|
|
|
# Metadata
|
|
if is_service_enabled neutron-metadata-agent; then
|
|
cp $NEUTRON_DIR/etc/metadata_agent.ini.sample $NEUTRON_META_CONF
|
|
|
|
iniset $NEUTRON_META_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
|
|
iniset $NEUTRON_META_CONF DEFAULT nova_metadata_host $SERVICE_HOST
|
|
iniset $NEUTRON_META_CONF DEFAULT metadata_workers $API_WORKERS
|
|
# TODO(ihrachys) do we really need to set rootwrap for metadata agent?
|
|
configure_root_helper_options $NEUTRON_META_CONF
|
|
|
|
# TODO(dtroyer): remove the v2.0 hard code below
|
|
iniset $NEUTRON_META_CONF DEFAULT auth_url $KEYSTONE_SERVICE_URI
|
|
configure_auth_token_middleware $NEUTRON_META_CONF neutron $NEUTRON_AUTH_CACHE_DIR DEFAULT
|
|
fi
|
|
|
|
# Format logging
|
|
setup_logging $NEUTRON_CONF
|
|
|
|
if is_service_enabled tls-proxy && [ "$NEUTRON_DEPLOY_MOD_WSGI" == "False" ]; then
|
|
# Set the service port for a proxy to take the original
|
|
iniset $NEUTRON_CONF DEFAULT bind_port "$NEUTRON_SERVICE_PORT_INT"
|
|
iniset $NEUTRON_CONF oslo_middleware enable_proxy_headers_parsing True
|
|
fi
|
|
|
|
# Metering
|
|
if is_service_enabled neutron-metering; then
|
|
cp $NEUTRON_DIR/etc/metering_agent.ini.sample $NEUTRON_METERING_AGENT_CONF
|
|
neutron_service_plugin_class_add metering
|
|
fi
|
|
}
|
|
|
|
# configure_neutron_rootwrap() - configure Neutron's rootwrap
|
|
function configure_neutron_rootwrap {
|
|
# Deploy new rootwrap filters files (owned by root).
|
|
# Wipe any existing rootwrap.d files first
|
|
if [[ -d $NEUTRON_CONF_DIR/rootwrap.d ]]; then
|
|
sudo rm -rf $NEUTRON_CONF_DIR/rootwrap.d
|
|
fi
|
|
|
|
# Deploy filters to /etc/neutron/rootwrap.d
|
|
sudo install -d -o root -g root -m 755 $NEUTRON_CONF_DIR/rootwrap.d
|
|
sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/neutron/rootwrap.d/*.filters $NEUTRON_CONF_DIR/rootwrap.d
|
|
|
|
# Set up ``rootwrap.conf``, pointing to ``$NEUTRON_CONF_DIR/rootwrap.d``
|
|
sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/rootwrap.conf $NEUTRON_CONF_DIR
|
|
sudo sed -e "s:^filters_path=.*$:filters_path=$NEUTRON_CONF_DIR/rootwrap.d:" -i $NEUTRON_CONF_DIR/rootwrap.conf
