Adds support for Functional Nova-Network

Previously, the nova-network service was not fully functional.
This patch adds multi-interface support to the nova-network
container. The eth0 configuration is moved to a bridge (br100 per
nova defaults), and configures eth0 and eth1 as bridged
interfaces. eth0 is used for the nova-flat network and eth1 for
foating-ip's. This model is identical to typical bare-metal
nova-network deployments. The patch depends on the following patch
to kube-heat template that provides multiple interfaces per minion:

https://github.com/larsks/heat-kubernetes/pull/8

Rebased. Fixed merge conflict with k8s/pod/nova-compute-pod.yaml

Change-Id: Ieb59f397981a226555ce55ca621ef578b987e3c6

docker/nova-base/config-nova.sh

@@ -25,7 +25,6 @@ crudini --set $cfg DEFAULT rabbit_password "${RABBIT_PASSWORD}"
 crudini --set $cfg DEFAULT rabbit_virtual_host /
 crudini --set $cfg DEFAULT rabbit_ha_queues False
 crudini --set $cfg DEFAULT rpc_backend nova.openstack.common.rpc.impl_kombu
-
 crudini --set $cfg DEFAULT enabled_apis ec2,osapi_compute,metadata
 crudini --set $cfg DEFAULT ec2_listen 0.0.0.0
 crudini --set $cfg DEFAULT osapi_compute_listen 0.0.0.0
@@ -36,13 +35,9 @@ crudini --set $cfg DEFAULT service_down_time 60
 crudini --set $cfg DEFAULT rootwrap_config /etc/nova/rootwrap.conf
 crudini --set $cfg DEFAULT auth_strategy keystone
 crudini --set $cfg DEFAULT use_forwarded_for False
-#crudini --set $cfg DEFAULT service_neutron_metadata_proxy True
-#crudini --set $cfg DEFAULT neutron_metadata_proxy_shared_secret ${NEUTRON_SHARED_SECRET}
-#crudini --set $cfg DEFAULT neutron_default_tenant_id default
 crudini --set $cfg DEFAULT novncproxy_host 0.0.0.0
 crudini --set $cfg DEFAULT novncproxy_port 6080
 crudini --set $cfg DEFAULT glance_api_servers ${GLANCE_API_SERVICE_HOST}:9292
-#crudini --set $cfg DEFAULT network_api_class nova.network.neutronv2.api.API
 crudini --set $cfg DEFAULT metadata_host ${MY_IP}
 crudini --set $cfg DEFAULT cpu_allocation_ratio 16.0
 crudini --set $cfg DEFAULT ram_allocation_ratio 1.5
@@ -50,7 +45,6 @@ crudini --set $cfg DEFAULT scheduler_default_filters RetryFilter,AvailabilityZon
 crudini --set $cfg DEFAULT compute_driver nova.virt.libvirt.LibvirtDriver
 crudini --set $cfg DEFAULT vif_plugging_is_fatal True
 crudini --set $cfg DEFAULT vif_plugging_timeout 300
-#crudini --set $cfg DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
 crudini --set $cfg DEFAULT novncproxy_base_url http://${PUBLIC_IP}:6080/vnc_auto.html
 crudini --set $cfg DEFAULT vncserver_listen 0.0.0.0
 crudini --set $cfg DEFAULT vncserver_proxyclient_address ${MY_IP}
@@ -67,18 +61,6 @@ crudini --set $cfg DEFAULT admin_token "${KEYSTONE_ADMIN_TOKEN}"
 
 crudini --set $cfg conductor workers 8
 
-crudini --set /etc/nova/nova.conf DEFAULT network_manager nova.network.manager.FlatDHCPManager
-crudini --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver
-crudini --set /etc/nova/nova.conf DEFAULT network_size 254
-crudini --set /etc/nova/nova.conf DEFAULT allow_same_net_traffic False
-crudini --set /etc/nova/nova.conf DEFAULT multi_host True
-crudini --set /etc/nova/nova.conf DEFAULT send_arp_for_ha True
-crudini --set /etc/nova/nova.conf DEFAULT share_dhcp_address True
-crudini --set /etc/nova/nova.conf DEFAULT force_dhcp_release True
-crudini --set /etc/nova/nova.conf DEFAULT flat_interface flat0
-crudini --set /etc/nova/nova.conf DEFAULT flat_network_bridge br100
-crudini --set /etc/nova/nova.conf DEFAULT public_interface eth0
-
 # disabled pending answers to http://lists.openstack.org/pipermail/openstack/2014-October/009997.html
 #for option in auth_protocol auth_host auth_port; do
 #    crudini --del $cfg \

docker/nova-compute/nova-network/Dockerfile

@@ -4,6 +4,7 @@ MAINTAINER Kolla Project (https://launchpad.net/kolla)
 RUN yum -y install openstack-nova-network \
         bridge-utils && yum clean all
 
