openstack
/
fuel-library
Code Issues Proposed changes

Adapt synced neutron module 

- pass $tunnel_types variable as it's required since Kilo, added noop test
- backported required changes from 6.1 and fixed unit-tests

Partially Implements: blueprint upgrade-openstack-puppet-modules
Change-Id: Iccb6cbc874ec1ff390bb008fb7ef61bfde4bba3a
This commit is contained in:
Sergey Kolekonov 2015-06-11 13:37:23 +03:00
parent 7ace4d2b53
commit b5085f6800
15 changed files with 248 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
deployment/puppet/cluster/manifests/neutron/l3.pp
View File

@ -18,9 +18,6 @@ define cluster::neutron::l3 (
require cluster::neutron
neutron_config{'DEFAULT/allow_automatic_l3agent_failover':
value => true
}
$csr_metadata = undef
$csr_complex_type = 'clone'
$csr_ms_metadata = { 'interleave' => 'true' }

11
deployment/puppet/neutron/lib/puppet/provider/neutron.rb
View File

@ -79,16 +79,17 @@ correctly configured.")
def self.auth_neutron(*args)
q = neutron_credentials
authenv = {
:OS_AUTH_URL => self.auth_endpoint,
:OS_USERNAME => q['admin_user'],
:OS_TENANT_NAME => q['admin_tenant_name'],
:OS_PASSWORD => q['admin_password']
:OS_AUTH_URL => self.auth_endpoint,
:OS_USERNAME => q['admin_user'],
:OS_TENANT_NAME => q['admin_tenant_name'],
:OS_PASSWORD => q['admin_password'],
:OS_ENDPOINT_TYPE => 'internalURL'
}
if q.key?('nova_region_name')
authenv[:OS_REGION_NAME] = q['nova_region_name']
end
rv = nil
timeout = 10
timeout = 120
end_time = Time.now.to_i + timeout
loop do
begin

3
deployment/puppet/neutron/lib/puppet/provider/neutron_network/neutron.rb
View File

@ -53,13 +53,14 @@ Puppet::Type.type(:neutron_network).provide(
def create
network_opts = Array.new
if @resource[:shared]
if @resource[:shared] =~ /true/i
network_opts << '--shared'
end
if @resource[:tenant_name]
tenant_id = self.class.get_tenant_id(model.catalog,
@resource[:tenant_name])
notice("***N*** neutron_network::create *** tenant_id='#{tenant_id.inspect}'")
network_opts << "--tenant_id=#{tenant_id}"
elsif @resource[:tenant_id]
network_opts << "--tenant_id=#{@resource[:tenant_id]}"

35
deployment/puppet/neutron/lib/puppet/provider/nova_admin_tenant_id_setter/ini_setting.rb
View File

@ -23,6 +23,9 @@ end
class KeystoneAPIError < KeystoneError
end
RETRY_COUNT = 10
RETRY_SLEEP = 3
# Provides common request handling semantics to the other methods in
# this module.
#
@ -174,16 +177,30 @@ Puppet::Type.type(:nova_admin_tenant_id_setter).provide(:ruby) do
# - There are multiple matches, or
# - There are zero matches
def get_tenant_id
token = authenticate
tenants = find_tenant_by_name(token)
if tenants.length == 1
return tenants[0]['id']
elsif tenants.length > 1
raise KeystoneAPIError, 'Found multiple matches for tenant name'
else
raise KeystoneAPIError, 'Unable to find matching tenant'
token = authenticate
RETRY_COUNT.times do |n|
begin
tenants = find_tenant_by_name(token)
rescue => e
debug "Request failed: '#{e.message}' Retry: '#{n}'"
sleep RETRY_SLEEP
next
end
if tenants.length == 1
return tenants[0]['id']
elsif tenants.length > 1
name = tenants[0]['name']
raise KeystoneAPIError, "Found multiple matches for domain name: '#{name}'"
else
if n == RETRY_COUNT - 1
raise KeystoneAPIError, 'Unable to find matching tenant'
else
debug "Tenant '#{@resource[:tenant_name]}' not found! Retry: '#{n}'"
sleep RETRY_SLEEP
next
end
end
end
end
def config