|
|
|
|
# Set up the rootwrap sudoers for Neutron
|
|
tempfile=`mktemp`
|
|
echo "$STACK_USER ALL=(root) NOPASSWD: $NEUTRON_ROOTWRAP_CMD *" >$tempfile
|
|
echo "$STACK_USER ALL=(root) NOPASSWD: $NEUTRON_ROOTWRAP_DAEMON_CMD" >>$tempfile
|
|
chmod 0440 $tempfile
|
|
sudo chown root:root $tempfile
|
|
sudo mv $tempfile /etc/sudoers.d/neutron-rootwrap
|
|
}
|
|
|
|
# Make Neutron-required changes to nova.conf
|
|
# Takes a single optional argument which is the config file to update,
|
|
# if not passed $NOVA_CONF is used.
|
|
function configure_neutron_nova_new {
|
|
local conf=${1:-$NOVA_CONF}
|
|
iniset $conf DEFAULT use_neutron True
|
|
iniset $conf neutron auth_type "password"
|
|
iniset $conf neutron auth_url "$KEYSTONE_SERVICE_URI"
|
|
iniset $conf neutron username neutron
|
|
iniset $conf neutron password "$SERVICE_PASSWORD"
|
|
iniset $conf neutron user_domain_name "Default"
|
|
iniset $conf neutron project_name "$SERVICE_TENANT_NAME"
|
|
iniset $conf neutron project_domain_name "Default"
|
|
iniset $conf neutron auth_strategy $NEUTRON_AUTH_STRATEGY
|
|
iniset $conf neutron region_name "$REGION_NAME"
|
|
|
|
iniset $conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
|
|
|
|
# optionally set options in nova_conf
|
|
neutron_plugin_create_nova_conf $conf
|
|
|
|
if is_service_enabled neutron-metadata-agent; then
|
|
iniset $conf neutron service_metadata_proxy "True"
|
|
fi
|
|
|
|
}
|
|
|
|
# Tenant User Roles
|
|
# ------------------------------------------------------------------
|
|
# service neutron admin # if enabled
|
|
|
|
# create_neutron_accounts() - Create required service accounts
|
|
function create_neutron_accounts_new {
|
|
local neutron_url
|
|
|
|
if [ "$NEUTRON_DEPLOY_MOD_WSGI" == "True" ]; then
|
|
neutron_url=$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST/networking/
|
|
else
|
|
neutron_url=$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT/
|
|
fi
|
|
|
|
|
|
if [[ "$ENABLED_SERVICES" =~ "neutron-api" ]]; then
|
|
|
|
create_service_user "neutron"
|
|
|
|
neutron_service=$(get_or_create_service "neutron" \
|
|
"network" "Neutron Service")
|
|
get_or_create_endpoint $neutron_service \
|
|
"$REGION_NAME" "$neutron_url"
|
|
fi
|
|
}
|
|
|
|
# create_neutron_cache_dir() - Part of the init_neutron() process
|
|
function create_neutron_cache_dir {
|
|
# Create cache dir
|
|
sudo install -d -o $STACK_USER $NEUTRON_AUTH_CACHE_DIR
|
|
rm -f $NEUTRON_AUTH_CACHE_DIR/*
|
|
}
|
|
|
|
# init_neutron() - Initialize databases, etc.
|
|
function init_neutron_new {
|
|
|
|
recreate_database neutron
|
|
|
|
time_start "dbsync"
|
|
# Run Neutron db migrations
|
|
$NEUTRON_BIN_DIR/neutron-db-manage upgrade heads
|
|
time_stop "dbsync"