+ADD config-nova-network.sh /opt/kolla/config-nova-network.sh
 ADD ./start.sh /start.sh
 
 VOLUME [ "/var/lib/nova" ]

docker/nova-compute/nova-network/config-nova-network.sh

@@ -0,0 +1,30 @@
+#!/bin/sh
+
+. /opt/kolla/config-nova.sh
+
+check_required_vars CONFIG_NETWORK
+
+# Configure eth1 as a physcial interface for nova flat network
+cat > /etc/sysconfig/network-scripts/ifcfg-eth1 <<EOF
+DEVICE="eth1"
+BOOTPROTO="none"
+ONBOOT="yes"
+DEFROUTE="yes"
+TYPE="Ethernet"
+EOF
+
+/sbin/ifup eth1
+
+cfg=/etc/nova/nova.conf
+
+crudini --set $cfg DEFAULT network_manager nova.network.manager.FlatDHCPManager
+crudini --set $cfg DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver
+crudini --set $cfg DEFAULT network_size 254
+crudini --set $cfg DEFAULT allow_same_net_traffic False
+crudini --set $cfg DEFAULT multi_host True
+crudini --set $cfg DEFAULT send_arp_for_ha True
+crudini --set $cfg DEFAULT share_dhcp_address True
+crudini --set $cfg DEFAULT force_dhcp_release True
+crudini --set $cfg DEFAULT flat_interface eth1
+crudini --set $cfg DEFAULT flat_network_bridge br100
+crudini --set $cfg DEFAULT public_interface eth0

docker/nova-compute/nova-network/start.sh

@@ -2,14 +2,7 @@
 
 set -e
 
-. /opt/kolla/config-nova.sh
-
-/usr/sbin/brctl addbr br100
-ip link set br100 up
-
-# This is a dummy interface
-ip link add flat0 type veth peer name flat1
-ip link set flat0 up
-ip link set flat1 up
+. /opt/kolla/config-nova-network.sh
 
+# Start nova-network
 exec /usr/bin/nova-network

k8s/pod/nova-compute-pod.yaml

@@ -1,37 +1,39 @@
 desiredState:
   manifest:
     containers:
-    - env:
-      - name: DB_ROOT_PASSWORD
-        value: password
-      - name: NOVA_DB_PASSWORD
-        value: novadbpassword
-      - name: KEYSTONE_ADMIN_TOKEN
-        value: ADMINTOKEN
-      image: kollaglue/fedora-rdo-nova-compute
-      name: nova-compute
-    - env:
-      - name: DB_ROOT_PASSWORD
-        value: password
-      - name: NOVA_DB_PASSWORD
-        value: novadbpassword
-      - name: KEYSTONE_ADMIN_TOKEN
-        value: ADMINTOKEN
-      image: kollaglue/fedora-rdo-nova-libvirt
-      name: nova-libvirt
-      ports:
-      - containerPort: 16509
-    - env:
-      - name: DB_ROOT_PASSWORD
-        value: password
-      - name: CEILOMETER_DB_PASSWORD
-        value: ceilometerdbpassword
-      - name: KEYSTONE_ADMIN_TOKEN
-        value: ADMINTOKEN
-      image: kollaglue/fedora-rdo-ceilometer-compute
-      name: ceilometer-compute
+      - name: nova-compute
+        env:
+          - name: DB_ROOT_PASSWORD
+            value: password
+          - name: NOVA_DB_PASSWORD
+            value: novadbpassword
+          - name: KEYSTONE_ADMIN_TOKEN
+            value: ADMINTOKEN
+        image: kollaglue/fedora-rdo-nova-compute
+        privileged: true
+      - name: nova-network
+        env:
+          - name: DB_ROOT_PASSWORD
+            value: password
+          - name: NOVA_DB_PASSWORD
+            value: novadbpassword
+          - name: KEYSTONE_ADMIN_TOKEN
+            value: ADMINTOKEN
+          - name: CONFIG_NETWORK
+            value: true
+        image: kollaglue/fedora-rdo-nova-network
+        privileged: true
+      - name: ceilometer-compute
+        env:
+          - name: DB_ROOT_PASSWORD
+            value: password
+          - name: CEILOMETER_DB_PASSWORD
+            value: ceilometerdbpassword
+          - name: KEYSTONE_ADMIN_TOKEN
+            value: ADMINTOKEN
+        image: kollaglue/fedora-rdo-ceilometer-compute
     id: nova-1
     version: v1beta1
-id: nova
+id: nova-compute
 labels:
   name: nova-compute

tools/start-all-pods

@@ -8,6 +8,7 @@ mariadb
 keystone
 glance
 nova-controller
+nova-compute
 neutron-controller
 heat
 ceilometer-controller