60
deployment/puppet/neutron/manifests/agents/ml2/ovs.pp
View File

@ -91,6 +91,10 @@
class neutron::agents::ml2::ovs (
$package_ensure = 'present',
$enabled = true,
# TODO(bogdando) contribute change to upstream:
# new manage_service param is required for pacemaker OCF control plane.
# perhaps, could be removed once pacemaker wrappers implemented
$manage_service = true,
$bridge_uplinks = [],
$bridge_mappings = [],
$integration_bridge = 'br-int',
@ -107,7 +111,11 @@ class neutron::agents::ml2::ovs (
) {
include ::neutron::params
require vswitch::ovs
# TODO(bogdando) contribute change to upstream:
# replace vswitch::ovs with l23network, once its ready to be contributed
# FIXME(xarses): Need to come up with a better method to support vswitch and
# l23network at the same time
#require vswitch::ovs
if $enable_tunneling and ! $local_ip {
fail('Local ip for ovs agent must be set when tunneling is enabled')
@ -139,12 +147,17 @@ class neutron::agents::ml2::ovs (
neutron_agent_ovs {
'ovs/bridge_mappings': value => $br_map_str;
}
neutron::plugins::ovs::bridge{ $bridge_mappings:
before => Service['neutron-ovs-agent-service'],
}
neutron::plugins::ovs::port{ $bridge_uplinks:
before => Service['neutron-ovs-agent-service'],
}
# TODO(bogdando) contribute change to upstream:
# replace neutron::plugins::ovs::bridge with l23network,
# once its ready to be contributed
# FIXME(xarses): Need to come up with a better method to support vswitch and
# l23network at the same time
#neutron::plugins::ovs::bridge{ $bridge_mappings:
# before => Service['neutron-ovs-agent-service'],
#}
#neutron::plugins::ovs::port{ $bridge_uplinks:
# before => Service['neutron-ovs-agent-service'],
#}
}
neutron_agent_ovs {
@ -161,16 +174,20 @@ class neutron::agents::ml2::ovs (
neutron_agent_ovs { 'securitygroup/firewall_driver': ensure => absent }
}
vs_bridge { $integration_bridge:
ensure => present,
before => Service['neutron-ovs-agent-service'],
}
# TODO(skolekonov) contribute change to upstream:
# do not create ovs bridges from manifests
# as Neutron handles them itself
# https://review.openstack.org/#/c/168848/
#vs_bridge { $integration_bridge:
# ensure => present,
# before => Service['neutron-ovs-agent-service'],
#}
if $enable_tunneling {
vs_bridge { $tunnel_bridge:
ensure => present,
before => Service['neutron-ovs-agent-service'],
}
# vs_bridge { $tunnel_bridge:
# ensure => present,
# before => Service['neutron-ovs-agent-service'],
# }
neutron_agent_ovs {
'ovs/enable_tunneling': value => true;
'ovs/tunnel_bridge': value => $tunnel_bridge;
@ -216,10 +233,15 @@ class neutron::agents::ml2::ovs (
}
}
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
# TODO(bogdando) contribute change to upstream:
# new manage_service param is required for pacemaker OCF control plane
# perhaps, could be removed once pacemaker wrappers implemented
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service { 'neutron-ovs-agent-service':

18
deployment/puppet/neutron/manifests/server.pp
View File

@ -52,6 +52,11 @@
# (where '/keystone' is the admin prefix)
# Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
#
# [*auth_region*]
# (optional) The authentication region. Note this value is case-sensitive and
# must match the endpoint region defined in Keystone.
# Defaults to undef
#
# [*auth_tenant*]
# (optional) The tenant of the auth user
# Defaults to services
@ -196,6 +201,7 @@ class neutron::server (
$manage_service = true,
$service_name = $::neutron::params::server_service,
$auth_password = false,
$auth_region = undef,
$auth_type = 'keystone',
$auth_tenant = 'services',
$auth_user = 'neutron',
@ -294,7 +300,11 @@ class neutron::server (
path => '/usr/bin',
before => Service['neutron-server'],
subscribe => Neutron_config['database/connection'],
refreshonly => true
refreshonly => true,
tries => 10,
# TODO(bogdando) contribute change to upstream:
# new try_sleep param for sleep driven development (SDD)
try_sleep => 20,
}
Neutron_config<||> ~> Exec['neutron-db-sync']
}
@ -464,6 +474,12 @@ class neutron::server (
$auth_uri_real = "${auth_protocol}://${auth_host}:5000/"
}
if $auth_region {
neutron_config {
'keystone_authtoken/auth_region': value => $auth_region;
}
}
neutron_config {
'keystone_authtoken/auth_uri': value => $auth_uri_real;
}