|
|
|
|
create_neutron_cache_dir
|
|
}
|
|
|
|
# install_neutron() - Collect source and prepare
|
|
function install_neutron_new {
|
|
git_clone $NEUTRON_REPO $NEUTRON_DIR $NEUTRON_BRANCH
|
|
setup_develop $NEUTRON_DIR
|
|
|
|
# Install neutron-lib from git so we make sure we're testing
|
|
# the latest code.
|
|
if use_library_from_git "neutron-lib"; then
|
|
git_clone_by_name "neutron-lib"
|
|
setup_dev_lib "neutron-lib"
|
|
fi
|
|
|
|
# L3 service requires radvd
|
|
if is_service_enabled neutron-l3; then
|
|
install_package radvd
|
|
fi
|
|
|
|
if is_service_enabled neutron-agent neutron-dhcp neutron-l3; then
|
|
#TODO(sc68cal) - kind of ugly
|
|
source $TOP_DIR/lib/neutron_plugins/${NEUTRON_AGENT}_agent
|
|
neutron_plugin_install_agent_packages
|
|
fi
|
|
|
|
}
|
|
|
|
# install_neutronclient() - Collect source and prepare
|
|
function install_neutronclient {
|
|
if use_library_from_git "python-neutronclient"; then
|
|
git_clone_by_name "python-neutronclient"
|
|
setup_dev_lib "python-neutronclient"
|
|
sudo install -D -m 0644 -o $STACK_USER {${GITDIR["python-neutronclient"]}/tools/,/etc/bash_completion.d/}neutron.bash_completion
|
|
fi
|
|
}
|
|
|
|
# start_neutron_api() - Start the API process ahead of other things
|
|
function start_neutron_api {
|
|
local service_port=$NEUTRON_SERVICE_PORT
|
|
local service_protocol=$NEUTRON_SERVICE_PROTOCOL
|
|
local neutron_url
|
|
if is_service_enabled tls-proxy; then
|
|
service_port=$NEUTRON_SERVICE_PORT_INT
|
|
service_protocol="http"
|
|
fi
|
|
|
|
local opts=""
|
|
opts+=" --config-file $NEUTRON_CONF"
|
|
opts+=" --config-file $NEUTRON_CORE_PLUGIN_CONF"
|
|
local cfg_file
|
|
for cfg_file in ${_NEUTRON_SERVER_EXTRA_CONF_FILES_ABS[@]}; do
|
|
opts+=" --config-file $cfg_file"
|
|
done
|
|
|
|
if [ "$NEUTRON_DEPLOY_MOD_WSGI" == "True" ]; then
|
|
run_process neutron-api "$(which uwsgi) --procname-prefix neutron-api --ini $NEUTRON_UWSGI_CONF"
|
|
neutron_url=$service_protocol://$NEUTRON_SERVICE_HOST/networking/
|
|
enable_service neutron-rpc-server
|
|
run_process neutron-rpc-server "$NEUTRON_BIN_DIR/neutron-rpc-server $opts"
|
|
else
|
|
# Start the Neutron service
|
|
# TODO(sc68cal) Stop hard coding this
|
|
run_process neutron-api "$NEUTRON_BIN_DIR/neutron-server $opts"
|
|
neutron_url=$service_protocol://$NEUTRON_SERVICE_HOST:$service_port
|
|
# Start proxy if enabled
|
|
if is_service_enabled tls-proxy; then
|
|
start_tls_proxy neutron '*' $NEUTRON_SERVICE_PORT $NEUTRON_SERVICE_HOST $NEUTRON_SERVICE_PORT_INT
|
|
fi
|
|
fi
|
|
|
|
if ! wait_for_service $SERVICE_TIMEOUT $neutron_url; then
|
|
die $LINENO "neutron-api did not start"
|
|
fi
|
|
}
|
|
|
|
# start_neutron() - Start running processes
|
|
function start_neutron_new {
|
|
# Start up the neutron agents if enabled
|
|
# TODO(sc68cal) Make this pluggable so different DevStack plugins for different Neutron plugins
|
|
# can resolve the $NEUTRON_AGENT_BINARY
|
|
if is_service_enabled neutron-agent; then
|
|
# TODO(ihrachys) stop loading ml2_conf.ini into agents, instead load agent specific files
|
|
run_process neutron-agent "$NEUTRON_BIN_DIR/$NEUTRON_AGENT_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_CORE_PLUGIN_CONF"
