This change adds support for network configuration via systemd-networkd
on Ubuntu systems.
This is implemented via an Ansible Galaxy role,
stackhpc.systemd_networkd which was forked from
aruhier.systemd_networkd. Several improvements were made in
https://github.com/stackhpc/ansible-role-systemd-networkd/pull/1,
including:
* Add support for removing unexpected config files
* Use become where necessary
* Refactor config generation into a single task to improve performance
The systemd_networkd role does not add much abstraction on top of the
systemd-networkd configuration file format, which provides a lot of
flexibility at the expense of additional code in Kayobe. This code is
implemented as filter plugins, similarly to the existing
MichaelRigart.interfaces role.
This patch includes support for:
* Ethernet interfaces
* bridges
* bonds
* VLANs
* virtual Ethernet pairs (to connect Linux bridges and OVS bridges)
* static IP addresses
* static routes
* MTU
Some network attributes are currently not supported for
systemd-networkd:
* rules
* route options
* ethtool_opts
* zone
* allowed addresses
Story: 2004960
Task: 41881
Change-Id: I248b5bb9ce5a80a07a2a311cb3aca6daca920720
Currently it is possible to set the CIDR, gateway and route table for
static routes. Other options cannot be set. This change adds support for
setting arbitrary options via an 'options' attribute in the route, which
should be a list of additional options to apply.
Depends on
https://github.com/michaelrigart/ansible-role-interfaces/pull/74.
Story: 2007835
Task: 40122
Change-Id: Ib27deac4ddf4976a571b192ee5d1b8ca57701916
Steps to reproduce:
* Define a separate network for the external API network
* Don't define a cidr field for the new network (prevents IPs being
allocated to hosts on this network)
* Set the vip_address field for the network (and optionally fqdn)
* kayobe overcloud host configure
* kayobe overcloud service deploy
* kayobe overcloud host configure (again)
On the final command, keepalived will have created a VIP on the
interface, causing the command to fail with an error like the following:
Interface eth0 has an IPv4 address but none was requested
This change fixes the issue by passing the VIP address as an allowed
address to the MichaelRigart.interfaces role. This depends on
https://github.com/michaelrigart/ansible-role-interfaces/pull/71.
Change-Id: Ic86c0ca1b8209c968cb20a11bb3f40da71f296d0
Story: 2007736
Task: 39902
Adds support for setting the boot protocol of a network interface. Valid values
are 'static' and 'dhcp'. The default is 'static'. When set to 'dhcp', an
external DHCP server must be provided.
Change-Id: Ie4cafdcd24c6706009ca9e8accac2017d7d6bba7
Story: 2001967
Task: 15717
Allow the physical network interface configuration to be limited to a subset of
interfaces, either by interface name or switch interface description. This is done
via:
kayobe physical network configure --interface-limit interface1,interface2
or
kayobe physical network configure --interface-description-limit host1,host2
Fixes: #25
Currently we use the switch interface descriptions in the
switch_interface_config variable with the
kolla_neutron_ml2_generic_switch_trunk_port_hosts variable to generate a list
of ports for each switch that should be added as trunk ports to all networks.
This change allows switch interfaces to be given an 'ngs_trunk_port' boolean
field which can be used to exclude matching interfaces from the list. This
may be useful in cases where a host has multiple interfaces but only some
should be added as trunk ports.
These allow us to use different gateways for compute nodes on the inspection
and provisioning networks than on the control plane hosts also accessing these
networks.
A network may be assigned a physical network by defining a variable of
the form <network>_physical_network. Currently this is not used by
kayobe but may be referenced in configuration e.g. when setting
neutron_vlan_ranges.
We use the switch interface configuration to provide a list of interfaces
to the neutron ML2 generic switch driver to be configured as trunk ports
in each neutron network. These interfaces correspond to the controllers
by default, which need access to all of the networks in order to provide
services such as DHCP and routing.
Related-Bug: #1690115
For VLAN networks we need to use a tagged Linux bridge on the controller with a
veth pair to link it to the corresponding Neutron OVS bridge. This must be done
for the physical network(s) carrying the provisioning, tenant, and external
network traffic. We also need untagged VLAN subinterfaces on the tagged bridge
for the controller to communicate on these networks with.
The network interface role in use requires that we use two passes through
interface configuration to ensure that VLAN subinterfaces can be added to
bridge interfaces.
Finally, we must configure Ironic with the name of the Neutron network used
for provisioning.