77
deployment/puppet/neutron/spec/classes/neutron_agents_ml2_ovs_spec.rb
View File

@ -51,13 +51,17 @@ describe 'neutron::agents::ml2::ovs' do
is_expected.to contain_neutron_agent_ovs('ovs/local_ip').with_ensure('absent')
end
it 'configures vs_bridge' do
is_expected.to contain_vs_bridge(p[:integration_bridge]).with(
:ensure => 'present',
:before => 'Service[neutron-ovs-agent-service]'
)
is_expected.not_to contain_vs_brige(p[:integration_bridge])
end
# TODO(skolekonov) contribute change to upstream:
# do not create ovs bridges from manifests
# as Neutron handles them itself
# https://review.openstack.org/#/c/168848/
# it 'configures vs_bridge' do
# is_expected.to contain_vs_bridge(p[:integration_bridge]).with(
# :ensure => 'present',
# :before => 'Service[neutron-ovs-agent-service]'
# )
# is_expected.not_to contain_vs_brige(p[:integration_bridge])
# end
it 'installs neutron ovs agent package' do
if platform_params.has_key?(:ovs_agent_package)
@ -108,27 +112,32 @@ describe 'neutron::agents::ml2::ovs' do
end
end
context 'when supplying bridge mappings for provider networks' do
before :each do
params.merge!(:bridge_uplinks => ['br-ex:eth2'],:bridge_mappings => ['default:br-ex'])
end
it 'configures bridge mappings' do
is_expected.to contain_neutron_agent_ovs('ovs/bridge_mappings')
end
it 'should configure bridge mappings' do
is_expected.to contain_neutron__plugins__ovs__bridge(params[:bridge_mappings].join(',')).with(
:before => 'Service[neutron-ovs-agent-service]'
)
end
it 'should configure bridge uplinks' do
is_expected.to contain_neutron__plugins__ovs__port(params[:bridge_uplinks].join(',')).with(
:before => 'Service[neutron-ovs-agent-service]'
)
end
end
# TODO(bogdando) contribute change to upstream:
# replace neutron::plugins::ovs::bridge with l23network,
# once its ready to be contributed
# FIXME(xarses): Need to come up with a better method to support vswitch and
# l23network at the same time
# context 'when supplying bridge mappings for provider networks' do
# before :each do
# params.merge!(:bridge_uplinks => ['br-ex:eth2'],:bridge_mappings => ['default:br-ex'])
# end
#
# it 'configures bridge mappings' do
# is_expected.to contain_neutron_agent_ovs('ovs/bridge_mappings')
# end
#
# it 'should configure bridge mappings' do
# is_expected.to contain_neutron__plugins__ovs__bridge(params[:bridge_mappings].join(',')).with(
# :before => 'Service[neutron-ovs-agent-service]'
# )
# end
#
# it 'should configure bridge uplinks' do
# is_expected.to contain_neutron__plugins__ovs__port(params[:bridge_uplinks].join(',')).with(
# :before => 'Service[neutron-ovs-agent-service]'
# )
# end
# end
context 'when enabling tunneling' do
context 'without local ip address' do
@ -146,10 +155,14 @@ describe 'neutron::agents::ml2::ovs' do
is_expected.to contain_neutron_agent_ovs('ovs/enable_tunneling').with_value(true)
is_expected.to contain_neutron_agent_ovs('ovs/tunnel_bridge').with_value(default_params[:tunnel_bridge])
is_expected.to contain_neutron_agent_ovs('ovs/local_ip').with_value('127.0.0.1')
is_expected.to contain_vs_bridge(default_params[:tunnel_bridge]).with(
:ensure => 'present',
:before => 'Service[neutron-ovs-agent-service]'
)
# TODO(skolekonov) contribute change to upstream:
# do not create ovs bridges from manifests
# as Neutron handles them itself
# https://review.openstack.org/#/c/168848/
# is_expected.to contain_vs_bridge(default_params[:tunnel_bridge]).with(
# :ensure => 'present',
# :before => 'Service[neutron-ovs-agent-service]'
# )
end
end