|
|
fi
|
|
if is_service_enabled neutron-dhcp; then
|
|
neutron_plugin_configure_dhcp_agent $NEUTRON_DHCP_CONF
|
|
run_process neutron-dhcp "$NEUTRON_BIN_DIR/$NEUTRON_DHCP_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_DHCP_CONF"
|
|
fi
|
|
if is_service_enabled neutron-l3; then
|
|
run_process neutron-l3 "$NEUTRON_BIN_DIR/$NEUTRON_L3_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_L3_CONF"
|
|
fi
|
|
if is_service_enabled neutron-api && [[ "$NEUTRON_CREATE_INITIAL_NETWORKS" == "True" ]]; then
|
|
# XXX(sc68cal) - Here's where plugins can wire up their own networks instead
|
|
# of the code in lib/neutron_plugins/services/l3
|
|
if type -p neutron_plugin_create_initial_networks > /dev/null; then
|
|
neutron_plugin_create_initial_networks
|
|
else
|
|
# XXX(sc68cal) Load up the built in Neutron networking code and build a topology
|
|
source $TOP_DIR/lib/neutron_plugins/services/l3
|
|
# Create the networks using servic
|
|
create_neutron_initial_network
|
|
fi
|
|
fi
|
|
if is_service_enabled neutron-metadata-agent; then
|
|
run_process neutron-metadata-agent "$NEUTRON_BIN_DIR/$NEUTRON_META_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_META_CONF"
|
|
fi
|
|
|
|
if is_service_enabled neutron-metering; then
|
|
run_process neutron-metering "$NEUTRON_BIN_DIR/$NEUTRON_METERING_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_METERING_AGENT_CONF"
|
|
fi
|
|
}
|
|
|
|
# stop_neutron() - Stop running processes
|
|
function stop_neutron_new {
|
|
for serv in neutron-api neutron-agent neutron-l3; do
|
|
stop_process $serv
|
|
done
|
|
|
|
if is_service_enabled neutron-rpc-server; then
|
|
stop_process neutron-rpc-server
|
|
fi
|
|
|
|
if is_service_enabled neutron-dhcp; then
|
|
stop_process neutron-dhcp
|
|
pid=$(ps aux | awk '/[d]nsmasq.+interface=(tap|ns-)/ { print $2 }')
|
|
[ ! -z "$pid" ] && sudo kill -9 $pid
|
|
fi
|
|
|
|
if is_service_enabled neutron-metadata-agent; then
|
|
sudo pkill -9 -f neutron-ns-metadata-proxy || :
|
|
stop_process neutron-metadata-agent
|
|
fi
|
|
}
|
|
|
|
# neutron_service_plugin_class_add() - add service plugin class
|
|
function neutron_service_plugin_class_add_new {
|
|
local service_plugin_class=$1
|
|
local plugins=""
|
|
|
|
plugins=$(iniget $NEUTRON_CONF DEFAULT service_plugins)
|
|
if [ $plugins ]; then
|
|
plugins+=","
|
|
fi
|
|
plugins+="${service_plugin_class}"
|
|
iniset $NEUTRON_CONF DEFAULT service_plugins $plugins
|
|
}
|
|
|
|
function _neutron_ml2_extension_driver_add {
|
|
local driver=$1
|
|
local drivers=""
|
|
|
|
drivers=$(iniget $NEUTRON_CORE_PLUGIN_CONF ml2 extension_drivers)
|
|
if [ $drivers ]; then
|
|
drivers+=","
|
|
fi
|
|
drivers+="${driver}"
|
|
iniset $NEUTRON_CORE_PLUGIN_CONF ml2 extension_drivers $drivers
|
|
}
|
|
|
|
function neutron_server_config_add_new {
|
|
_NEUTRON_SERVER_EXTRA_CONF_FILES_ABS+=($1)
|
|
}
|
|
|
|
# neutron_deploy_rootwrap_filters() - deploy rootwrap filters
|
|
function neutron_deploy_rootwrap_filters_new {
|
|
local srcdir=$1
|
|
sudo install -d -o root -g root -m 755 $NEUTRON_CONF_DIR/rootwrap.d
|
|
sudo install -o root -g root -m 644 $srcdir/etc/neutron/rootwrap.d/*.filters $NEUTRON_CONF_DIR/rootwrap.d