20
deployment/puppet/neutron/spec/unit/provider/neutron_spec.rb
View File

@ -83,10 +83,11 @@ describe Puppet::Provider::Neutron do
it 'should set auth credentials in the environment' do
authenv = {
:OS_AUTH_URL => auth_endpoint,
:OS_USERNAME => credential_hash['admin_user'],
:OS_TENANT_NAME => credential_hash['admin_tenant_name'],
:OS_PASSWORD => credential_hash['admin_password'],
:OS_AUTH_URL => auth_endpoint,
:OS_USERNAME => credential_hash['admin_user'],
:OS_TENANT_NAME => credential_hash['admin_tenant_name'],
:OS_PASSWORD => credential_hash['admin_password'],
:OS_ENDPOINT_TYPE => 'internalURL',
}
klass.expects(:get_neutron_credentials).with().returns(credential_hash)
klass.expects(:withenv).with(authenv)
@ -95,11 +96,12 @@ describe Puppet::Provider::Neutron do
it 'should set region in the environment if needed' do
authenv = {
:OS_AUTH_URL => auth_endpoint,
:OS_USERNAME => credential_hash['admin_user'],
:OS_TENANT_NAME => credential_hash['admin_tenant_name'],
:OS_PASSWORD => credential_hash['admin_password'],
:OS_REGION_NAME => 'REGION_NAME',
:OS_AUTH_URL => auth_endpoint,
:OS_USERNAME => credential_hash['admin_user'],
:OS_TENANT_NAME => credential_hash['admin_tenant_name'],
:OS_PASSWORD => credential_hash['admin_password'],
:OS_ENDPOINT_TYPE => 'internalURL',
:OS_REGION_NAME => 'REGION_NAME',
}
cred_hash = credential_hash.merge({'nova_region_name' => 'REGION_NAME'})

2
deployment/puppet/neutron/spec/unit/provider/nova_admin_tenant_id_setter/neutron_spec.rb
View File

@ -137,7 +137,7 @@ describe 'Puppet::Type.type(:nova_admin_tenant_id_setter)' do
resource = Puppet::Type::Nova_admin_tenant_id_setter.new(params)
provider = provider_class.new(resource)
expect(provider.exists?).to be_falsey
expect { provider.create }.to raise_error KeystoneAPIError, /Found multiple matches for tenant name/
expect { provider.create }.to raise_error KeystoneAPIError, /Found multiple matches for domain name: 'multiple_matches_tenant'/
end
end

7
deployment/puppet/openstack/manifests/network.pp
View File

@ -4,7 +4,7 @@
class openstack::network (
# asdf = {} #Trick to color editor
$network_provider = 'neutron',
$agents = ['ml2-ovs'], # ovs, ml2-ovs metadata dhcp l3
$agents = ['ml2-ovs'], # ml2-ovs metadata dhcp l3
$ha_agents = false,
$verbose = false,
@ -20,6 +20,7 @@ class openstack::network (
$bridge_mappings = [],
$network_vlan_ranges = ['physnet2:1000:2999'],
$local_ip = false,
$tunnel_types = [],
# dhcp
$net_mtu = undef,
@ -183,7 +184,7 @@ class openstack::network (
auth_protocol => $auth_protocol,
auth_password => $admin_password,
auth_tenant => $admin_tenant_name,
auth_region => $auth_region,
auth_region => $region,
auth_user => $admin_username,
auth_uri => $auth_url,
@ -192,6 +193,7 @@ class openstack::network (
database_max_retries => -1,
agent_down_time => 15,
allow_automatic_l3agent_failover => true,
api_workers => min($::processorcount + 0, 50 + 0),
rpc_workers => min($::processorcount + 0, 50 + 0),
@ -265,6 +267,7 @@ class openstack::network (
network_vlan_ranges => $network_vlan_ranges,
bridge_mappings => $bridge_mappings,
local_ip => $local_ip,
tunnel_types => $tunnel_types,
#ML2 only
type_drivers => $type_drivers,

28
deployment/puppet/openstack/manifests/network/neutron_agents.pp
View File

@ -23,6 +23,7 @@ class openstack::network::neutron_agents (
$bridge_mappings = [],
$network_vlan_ranges = ['physnet1:1000:2999'],
$local_ip = false,
$tunnel_types = [],
# ML2 settings
$type_drivers = ['local', 'flat', 'vlan', 'gre', 'vxlan'],
@ -55,32 +56,6 @@ class openstack::network::neutron_agents (
$auth_region = 'RegionOne',
) {
if 'ovs' in $agents {
class { '::neutron::plugins::ovs':
tunnel_id_ranges => $tunnel_id_ranges[0],
tenant_network_type => $tenant_network_types[0],
network_vlan_ranges => $network_vlan_ranges[0],
}
class { '::neutron::agents::ovs':
integration_bridge => $integration_bridge,
tunnel_bridge => $tunnel_bridge,
bridge_mappings => $bridge_mappings,
enable_tunneling => $enable_tunneling,
local_ip => $local_ip,
manage_service => true,
enabled => true,
}
Service<| title == 'neutron-server' |> -> Service<| title == 'neutron-ovs-agent-service' |>
Service<| title == 'neutron-server' |> -> Service<| title == 'ovs-cleanup-service' |>
Exec<| title == 'waiting-for-neutron-api' |> -> Service<| title == 'neutron-ovs-agent-service' |>
if $ha_agents {
class {'cluster::neutron::ovs':
primary => $ha_agents ? { 'primary' => true, default => false},
}
}
}
if 'ml2-ovs' in $agents {
class { 'neutron::plugins::ml2':
type_drivers => $type_drivers,
@ -98,6 +73,7 @@ class openstack::network::neutron_agents (
bridge_mappings => $bridge_mappings,
enable_tunneling => $enable_tunneling,
local_ip => $local_ip,
tunnel_types => $tunnel_types,
manage_service => true,
enabled => true,
}

3
deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp
View File

@ -293,6 +293,7 @@ if $network_provider == 'neutron' {
if $neutron_settings['L2']['tunnel_id_ranges'] {
# tunneling_mode
$enable_tunneling = true
$tunnel_types = ['gre']
$tunnel_id_ranges = [$neutron_settings['L2']['tunnel_id_ranges']]
$tunneling_ip = get_network_role_property('neutron/mesh', 'ipaddr')
$iface = get_network_role_property('neutron/mesh', 'phys_dev')
@ -307,6 +308,7 @@ if $network_provider == 'neutron' {
$iface = get_network_role_property('neutron/private', 'phys_dev')
$mtu_for_virt_network = get_transformation_property('mtu', $iface[0])
$enable_tunneling = false
$tunnel_types = []
$tunneling_ip = false
$tunnel_id_ranges = []
}
@ -345,6 +347,7 @@ class { 'openstack::network':
network_vlan_ranges => $vlan_range,
enable_tunneling => $enable_tunneling,
tunnel_id_ranges => $tunnel_id_ranges,
tunnel_types => $tunnel_types,
verbose => true,
debug => hiera('debug', true),

3
deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp
View File

@ -156,6 +156,7 @@ if $network_provider == 'neutron' {
$mtu_for_virt_network = 1458
}
$enable_tunneling = true
$tunnel_types = ['gre']
$tunnel_id_ranges = [$neutron_settings['L2']['tunnel_id_ranges']]
$alt_fallback = split($neutron_settings['L2']['tunnel_id_ranges'], ':')
Openstack::Network::Create_network {
@ -168,6 +169,7 @@ if $network_provider == 'neutron' {
$iface = get_network_role_property('neutron/private', 'phys_dev')
$mtu_for_virt_network = get_transformation_property('mtu', $iface[0])
$enable_tunneling = false
$tunnel_types = []
$tunneling_ip = false
$tunnel_id_ranges = []
}
@ -240,6 +242,7 @@ class { 'openstack::network':
network_vlan_ranges => $vlan_range,
enable_tunneling => $enable_tunneling,
tunnel_id_ranges => $tunnel_id_ranges,
tunnel_types => $tunnel_types,
#Queue settings
queue_provider => hiera('queue_provider', 'rabbitmq'),