|
|
}
|
|
|
|
# Dispatch functions
|
|
# These are needed for compatibility between the old and new implementations
|
|
# where there are function name overlaps. These will be removed when
|
|
# neutron-legacy is removed.
|
|
# TODO(sc68cal) Remove when neutron-legacy is no more.
|
|
function cleanup_neutron {
|
|
if [ "$NEUTRON_DEPLOY_MOD_WSGI" == "True" ]; then
|
|
stop_process neutron-api
|
|
stop_process neutron-rpc-server
|
|
remove_uwsgi_config "$NEUTRON_UWSGI_CONF" "$NEUTRON_BIN_DIR/neutron-api"
|
|
sudo rm -f $(apache_site_config_for neutron-api)
|
|
fi
|
|
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
cleanup_mutnauq "$@"
|
|
else
|
|
cleanup_neutron_new "$@"
|
|
fi
|
|
}
|
|
|
|
function configure_neutron {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
configure_mutnauq "$@"
|
|
else
|
|
configure_neutron_new "$@"
|
|
fi
|
|
|
|
if [ "$NEUTRON_DEPLOY_MOD_WSGI" == "True" ]; then
|
|
write_uwsgi_config "$NEUTRON_UWSGI_CONF" "$NEUTRON_BIN_DIR/neutron-api" "/networking"
|
|
fi
|
|
}
|
|
|
|
function configure_neutron_nova {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
create_nova_conf_neutron $NOVA_CONF
|
|
if [[ "${CELLSV2_SETUP}" == "superconductor" ]]; then
|
|
for i in $(seq 1 $NOVA_NUM_CELLS); do
|
|
local conf
|
|
conf=$(conductor_conf $i)
|
|
create_nova_conf_neutron $conf
|
|
done
|
|
fi
|
|
else
|
|
configure_neutron_nova_new $NOVA_CONF
|
|
if [[ "${CELLSV2_SETUP}" == "superconductor" ]]; then
|
|
for i in $(seq 1 $NOVA_NUM_CELLS); do
|
|
local conf
|
|
conf=$(conductor_conf $i)
|
|
configure_neutron_nova_new $conf
|
|
done
|
|
fi
|
|
fi
|
|
}
|
|
|
|
function create_neutron_accounts {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
create_mutnauq_accounts "$@"
|
|
else
|
|
create_neutron_accounts_new "$@"
|
|
fi
|
|
}
|
|
|
|
function init_neutron {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
init_mutnauq "$@"
|
|
else
|
|
init_neutron_new "$@"
|
|
fi
|
|
}
|
|
|
|
function install_neutron {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
install_mutnauq "$@"
|
|
else
|
|
install_neutron_new "$@"
|
|
fi
|
|
}
|
|
|
|
function neutron_service_plugin_class_add {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
_neutron_service_plugin_class_add "$@"
|
|
else
|
|
neutron_service_plugin_class_add_new "$@"
|
|
fi
|
|
}
|
|
|
|
function neutron_ml2_extension_driver_add {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
_neutron_ml2_extension_driver_add_old "$@"
|
|
else
|
|
_neutron_ml2_extension_driver_add "$@"
|
|
fi
|
|
}
|
|
|
|
function install_neutron_agent_packages {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
install_neutron_agent_packages_mutnauq "$@"
|
|
else
|
|
:
|
|
fi
|
|
}
|
|
|
|
function neutron_server_config_add {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
mutnauq_server_config_add "$@"
|
|
else
|
|
neutron_server_config_add_new "$@"
|
|
fi
|
|
}
|
|
|
|
function start_neutron {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
start_mutnauq_l2_agent "$@"
|
|
start_mutnauq_other_agents "$@"
|
|
else
|
|
start_neutron_new "$@"
|
|
fi
|
|
}
|
|
|
|
function stop_neutron {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
stop_mutnauq "$@"
|
|
else
|
|
stop_neutron_new "$@"
|
|
fi
|
|
}
|
|
|
|
function neutron_deploy_rootwrap_filters {
|
|
if is_neutron_legacy_enabled; then
|
|
# Call back to old function
|
|
_neutron_deploy_rootwrap_filters "$@"
|
|
else
|
|
neutron_deploy_rootwrap_filters_new "$@"
|
|
fi
|
|
}
|
|
|
|
# Restore xtrace
|
|
$XTRACE
|