36
tests/noop/spec/hosts/openstack-network/openstack-network-compute_spec.rb
View File

@ -17,6 +17,18 @@ describe manifest do
'neutron_server' => 'false',
)
end
it 'should pass auth region to openstack::network' do
should contain_class('openstack::network').with(
'region' => 'RegionOne',
)
end
it 'should configure auth region for neutron-agents' do
should contain_class('openstack::network::neutron_agents').with(
'auth_region' => 'RegionOne',
)
end
else
it 'should declare openstack::network with neutron_server parameter set to false' do
should contain_class('openstack::network').with(
@ -54,6 +66,25 @@ describe manifest do
'changes' => "set net.bridge.bridge-nf-call-ip6tables '1'",
).that_comes_before('Service[libvirt]')
end
neutron_config = Noop.hiera_structure 'quantum_settings'
if neutron_config && neutron_config.has_key?('L2') && neutron_config['L2'].has_key?('tunnel_id_ranges')
tunnel_types = ['gre']
it 'should configure tunnel_types for neutron' do
should contain_class('openstack::network').with(
'tunnel_types' => tunnel_types,
)
should contain_class('neutron::agents::ml2::ovs').with(
'tunnel_types' => tunnel_types ? tunnel_types.join(",") : "",
)
end
elsif neutron_config && neutron_config.has_key?('L2') && !neutron_config['L2'].has_key?('tunnel_id_ranges')
it 'should declare openstack::network with tunnel_types set to []' do
should contain_class('openstack::network').with(
'tunnel_types' => [],
)
end
end
else
it 'should configure multi_host, send_arp_for_ha, metadata_host in nova.conf for nova-network' do
should contain_nova_config('DEFAULT/multi_host').with(
@ -66,6 +97,11 @@ describe manifest do
'value' => internal_address,
)
end
it 'should declare openstack::network with neutron disabled' do
should contain_class('openstack::network').with(
'neutron_server' => 'false',
)
end
end
end # end of shared_examples

50
tests/noop/spec/hosts/openstack-network/openstack-network-controller_spec.rb
View File

@ -17,6 +17,56 @@ describe manifest do
'neutron_server' => 'true',
)
end
it 'should declare neutron::agents::ml2::ovs with manage_service enabled' do
should contain_class('neutron::agents::ml2::ovs').with(
'manage_service' => 'true',
)
end
it 'should pass auth region to openstack::network' do
should contain_class('openstack::network').with(
'region' => 'RegionOne',
)
end
it 'should configure auth region for neutron-server' do
should contain_class('neutron::server').with(
'auth_region' => 'RegionOne',
)
end
it 'should configure auth region for neutron-server-notifications' do
should contain_class('neutron::server::notifications').with(
'nova_region_name' => 'RegionOne',
)
end
it 'should configure auth region for neutron-agents' do
should contain_class('openstack::network::neutron_agents').with(
'auth_region' => 'RegionOne',
)
end
neutron_config = Noop.hiera_structure 'quantum_settings'
if neutron_config && neutron_config.has_key?('L2') && neutron_config['L2'].has_key?('tunnel_id_ranges')
tunnel_types = ['gre']
it 'should configure tunnel_types for neutron' do
should contain_class('openstack::network').with(
'tunnel_types' => tunnel_types,
)
should contain_class('neutron::agents::ml2::ovs').with(
'tunnel_types' => tunnel_types ? tunnel_types.join(",") : "",
)
end
elsif neutron_config && neutron_config.has_key?('L2') && !neutron_config['L2'].has_key?('tunnel_id_ranges')
it 'should declare openstack::network with tunnel_types set to []' do
should contain_class('openstack::network').with(
'tunnel_types' => [],
)
end
end
else
it 'should declare openstack::network with neutron disabled' do
should contain_class('openstack::network').with(